30-Minute Internet Security for End-Users Class

30-Minute Internet Security for End Users Class

It is also a good idea to provide a class on the proper use of the Internet for employees who have Internet access. I have worked in many organizations that have adopted an excellent policy that states: "Any employee needing Internet access must attend an Internet security class (see Table B.2) before such access will be permitted." Having this requirement provides two essential advantages:

  • It weeds out many individuals who do not seriously need Internet access.

  • It ensures that all Internet users have some knowledge of Internet security practices.

Table B.2. Topics for Internet Security for End-Users Class

Recommended Topics to Cover

Estimated Time

Begin by presenting some fascinating statistical projections about Internet security. Wow them with how incredibly unsecure the Internet really is, and how many hackers are out there waiting for an opportunity to strike.

Here we want to simply get the audience's attention and show how big an issue Internet security is.

3 minutes

Discuss some of the dangers of the Internet and what a hacker can do:

  • Malicious Web-based scripts

  • Unencrypted communications and email

  • Malicious downloads, viruses, back doors, Trojan horses

  • Browser attacks and reply worms such as NIMDA

Here we are want the end-users to understand how much responsibility they have for the security of the organization. They should understand that their desktops could very well be the weak link that allows a hacker in.

6 minutes

Discuss good security practices that end-users can follow:

  • Never trust anything or anyone on the Internet

  • Never send confidential company information across the Internet or through external email

  • Never download or execute Internet-based files

  • Never install file-sharing applications or any other unauthorized software

  • Never choose to "trust" a Web site unless absolutely sure it is legitimate

  • Never share an Internet account with others

  • Never access the Internet from an unauthorized system

  • When in doubt, ask the local security team /expert

15 minutes

Review how an end-user should handle an incident:

  • Give the reporting chain and contact list, including who to call during a suspected incident

  • Explain the need for silence until the matter is investigated

  • Explain that all actions across the Internet will be monitored by the organization

3 minutes

End by having each user take a copy of the "Internet Usage Policy." Each user should sign the policy before being granted Internet access.

3 minutes



Inside the Security Mind(c) Making the Tough Decisions
Inside the Security Mind: Making the Tough Decisions
ISBN: 0131118293
EAN: 2147483647
Year: 2006
Pages: 119
Authors: Kevin Day

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net