9.2 Launching an internal awareness campaign

 < Day Day Up > 

A strong internal awareness program will inform employees of the importance of computer security and motivate them to learn policies and procedures. Public-relations departments are usually very good at managing such campaigns. However, if the present public relations staff does not have experience on managing internal awareness campaigns, it is advisable either to send them to training or hire an external consultant to assist in the development of the campaign.

There are numerous potential elements to an internal awareness campaign and as many as possible should be used to increase the awareness of cybersecurity efforts. Methods that can be used in the awareness campaign include the following:

  • Attention-getting logos and headlines on the enterprise intranet

  • Articles in employee newsletters explaining the importance of computer security

  • Banners and posters in break rooms and employee cafeterias

  • Posters in vending areas

  • Posters in restroom and lounge areas

  • Banners in parking areas

  • Brown-bag lunches to discuss the plan

  • Pamphlets included in paycheck envelopes

  • Direct mailings of pamphlets or letters to employees' homes

  • Brief discussions of the plan in staff meetings

  • Mini training sessions at workshops or retreats

  • Motivational speakers at large enterprise events

  • Celebrity endorsement of campaign goals

The U.S. FTC has launched a cybersecurity awareness campaign and provides helpful information about educating computer users on the importance of cybersecurity at its Web site (www.ftc.gov/bcp/conline/edcams/infosecurity/index.html ). The article shown in Figure 9.1 has been created by the FTC and is available for use in corporate newsletters.

Are You a Safe Cyber Surfer?

(NAPSI)-Are you a safe cyber surfer? The stakes are high if you're not.

Every time you buy stuff online, do your banking, or pay bills over the Internet, check in with your office by e-mail or just surf the Web for fun, you open a gateway to the personal information on your computer-including credit-card numbers, bank balances, and more. You may also be in for costly computer repairs and lost data due to damaging computer viruses that can invade your computer through e-mail connections.
Fortunately, there are steps you can take to protect your computer, your information, and your peace of mind from computer creeps who try to slow down a network operation, or worse yet, steal personal information to commit a crime. Here are some tips to help you from the security experts at the FTC:

Make sure your passwords have both letters and numbers and are at least eight characters long. Avoid common words: some hackers use programs that can try every word in the dictionary. Don't use your personal information, your login name, or adjacent keys on the keyboard as passwords-and don't share your passwords online or over the phone.
Protect yourself from viruses by installing antivirus software and updating it regularly. You can download antivirus software from the Web sites of software companies, or buy it in retail stores; the best recognize old and new viruses and update automatically.
Prevent unauthorized access to your computer through firewall software or hardware, especially if you are a high-speed user. A properly configured firewall makes it tougher for hackers to locate your computer. Firewalls are also designed to prevent hackers from getting into your programs and files. Some recently released operating system software and some hardware devices come with a built-in firewall. Some firewalls block outgoing information as well as incoming files. That stops hackers from planting programs called spyware that cause your computer to send out your personal information without your approval.
Don't open a file attached to an e-mail unless you are expecting it or know what it contains. If you send an attachment, type a message explaining what it is. Never forward any e-mail warning about a new virus. It may be a hoax and could be used to spread a virus.
When something bad happens-you think you've been hacked or infected by a virus-e-mail a report of the incident to your Internet provider and the hacker's Internet provider, if you can tell what it is, as well as your software vendor.
To learn more, visit the Web site at www.ftc.gov/ infosecurity or call toll free, 1-877-FTC-HELP (1-877-382-4357).

Figure 9.1: FTC Article about Cybersecurity

 < Day Day Up > 

Implementing Homeland Security for Enterprise IT
Implementing Homeland Security for Enterprise IT
ISBN: 1555583121
EAN: 2147483647
Year: 2003
Pages: 248

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net