Educause Security Discussion mailing list archives
Re: Security Awareness Training - a rehash
From: David Stack <dstack () UWSA EDU>
Date: Wed, 12 Jul 2017 17:42:44 +0000
The University of Wisconsin System has a policy that requires security awareness training. https://www.wisconsin.edu/uw-policies/uw-system-administrative-policies/information-security-awareness/ A few of the salient elements: Any individual or entity that has access to moderate or high risk data must: 1. Upon hire and annually thereafter, acknowledge and accept the UW System Acceptable Use Policy and any applicable institutional Acceptable Use Policy. Access to UW System data and information technology resources may be withheld until the Acceptable Use Policy(s) have been accepted. 2. Annually complete information security awareness training, which acknowledges that they are aware of security best practices, and their roles in protecting the university’s systems and data. All newly hired employees are required to complete the information security awareness training within 30 days of their initial hire date. 3. All contractors, consultants and business partners are required to abide by UW System acceptable use policies prior to being given access to university systems and data resources, when possible. Students with access to only their own data, will on an annual basis: 1. Receive notification of the UW System Acceptable Use Policy and any applicable institutional Acceptable Use Policy. 2. Have access to an information security awareness training which includes security best practices, and their roles in protecting the University’s systems and data. Revisions to the policy are in the works. All of the UW System institutions have access to the “LawRoom” training modules from Everfi and that is the default training unless an institution already had something of its own. Administering the training is an “other duties as assigned” activity for the IT staff at the campuses. — David David Stack Interim Associate VP & CIO University of Wisconsin System dstack () uwsa edu From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Chad Tracy <chad.tracy () COLBY EDU> Reply-To: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> Date: Wednesday, July 12, 2017 at 12:15 PM To: "SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] Security Awareness Training - a rehash Afternoon, I am new to the board and did a cursory look at past posts but could not find anything recent regarding what folks are doing for awareness training. We are looking to implement security awareness training here at Colby and I am curious as to what you all use. Could you please assist by completing this quick Google Survey (8ish questions - 3 minutes tops) for me so I can better understand what the rest of you all are doing? I will be prepared to share the results upon the completion of this survey. https://goo.gl/forms/Oko29fesYQZUpMaG3 Thank you for your time and efforts! Chad Tracy Director of Information Security Colby College Waterville, ME 04901 207 . 859 . 4199 chad.tracy () colby edu<mailto:chad.tracy () colby edu>
Current thread:
- Security Awareness Training - a rehash Chad Tracy (Jul 12)
- Re: Security Awareness Training - a rehash David Stack (Jul 12)
- <Possible follow-ups>
- Re: Security Awareness Training - a rehash Ben Woelk (Jul 12)
- Re: Security Awareness Training - a rehash Chad Tracy (Jul 12)