Staff members are undoubtedly the most vital links in the traditional security chain. However, access to information by employees is a necessity. This has risks because employees with bad intentions, and especially employees who by their lack of knowledge adopt risky behaviors.
Given the possible risks, a restrictive strategy can be used, however, experience has shown that it is ineffective and counterproductive. Too many restrictions cause complaints from users and slow down the performance of business procedures. At the same time, it is not always possible to find an efficient, transparent and legal way to monitor the use of systems like e-mail by staff. The same occurs with many other measures that at first sight seem to be good ideas.
The solution to the problem lies in working to raise the awareness of users with regard to information security.
To assist businesses to set in train a complete project allowing integrated improvement of the security of your organization, INCIBE has designed an awareness-raising program, incorporating numerous graphic materials, interactive elements and detailed programming. The intention of all this is to enhance security from within the very heart of a business: the people working for it.
Tool resources are only available in Spanish.