Improvements in these areas put time back into your day and dollars back into your budget. But the only way to get there is to teach users that their actions matter and that technology isn’t a blanket protection for their data or yours.
Plus, there’s another benefit to delivering an effective, ongoing security awareness training program: It allows you to improve security in areas beyond the phish as well. In addition to cleaning up corporate email use, you can start to change the behaviors of users who:
- check personal email on corporate-issued PCs
- log into social media accounts on corporate-issued PCs
- stream and download media on corporate-issued PCs
- shop online on corporate-issued PCs
- log into corporate systems on personal smartphones and tablets
- access open WiFi networks on devices that are linked to corporate systems
Don’t be blind to the potential reach of end-user risk. Our User Risk Report revealed that the types of actions noted above are happening regularly — and that many workers even allow their friends and family to use their work devices for personal pursuits.
Think we’re bluffing about the upside to security awareness and training? Consider this: Virtually every cybersecurity misstep by an end user can be whittled down to a binary decision point: Do I or don’t I? The questions for you is: Am I teaching my users how to play the game or am I expecting them to get by on luck alone?
We feel it’s time to deal your users in and give them a seat at the security table. When it comes to infosec, technology is king … but your employees can be your ace in the hole.
Subscribe to the Proofpoint Blog