Embed Size (px)
Citation preview
DATASECURITY365
Training for
Everyone
HRFINANCE LEGAL IT MARKETING
DATA SECURITY& PRIVACYTRAINING
DATASECURITY365
What is Data Security and PrivacyCompliance Training?The objective of this training is to ensure that allyour employees can clearly Identify, Mitigate andReport any potential cyber threats to yourorganization.
This compliance training is designed for allemployee role types from office administration to CXO. See below for our learning objectives and coursedetails
DATASECURITY365 DataSecurity365.com
Learning ObjectivesCourse 1: What is Information Security?1.1 Class 1: What is Information Security 1.1.0 Know what Information security means. 1.1.1 Why is it important to you? 1.1.2 Who does it affect? 1.1.3 How is it different from IT Security? 1.1.4 What is layered Security? 1.1.5 Examples of routine security. 1.1.6 What is your responsibility?
1.2 Class 2: Be Prepared 1.2.0 What is Social engineering? 1.2.0.0 Where can Social engineering happen? 1.2.0.1 How does this happen? 1.2.0.2 Real world examples of social engineering. 1.2.0.3 What type of information do hackers target? 1.2.0.4 Steps that hackers take for social engineering. 1.2.1 What is Spyware? 1.2.1.0 How does it propagate? 1.2.2 What kind of information should you keep private? 1.2.2.0 What information can be exploited 1.2.2.1 How to prevent social engineering.
1.3 Class 3: Understand the Difference Between Security, Privacy and Anonymity. 1.3.0 What is your online presence? 1.3.0.0 How does information appear online? 1.3.0.1 How do you appear online? 1.3.1 Examples of the difference between Security, Privacy and Anonymity. 1.3.1.0 How these terms relate to each other
1.4 Class 4: Be aware of the broad obstacles we face in information security. 1.4.0 How security can be inconvenient. 1.4.0.0 Security takes time. 1.4.0.1 Security takes money.
DATASECURITY365 DataSecurity365.com
1.4.1 How employees can be complacent and make security lapses. 1.4.1.0 You have to always be alert. 1.4.2 How society urges people to share information. 1.4.2.0 Through social media. 1.4.2.1 Through Job searches and over email. 1.4.3 How accessible data can be hard to secure. 1.4.3.0 Through the Internet we can access company data anywhere. 1.4.3.1 File sharing sites can be insecure. 1.4.4 Understanding the misconceptions of Cyber Security. 1.4.5 How society urges people to share information. 1.4.5.0 Through social media. 1.4.5.1 Through Job searches and over email. 1.4.6 All data is important. 1.4.6.0 Paper data, emails, sales leads, and information. 1.4.7 There are many kinds of threats. 1.4.7.0 Global, infrastructure, industry and specific business related threats. 1.4.8 General ways of addressing threats. 1.4.8.0 Accept, transfer or mitigatse. 1.4.9 Overview of procedure employees should follow daily. 1.4.10 Secure passwords, follow policies, physical workspaces, updates, backup, restrict spread of personal info, awareness. 1.4.11 It is important to stay relevant on security topics and follow procedure. 1.4.12 Security is a communal effort and we need to work together to build an environment of security-minded employees.
Course 2: What are the threats?2.1 Class 1: What are the threats? 2.1.0 Insider vs. Outsider security 2.1.0.0 How are they different? 2.1.0.1 Examples of Insider threats and outsider threats. 2.1.0.2 Insider vulnerabilities. 2.1.0.3 Outsider vulnerabilities. 2.1.0.4 Training and Common Sense. 2.1.0.4.0 Every employee needs to be trained and prepared.
DATASECURITY365 DataSecurity365.com
2.2 Class 2: What are the threats? Understand the Types of Malware. 2.2.0 Overview of malware and threats, 2.2.1 How to recognize malware. 2.2.2 Types of Malware and how devices get them. 2.2.2.0 Computer virus. 2.2.2.1 Computer worm. 2.2.2.2 Trojan Horse. 2.2.2.3 Adware. 2.2.3 How to mitigate malware threats. 2.2.3.0 Always backup files. 2.2.3.1 Keep apps up to date. 2.2.3.2 Use firewalls and anti-malware.
