Educause Security Discussion mailing list archives

Re: New Employee Security Training

From: "Carroll, Tim" <Carrolltd () ROANESTATE EDU>
Date: Mon, 19 Jun 2017 11:40:58 +0000

Thomas,

We require annual Cyber Security training of all employees.  We use the SANS Securing the Human training.  We divide 
employees into training groups depending on the training needed.  Some groups of employees need additional training 
modules based on roles such as PCI-DSS, Red Flag Rules, etc.  The basic modules are mandatory as are the role base 
training for special groups.  Securing the Human also allows us to embed a mandatory review of local policies with an 
acknowledgement to satisfy auditors.  Finally, Securing the Human provides optional modules that cover Cyber Security 
training for home users.

Cost is reasonable, even for a small to medium Community College.

Regards,

Timothy D. Carroll
Timothy D. Carroll
Assistant Vice President and Chief Information Officer
Information Technology
Roane State Community College

[cid:image001.jpg@01D2E8CF.63C820E0]

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Thomas 
Carter
Sent: Friday, June 16, 2017 3:33 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] New Employee Security Training

Does anyone do IT security training as part of on-boarding new employees? If so, what do you cover? Who does the 
training (IT, HR, or?)? When is the training done? How well does it seem to work for you? What would you do differently?

We would like to implement something like this, but are afraid of overwhelming a new employee during their HR 
orientation. Something done a week or two later may have a better chance of sticking with the end user, but requires 
much more time and organization on our part.

Thomas Carter
Network & Operations Manager / IT
Austin College
900 North Grand Avenue
Sherman, TX 75090
Phone: 903-813-2564
www.austincollege.edu<http://www.austincollege.edu/>


________________________________

This email is intended for the addressee and may contain privileged information. If you are not the addressee, you are 
not permitted to use or copy this email or its attachments nor may you disclose the same to any third party. If this 
has been sent to you in error, please delete the email and notify us by replying to this email immediately.

Current thread:

New Employee Security Training Thomas Carter (Jun 16)
- Re: New Employee Security Training James Valente (Jun 16)
- Re: New Employee Security Training Ullman, Catherine (Jun 16)
  - Re: New Employee Security Training Hart, Michael (Jun 16)
- Re: New Employee Security Training Carroll, Tim (Jun 19)
- Re: New Employee Security Training Ludwig, Linda (Jun 19)
  - Re: New Employee Security Training Lovaas,Steven (Jun 19)
    - Re: New Employee Security Training Telfer, Will (Jun 19)
    - Re: New Employee Security Training Riemer, Stan (Jun 19)
    - Re: New Employee Security Training Dan Lewis (Jun 20)
    - Re: New Employee Security Training Johnson, Kyle A (Jun 20)
- <Possible follow-ups>
- Re: New Employee Security Training Hudson, Edward (Jun 16)
- Re: New Employee Security Training Davis, Kevin (Jun 16)