With more high profile security scares being regularly reported, this should increase the issue of security on any businesses agenda, otherwise further incidents could lead to very embarrassing and costly situations as for example the recent intrusions experienced by Microsoft.
Security training should cover all those end-users that have access to a network, even though most organisations would state that the responsibility lies solely with the IT department. Admittedly, they should have the responsibility of ensuring that their IT personnel are capable of dealing with the hardware and software configurations of their security systems, but remember this is the real world.
A simple mistake by an IT person could easily open a hole in the most sophisticated of systems. By applying appropriate training programmes would ensure that such mistakes are avoided and that the organisation works towards developing a highly competent security workforce without having to employ the services of a costly security specialist.
End-users that have regular access to the network would require a different level of training, however, by training them to recognise areas of weaknesses in network security or potential threats would undoubtedly reduce the risk element against a network. An example would be to keep people frequently informed of the latest virus threats attached to e-mails. This would reduce the amount of infected e-mails being opened by uninformed recipients.
End-users also need to be educated in terms that network security problems do not simply lie with viruses and attachments, they are just as crucial in areas of file management and workstation security. Staff need to be trained in the use of data that is received from an external and internal source and it is sad to state that a great threat to security also comes from within any organisation.
Dealing with fraud is not a new issue, but is also one of the hardest problems to handle. A skilled administrator can minimise the risk when setting up access rites, however it is the responsibility of management to set the security levels taking into consideration, if they are too trusting, they may be open to attack, too protective and this will restrict workers in the way they perform their job.
Companies need to have a broad overview of their security systems and need to develop a security conscious network and workforce. This would certainly help towards reducing the amount of major breaches in network security.
A list of the different types of security courses are listed at Security Training Courses
