|
An INFORMATION SECURITY AWARENESS program is a TOOL that all companies, regardless of size, need to implement. Without one, serious IT risks may be overlooked. It is the ADVANTAGE of knowing what types of security issues and INCIDENTS staff members may face in the DAY-TO-DAY ROUTINE of their job function. Awareness of the risks and available safeguards is the FIRST LINE OF DEFENSE for security of information systems and networks.
As cited in audit reports, periodicals, and conference presentations, it is generally understood by the IT security professional community that PEOPLE ARE ONE OF THE WEAKEST links in attempts to secure systems and networks. The “PEOPLE FACTOR” - not technology - is KEY TO PROVIDING an adequate and APPROPRIATE LEVEL OF SECURITY. If people are the key, but are also a weak link, more and better attention must be paid to this “asset.” A robust and enterprise wide awareness program is PARAMOUNT to ensuring that people understand their IT security responsibilities, organizational policies, and how to PROPERLY USE and protect the IT resources entrusted to them.
The threat to information assets has never been so great. Vulnerabilities range fromeavesdropping on a phone call to a STOLEN LAPTOP or even a MISCONFIGURED PASSWORD.Yet, small CHANGES IN BEHAVIOR can have a huge upside for information security. That’s why it’s every employee’s duty – from the EXECUTIVE SUITE TO THE PRODUCTION LINE – to make security a priority.
The OBJECTIVE of the Axoss SECURITY AWARENESS service is to CHANGE THE ACTUAL BEHAVIOR OF PEOPLE by raising awareness and providing appropriate training so that each member of the Organization can PROTECT their confidential electronic Information and:
- BETTER UNDERSTAND the RISKS when using and storing electronic information;
- BETTER UNDERSTAND how to REDUCE the risks to the confidentiality, integrity, and availability of confidential electronic information;
- BETTER UNDERSTAND their ROLES AND RESPONSIBILITIES for the protection of information and systems.
|
|
|
