Last modified: março 14, 2025
Policy No. 4204 Employee Security Awareness Training Procedure
Visão geral
The most effective way to ensure that PCSD employees do not make costly errors regarding information security is to implement district-wide security-awareness training initiatives. These initiatives include, but are not limited to:
- Instructor-led training sessions
- Mandatory yearly SafeSchools customized training for all employees
- Additional required SafeSchools training for employees with access to sensitive information
Available tools include a security awareness website, helpful hints via email, Tech Talk publications, posters, and promotions.
Finalidade
These methods help ensure employees have a solid understanding of PCSD’s security policies, procedures, and best practices. Employees shall also have a basic understanding of the following security-related topics:
- Social engineering tactics
- Email and messaging security
- Safe internet browsing
- Social networking threats
- Mobile device security
- Password best practices
- Data classification
- Data transmission and encryption
- Data destruction
- Wi-Fi security
- Working remotely
- Insider threats from students and staff
- Physical security issues
- Protecting personal and work computers
- Copyright infringements
- Malware and virus protection
- Sharing files with local and state entities
- Workspace security
Escopo
All PCSD employees shall receive security-specific training annually.
Procedimento
Types of Training Implemented
- Instructor-led training – As needed.
- SafeSchools training videos and certificates
- Basic security video training to be completed yearly by all employees.
- Additional, more in-depth training required for users with access to P.I.I.
- Completion of training to be monitored by Human Resources (HR).
- Security Awareness Website
- General information
- Video resources
- Links to policies and procedures
- Links to additional security-related resources
- Dicas úteis
- Notifications will be sent when there is a significant security risk or threat.
- Continued distribution of Tech Talk newsletters regarding information security.
- Utilization of additional means necessary to inform employees of security information and training opportunities.
Last Update Status:
Updated January 2015
Related Policies and Procedures
- 4204 Uso aceitável
- 4204 Auditoria
- 4204 Mesa limpa
- 4204 Plano de recuperação de desastres
- 4204 E-mail
- 4204 Treinamento de conscientização de segurança para funcionários
- Criptografia 4204
- 4204 Senha
- 4204 Acesso remoto
- 4204 Segurança do roteador e do switch
- 4204 Segurança para estações de trabalho confidenciais
- 4204 Plano de resposta de segurança
- Segurança do servidor 4204
- Instalação do software 4204
- 4204 Segurança dos serviços do site
- 4204 Comunicação de dispositivos sem fio
- 4204 Comunicação de infraestrutura sem fio