2.3 Class 3: How Malware Spreads 2.3.0 Email Attachments 2.3.1 USB Stick threats 2.3.2 Infected Websites. 2.3.3 How hackers use websites to spread malware. 2.3.4 Sharing files or using the Cloud. 2.3.5 Social Engineering. 2.3.6 The Human factor. 2.3.7 Mitigating malware threats. 2.3.8 Strategies to reduce risk in your company. 2.3.9 Being prepared 2.3.10 Knowing how IT team works 2.4 Class 4: The Layers of IT Security. 2.4.0 Overview of the different layers. 2.2.0.1 Physical. 2.2.0.2 Network. 2.2.0.3 System. 2.2.0.4 Application. 2.2.0.5 User. 2.4.1 The threats you might expect at each level. 2.4.2 How you can identify threats at each level.
DATASECURITY365 DataSecurity365.com
2.2 Class 2: What are the threats? Understand the Types of Malware. 2.2.0 Overview of malware and threats, 2.2.1 How to recognize malware. 2.2.2 Types of Malware and how devices get them. 2.2.2.0 Computer virus. 2.2.2.1 Computer worm. 2.2.2.2 Trojan Horse. 2.2.2.3 Adware. 2.2.3 How to mitigate malware threats. 2.2.3.0 Always backup files. 2.2.3.1 Keep apps up to date. 2.2.3.2 Use firewalls and anti-malware.
2.3 Class 3: How Malware Spreads 2.3.0 Email Attachments 2.3.1 USB Stick threats 2.3.2 Infected Websites. 2.3.3 How hackers use websites to spread malware. 2.3.4 Sharing files or using the Cloud. 2.3.5 Social Engineering. 2.3.6 The Human factor. 2.3.7 Mitigating malware threats. 2.3.8 Strategies to reduce risk in your company. 2.3.9 Being prepared 2.3.10 Knowing how IT team works 2.4 Class 4: The Layers of IT Security. 2.4.0 Overview of the different layers. 2.2.0.1 Physical. 2.2.0.2 Network. 2.2.0.3 System. 2.2.0.4 Application. 2.2.0.5 User. 2.4.1 The threats you might expect at each level. 2.4.2 How you can identify threats at each level.
DATASECURITY365
3.1 Class 1: Password Protection 3.1.0 Why you should use passwords. 3.1.1 What are the risk of a weak password? 3.1.3 What constitutes a strong password? 3.1.3.0 Lowercase, uppercase, numbers, special characters. 3.1.3.1 Long passwords upwards of eight characters. 3.1.3.2 Use different passwords for different accounts. 3.1.3.3 Don’t use guessable words. 3.1.3.3.0 Nothing personally identifiable. 3.1.3.3.1 No company names, pet names, etc. 3.1.4 Understanding the importance of password privacy. 3.1.4.0 Never share passwords 3.1.4.1 Never write down passwords and leave them places. 3.1.4.2 No one should ask for your password.
3.2 Class 2: Malware Protection. 3.2.0 Antivirus/Antimalware. 3.2.0.0 Website warnings 3.2.0.1 Infected Websites. 3.2.0.2 Protection. 3.2.0.3 Weekly malware scanning. 3.2.0.4 Updating devices. 3.2.0.5 Amount of maleware created last year. 3.2.0.6 Paid VS free subscriptions. 3.2.0.7 Not foolproof. 3.2.1 Detecting Malware. 3.2.1.0 Slow computer speeds may indicate malware infection. 3.2.1.1 Popups and spam may also indicate malware. 3.2.1.1 Contact IT professionals immediately if you suspect malware. 3.2.2 Preventing Malware. 3.2.2.0 Don’t open unknown email attachments. 3.2.2.1 Keep software up to date/ patches. 3.2.2.2 Using firewalls. 3.2.2.3 Before cleaning computer backup data. 3.2.2.4 Remove all applications associated with the malware. 3.2.2.5 Common sense and awareness.
