| Security awareness is knowledge and attitude | | | | password policy and use of two-factor |
| members of an organization possess regarding | | | | authentication |
| protection of the physical and information | | | | |
| assets of that organization. Many | | | | Other computer security concerns, including |
| organizations require formal security | | | | malware, phishing, social engineering, etc. |
| awareness training for all employees when | | | | |
| they take up sensitive assignments and, in | | | | Workplace security, including building |
| some cases, periodically thereafter. | | | | access, wearing of security badges, reporting |
| | | | of incidents, forbidden articles, etc. |
| Topics covered in security awareness training | | | | |
| include: | | | | Consequences of failure to properly protect |
| | | | information, including potential loss of |
| The nature of sensitive material and physical | | | | employment, economic consequences to the |
| assets they may come in contact with, such as | | | | firm, damage to individuals whose private |
| trade secrets, privacy concerns and | | | | records are divulged, and possible civil and |
| government classified information | | | | criminal penalties |
| | | | |
| Employee and contractor responsibilities in | | | | Being Security Aware means you understand |
| handling sensitive information, including | | | | that there is the potential for some people |
| review of employee nondisclosure agreements | | | | to deliberately or accidentally steal, |
| | | | damage, or misuse the data that is stored |
| Requirements for proper handling of sensitive | | | | within our computer systems and through out |
| material in physical form, including marking, | | | | our organization. Therefore, it would be |
| transmission, storage and destruction | | | | prudent to support the assets of our |
| | | | institution (information, physical, and |
| Proper methods for protecting sensitive | | | | personal) by trying to stop that from |
| information on computer systems, including | | | | happening. |