Последнее изменение: 19 марта, 2025

Policy No. 4204 Employee Security Awareness Training Procedure

• Download Employee Security Awareness Training Procedure Document

Обзор

The most effective way to ensure that PCSD employees do not make costly errors regarding information security is to implement district-wide security-awareness training initiatives. These initiatives include, but are not limited to:

• Instructor-led training sessions
• Mandatory yearly SafeSchools customized training for all employees
• Additional required SafeSchools training for employees with access to sensitive information

Available tools include a security awareness website, helpful hints via email, Tech Talk publications, posters, and promotions.

Назначение

These methods help ensure employees have a solid understanding of PCSD’s security policies, procedures, and best practices. Employees shall also have a basic understanding of the following security-related topics:

• Social engineering tactics
• Email and messaging security
• Safe internet browsing
• Social networking threats
• Mobile device security
• Password best practices
• Data classification
• Data transmission and encryption
• Data destruction
• Wi-Fi security
• Working remotely
• Insider threats from students and staff
• Physical security issues
• Protecting personal and work computers
• Copyright infringements
• Malware and virus protection
• Sharing files with local and state entities
• Workspace security

Область применения

All PCSD employees shall receive security-specific training annually.

Процедура

Types of Training Implemented

• Instructor-led training – As needed.
• SafeSchools training videos and certificates
  • Basic security video training to be completed yearly by all employees.
  • Additional, more in-depth training required for users with access to P.I.I.
  • Completion of training to be monitored by Human Resources (HR).
• Security Awareness Website
  • General information
  • Video resources
  • Links to policies and procedures
  • Links to additional security-related resources
• Полезные советы
  • Notifications will be sent when there is a significant security risk or threat.
  • Continued distribution of Tech Talk newsletters regarding information security.
  • Utilization of additional means necessary to inform employees of security information and training opportunities.

Статус последнего обновления:

Обновлено в январе 2015 года

Соответствующие политики и процедуры

• 4204 Использование технологий
• 4204 Допустимое использование
• 4204 Аудит
• 4204 Чистый стол
• 4204 План аварийного восстановления
• 4204 Электронная почта
• 4204 Обучение сотрудников мерам безопасности
• 4204 Шифрование
• 4204 Пароль
• 4204 Удаленный доступ
• 4204 Безопасность маршрутизаторов и коммутаторов
• 4204 Безопасность чувствительных рабочих станций
• 4204 План действий по обеспечению безопасности
• 4204 Безопасность сервера
• 4204 Установка программного обеспечения
• 4204 Безопасность веб-сервисов
• 4204 Связь с беспроводными устройствами
• 4204 Беспроводная инфраструктура связи