Train your employees in basic security principles.
Employees who use any computer programs containing sensitive information should be told about that information and must be taught how to properly use and protect that information. On the first day that your new employees start work, they need to be taught what your information security policies are and what they are expected to do to protect your sensitive business information. They need to be taught what your policies require for their use of your computers, networks, and Internet connections.
In addition, teach them your expectations concerning limited personal use of telephones, printers, and any other business owned or provided resources. After this training, they should be requested to sign a statement that they understand these business policies, that they will follow your policies, and that they understand the penalties for not following your policies. (You will need clearly spelled-out penalties for violation of business policies.)
Set up and teach "rules of behavior" which describe how to handle and protect customer data and other business data. This may include not taking business data home or rules about doing business work on home computers.
Having your employees trained in the fundamentals of information, system, and network security is one of the most effective investments you can make to better secure your business information, systems, and networks. You want to develop a "culture of security" in your employees and in your business.
Typical providers of such security training could be your local Small Business Development Center (SBDC), community college, technical college, or commercial training vendors.
No comments:
Post a Comment