Course 3: How to Practice Information Security at Work.
DataSecurity365.com
DATASECURITY365
3.2.3 Removing Malware 3.2.3.0 Through Antivirus. 3.2.3.1 Through IT professionals.
3.3 Class 3: Securing your Workspace. 3.3.0 Keeping your Workstation Secure when Away. 3.3.0.0 Use a screensaver. 3.3.0.1 Password protect log-in. 3.3.0.2 Don’t stay logged in to an Admin account. 3.3.1 Keeping your Office secure. 3.3.1.0 Identify and report suspicious persons in the building. 3.3.1.1 How to deal with confidential documents. 3.3.1.1.0 Label files 3.3.1.1.1 Identify if: Top secret, secret, confidential, sensitive-but unclassified, or unclassified. 3.3.1.1.2 If the document is time-bound, and customer sensitive- shred it. 3.3.1.1.3 Make sure file is digitally stored appropriately, and shred physical copy. 3.3.1.2 Know where to store data. 3.3.1.3 Make regular backups of data. 3.3.1.4 Act in accordance with workplace policies.
3.4 Class 4: Physical Security Outside of the Workplace. 3.4.0 Working in Public Spaces. 3.4.0.0 Connecting to Public Wi-Fi. 3.4.0.0.0 Public networks are easy for hackers to breach. 3.4.0.0.1 Avoid actions that put vulnerable information at risk, such as online shopping. 3.4.0.1 Keeping Physical Goods Safe. 3.4.0.1.0 Keep an eye on all belongings. 3.4.0.1.1 Lock all devices. 3.4.0.1.2 Stay alert 3.4.0.2 Shoulder surfing. 3.4.0.2.0 What is shoulder surfing? 3.4.0.2.1 How it can be avoided. 3.4.0.2.1.0 Minimize windows when not in use. 3.4.0.2.1.1 Be aware of surroundings. 3.4.1 Keeping Data Secure when working from home.
DataSecurity365.com
3.2.3 Removing Malware 3.2.3.0 Through Antivirus. 3.2.3.1 Through IT professionals.
3.3 Class 3: Securing your Workspace. 3.3.0 Keeping your Workstation Secure when Away. 3.3.0.0 Use a screensaver. 3.3.0.1 Password protect log-in. 3.3.0.2 Don’t stay logged in to an Admin account. 3.3.1 Keeping your Office secure. 3.3.1.0 Identify and report suspicious persons in the building. 3.3.1.1 How to deal with confidential documents. 3.3.1.1.0 Label files 3.3.1.1.1 Identify if: Top secret, secret, confidential, sensitive-but unclassified, or unclassified. 3.3.1.1.2 If the document is time-bound, and customer sensitive- shred it. 3.3.1.1.3 Make sure file is digitally stored appropriately, and shred physical copy. 3.3.1.2 Know where to store data. 3.3.1.3 Make regular backups of data. 3.3.1.4 Act in accordance with workplace policies.
3.4 Class 4: Physical Security Outside of the Workplace. 3.4.0 Working in Public Spaces. 3.4.0.0 Connecting to Public Wi-Fi. 3.4.0.0.0 Public networks are easy for hackers to breach. 3.4.0.0.1 Avoid actions that put vulnerable information at risk, such as online shopping. 3.4.0.1 Keeping Physical Goods Safe. 3.4.0.1.0 Keep an eye on all belongings. 3.4.0.1.1 Lock all devices. 3.4.0.1.2 Stay alert 3.4.0.2 Shoulder surfing. 3.4.0.2.0 What is shoulder surfing? 3.4.0.2.1 How it can be avoided. 3.4.0.2.1.0 Minimize windows when not in use. 3.4.0.2.1.1 Be aware of surroundings. 3.4.1 Keeping Data Secure when working from home.
