Educause Security Discussion mailing list archives
Re: Enforcement of Security Training for Faculty/Staff
From: Anand S Malwade <Anand.Malwade () SHU EDU>
Date: Mon, 1 Mar 2010 10:11:24 -0500
We initiated IT Security Training and Awareness last year targeting Administrative Staff and employees during monthly HR orientation which is mandatory and employees have to acknowledge a technology usage form that is kept in their personnel file . We intend to start this for faculty as well during their bi-annual orientation coming Fall Semester. Anand Malwade Information Security Officer, Seton Hall University. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jansen, Morgan R. Sent: Monday, March 01, 2010 9:42 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Enforcement of Security Training for Faculty/Staff Good Morning, I do not have an answer for this but I am very interested in the replies. We are in the planning stages of something similar here. Thanks! Thank you, Morgan Jansen Information Technology Security Specialist Rosalind Franklin University of Medicine and Science phone: (847) 578-8369 fax: (847) 578-3202 email: morgan.jansen () rosalindfranklin edu P Please consider the environment before printing this email. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Matthew Giannetto Sent: Sunday, February 28, 2010 11:02 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Enforcement of Security Training for Faculty/Staff Folks, We're currently planning IT Security Training & Awareness at our college, and are struggling with some of the same challenges I'm sure most of you have faced. We're currently debating if we can require IT Security Training for faculty, and if so, how do we enforce it. I've gone through much of the previous discussion regarding training and awareness and how to gain faculty acceptance. In general, it seems that the majority of institutions can't convince upper management to buy-in to a mandate (primarily due to culture or contractual limitations), and thus are left to find creative ways to design and market their training to encourage participation. But, much of the earlier conversation doesn't address how institutions that require IT security training enforce the requirement? Do you turn off network accounts if they don't complete training by a certain date? Do you make a note in their personnel file? Do you just keep pestering them until they do it? Any feedback you may have is greatly appreciated. Thanks, Matt Giannetto Manager of IT Security Montgomery County Community College mgiannetto () mc3 edu | (215) 619-7442 ________________________________ Montgomery County Community College is proud to be the #1 ranked technology-savvy community college in the nation, as determined by the Center for Digital Education and Converge magazine.
Current thread:
- Enforcement of Security Training for Faculty/Staff Matthew Giannetto (Feb 28)
- <Possible follow-ups>
- Re: Enforcement of Security Training for Faculty/Staff Jansen, Morgan R. (Mar 01)
- Re: Enforcement of Security Training for Faculty/Staff Anand S Malwade (Mar 01)
- Re: Enforcement of Security Training for Faculty/Staff David Escalante (Mar 01)
- Re: Enforcement of Security Training for Faculty/Staff Patria, Patricia (Mar 01)
- Re: Enforcement of Security Training for Faculty/Staff Chris Kidd (Mar 01)
- Re: Enforcement of Security Training for Faculty/Staff Sherry Callahan (Mar 01)
- Enforcement of Security Training for Faculty/Staff Conlee, Keith (Mar 09)
- Re: Enforcement of Security Training for Faculty/Staff Steve Werby (Mar 11)
- Re: Enforcement of Security Training for Faculty/Staff Kimberly Heimbrock (Mar 11)