Last modified: 14 kovo, 2025
Policy No. 4204 Employee Security Awareness Training Procedure
Apžvalga
The most effective way to ensure that PCSD employees do not make costly errors regarding information security is to implement district-wide security-awareness training initiatives. These initiatives include, but are not limited to:
- Instructor-led training sessions
- Mandatory yearly SafeSchools customized training for all employees
- Additional required SafeSchools training for employees with access to sensitive information
Available tools include a security awareness website, helpful hints via email, Tech Talk publications, posters, and promotions.
Tikslas
These methods help ensure employees have a solid understanding of PCSD’s security policies, procedures, and best practices. Employees shall also have a basic understanding of the following security-related topics:
- Social engineering tactics
- Email and messaging security
- Safe internet browsing
- Social networking threats
- Mobile device security
- Password best practices
- Data classification
- Data transmission and encryption
- Data destruction
- Wi-Fi security
- Working remotely
- Insider threats from students and staff
- Physical security issues
- Protecting personal and work computers
- Copyright infringements
- Malware and virus protection
- Sharing files with local and state entities
- Workspace security
Apimtis
All PCSD employees shall receive security-specific training annually.
Procedūra
Types of Training Implemented
- Instructor-led training – As needed.
- SafeSchools training videos and certificates
- Basic security video training to be completed yearly by all employees.
- Additional, more in-depth training required for users with access to P.I.I.
- Completion of training to be monitored by Human Resources (HR).
- Security Awareness Website
- General information
- Video resources
- Links to policies and procedures
- Links to additional security-related resources
- Naudingi patarimai
- Notifications will be sent when there is a significant security risk or threat.
- Continued distribution of Tech Talk newsletters regarding information security.
- Utilization of additional means necessary to inform employees of security information and training opportunities.
Last Update Status:
Updated January 2015
Related Policies and Procedures
- 4204 Priimtinas naudojimas
- 4204 Auditas
- 4204 Švarus stalas
- 4204 Atkūrimo po nelaimės planas
- 4204 El. paštas
- 4204 Darbuotojų informuotumo apie saugumą mokymas
- 4204 Šifravimas
- 4204 Slaptažodis
- 4204 Nuotolinė prieiga
- 4204 Maršrutizatorių ir komutatorių saugumas
- 4204 Jautrių darbo vietų saugumas
- 4204 Saugumo reagavimo planas
- 4204 Serverio saugumas
- 4204 Programinės įrangos diegimas
- 4204 Interneto svetainių paslaugos Saugumas
- 4204 Belaidis įrenginio ryšys
- 4204 Belaidis infrastruktūros ryšys