- 1. Security Toolkit: An Overview of Topics in Cyber Security
- 2. Security Toolkit: Introduction
- 3. Security Toolkit: Assessing Your Current Cyber Security Practices
- 3.1. Security Toolkit: Self-Assessment for Organizations
- 3.2. Security Toolkit: Self-Assessment for Individual Users
- 4. Security Toolkit: Specific Security Topics: What to Look into and Why
- 4.1. Security Toolkit: Endpoint Detection and Response (EDR)
- 4.2. Security Toolkit: Multi-Factor Authentication (MFA)
- 4.3. Security Toolkit: Backups and Securing Backups
- 4.4. Security Toolkit: Email Security
- 4.5. Security Toolkit: Data Sharing
- 4.6. Security Toolkit: Password Management
- 4.7. Security Toolkit: Encryption
- 4.8. Security Toolkit: Other Tips on Technology Setup
- 5. Security Toolkit: Security Policies
- 6. Security Toolkit: Training
- 7. Security Toolkit: When you Experience an Incident
- 8. Security Toolkit: 2021 Security Webinar Series
6. Security Toolkit: Training
What, When, and How
Many offices already understand the value of training for substantive work and client services, but training practices should extend to how staff use technology. You should provide training for staff on the core applications your organization uses (e.g., Outlook, Word, Excel, your case management system). You should also provide training on using the organization’s equipment. You should also provide training on using the organization’s equipment and security awareness. In fact, funders and insurance companies now ask if you are doing this; some are even requiring it.
Security training should teach your staff how to keep your organization’s data secure and how to share data externally in a secure way. Security training can also include “phishing tests,” or tests that help staff identify suspicious emails before opening them.