DATASECURITY365
3.4.1.0 Use wireless routers with WPA2 encryption. 3.4.1.1 Review on passwords for network.
4.1 Class 1: Email Security 4.1.0 Email Security. 4.1.1 Threats over email. 4.1.1.0 Phishing Emails. 4.1.1.1 Malware infected Emails. 4.1.2 Securing Email. 4.1.2.0 Set up Spam filter 4.1.2.1 Use BCC (blind carbon copy) to secure privacy. 4.1.2.2 Breaking down Emails to distinguish good from bad. 4.1.2.2.0 Sender. 4.1.2.2.1 Do you Recognize the sender? 4.1.2.2.2 Recipients. 4.1.2.2.3 Do you recognize other recipients? 4.1.2.2.4 How many other recipients are there? 4.1.2.2.5 Subject. 4.1.2.2.6 Is it unnecessarily vague? 4.1.2.2.7 Body. 4.1.2.2.8 What’s in the body of the email? 4.1.2.2.9 Be wary of company logos. 4.1.3 Spam. 4.1.3.0 Turn off email images. 4.1.3.1 These can be tracked. 4.1.3.2 Check folder for important emails that got sorted incorrectly. 4.1.4 Do not respond to every email that enters your inbox. 4.1.5 Don’t ever send personal information over email. 4.1.6 Report anything unusual immediately.
4.2 Class 2: Social Media Security. 4.2.0 Benefits of social media for companies. 4.2.1 Social Media’s Risk to information security. 4.2.1.0 Many people use social media. 4.2.1.1 Easily exploitable. 4.2.1.2 Can harm a company’s reputation. 4.2.1.2.0 Loss of credibility.
Course 4: Email Safety and Safe Online Browsing.
DataSecurity365.com
DATASECURITY365
4.2.2 Securing our social media accounts. 4.2.3.0 Spreading awareness of social engineering. 4.2.3.1 Following company policies on security and decorm. 4.2.3.2 Avoid oversharing. 4.2.3.3 Don’t click on links without knowing if they are secure. 4.2.3.4 Don’t add unknown people on your networks. 4.2.3.5 Keep sensitive info off the internet. 4.2.3 Real-world examples. 4.2.4.1 Associated Press Twitter hack . 4.2.4 Final class Summary. 4.2.5 Reminder if quizzes and replaying videos. 4.2.6 Visit:Cybertraining365.com
5.1 Class 1: Creating Information Security Policies 5.1.0 Creating an effective policy. 5.1.0.0 How to create a policy for your organization. 5.1.0.1 Clear. 5.1.0.2 Concise. 5.1.0.3 Relevant to the intended audience. 5.1.0.4 Policy aligns to the needs of the business, legislative and regulatory frameworks in which you operate.
5.2 Class 2: Conclusion 5.2.0 Summary of Course 1: What is Information Security? 5.2.1 Summary of Course 2: What are the threats? 5.2.2 Summery of Course 3: How to practice Information Security at Work. 5.2.3 Summery of Course 4: Email Safety and Safe Online Browsing
Course 5: Data Security and Privacy Training
Get Started Today! DataSecurity365.com [email protected] 1.800.720.4851
DataSecurity365.com
DATASECURITY365
4 hours and growing library of data security and privacy training content. Thisincludes Instructional Videos, Animations, Quizzes, Practice test and Final Exams.
Duration:
If needed you can customize the training for your organizations specific needs,from our library of content.
Customize as Per needs:
Every employee in an organization who uses a computer should posses thefundamental Data security knowledge presented in this online course.
Who Should Attend
This course is based on established adult learning principles. Students arequizzed immediately after material is presented to reinforce key points andenhance retention. A final comprehensive exam is offered at the end of thiscourse. Students are given three attempts to pass this exam.
Quizzes and Final Exam
No previous information security experience is required. Basic computerexperience is required.
Prerequisites
Get Started Today! DataSecurity365.com [email protected] 1.800.720.4851
