Re: User Awareness Program

[Tom Steuver <steuver () EXCHANGE NKU EDU>]

I've had numerous requests for copies of the Security Awareness Seminar here
at NKU and I hope I have replied to all of you.  If I haven't replied to
you, please let me know.

As we work on additional security implementations and policies, the seminar
will change down the road.  If we could work on a seminar "template" that
each school can start with and change to fit the requirements and
implementation of the school and keep the template up-to-date with the
latest security info, we could make it easier to start security awareness
programs.  Keeping in mind that our users are not "technical", we try not to
go over their heads but make sure they understand and can maintain the
security practices that we require.

We can secure our networks and servers, but if the users aren't practicing
security then what's the use?

Tom

-----Original Message-----
From: Tom Steuver
Sent: Friday, June 27, 2003 8:45 AM
To: 'The EDUCAUSE Security Discussion Group Listserv'
Subject: RE: [SECURITY] User Awareness Program


At NKU, I developed a one-hour "non-technical" security awareness seminar
that has been offered and attended by many faculty and staff.  All IT staff
are required to attend the seminar.  We are trying to require that all new
faculty and staff attend the seminar as well.  We also are developing a
security web site with all the needed information.

I can send you a copy of the seminar information if you like.

Thomas Steuver
Manager, Network and Infrastructure Systems/Security Coordinator Information
Technology Northern Kentucky University steuver () nku edu


-----Original Message-----
From: Steven R. Smith [mailto:Steven.R.Smith () HOFSTRA EDU]
Sent: Wednesday, June 25, 2003 11:03 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] User Awareness Program


We'd like to start a system security user awareness program at our
University.  We don't want it to be a 1 time event (like a single email),
but we also don't want it to be so intrusive (and/or boring) that people
ignore the message.  I'm wondering what other schools have done, and if you
wouldn't mind sharing the cost of any programs you've implemented.  It might
give me some ammunition to get some funding.

Any help would be much appreciated.

Thanks in advance.

Steve.


Steven R. Smith
IS Security Specialist
Hofstra University
516.463.3944

**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/memdir/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/memdir/cg/.