Computer Security Training Program - Computer Essay Example
Computer Security Training Program
The Computer Security Training Programs intends to provide the information needed to reduce or eliminate the risks of computer security threats in the business parameter - Computer Security Training Program introduction. This training outline is divided in a three day course module covering the details on what available security threats there are and how to prevent them from compromising the business processes of the company.
essay sample on "Computer Security Training Program"? We will write a cheap essay sample on "Computer Security Training Program" specifically for you for only $12.90/page
Discuss briefly the very basic concept of what a computer is; the main parts of the machine system including the processor, monitor, keyboard etc.
IMPACT OF COMPUTERS IN TODAY’S BUSINESS
Discuss the extent of computer usage in various types of businesses; the presentation of different segments such as in telecom industries, medical institutions, banks, broadcast companies, social service businesses and other economic business utilities can be presented; highlight some specific uses of computers among these businesses-inventory, purchasing, employee compensation, manufacturing and in other segments.
WHY SECURE COMPUTERS
Introduce the importance of securing the integrity of computer systems in businesses. Discuss the impact of dealing with computer security threats. Interrelate how such threats could affect the company, the employees and the customers.
TYPES OF SECURITY PROBLEMS AND THREATS
Briefly discuss each of the following types of computer security threats:
Errors, Omissions, Deletions
Fraud and Theft
Loss or Destruction of Physical Infrastructure
Industrial or Business Espionage
Presence of Malicious Codes
Personal Privacy Compromise (U.S. Department of Commerce)
Simple User-Based Procedures and Prevention
Data Transfer (optical drives, flash disk drives, internet transmission)
Things to Discuss:
Securing the Contents of External Drives
Scanning of External Drives before data transferring
For internet transmissions, identify whether the sender is coming from the local area network of the company.
**Exercise: LAN ID
**Purpose: To teach how to identify employee or directory ID of the company LAN addresses.
Discuss how Internet connections could initiate company computer security threats.
**Exercise: Secure and Non-Secure Websites
**Purpose: To teach employees how to identify web browser icons (Windows and Linux based) for security checks.
**Activity: Provide each employee with dummy websites intentionally encrypted with security threat icons. Let them identify whether the websites are secure or not. Afterwards, direct employees to some live websites and ask each one of them whether they think the websites are secure or not.
Provide information how e-mails and their attachments could pose security threats; teach them how to identify fraudulent e-mail addresses, junk mails and malicious attachments; provide information on how to scan for attachment files using the specified company software.
Advanced Security Training and Support
Errors and Deletion
Provide technical procedures in dealing with errors and deletion; provide directives on communicating with the company’s IT team to request for assistance how to retrieve lost data; report erroneous glitches.
Fraud and Theft
Present how to prevent fraud and theft; provide info on how to effectively nominate passwords in company systems; teach the employees not to disclose company information to unidentified third party entities.
Loss or Destruction of Physical Facilities
Instruct employees to report identified electronic damages such as short circuits, presence of water or pest infestation; remind employees not to fix physical damages on computers if they are not qualified.
Malicious Hackers/Industrial Espionage
Discuss with the employees to report sudden changes in company web interfaces; provide info on how to identify company interfaces which were maliciously hacked.
Viruses, Spywares, Malwares and Worms are the most common types of malicious codes. Teach the employees how they can effectively scan for these codes using the company software. Instruct them to report to the IT department if the problems persist.
Remind the employees about the impact of sharing their personal details to non-reliable third party entities they encounter in electronic business transactions; discuss with them the possible impact of identity theft apart from the damages it can incur to the company. Inform them the identity theft is one very serious crime and poses severe criminal dilemmas (US Department of Justice).
U.S. Dept. of Commerce. 2008. Threats to Computer Security. National Institute of Standards and Technology. Retrieved March 25, 2008 from http://alcor.concordia.ca/~helpline/security/threats.html.
US Department of Justice. N.D. Identity Theft and Identity Fraud. Identity Theft. Retrieved March 25, 2008 from http://www.usdoj.gov/criminal/fraud/websites/idtheft.html.