With the state of the economy, it is not too shocking that only 43% of employees receive security awareness training. Many companies have been faced with reducing their workforce and running “leaner and meaner,” thus devoting all hours of the workday to improving the companies bottom-line. It is hard to believe that such an important element has gone the way of the Dodo bird. One would think that more time would be dedicated to security training given the recent and highly publicized security breaches at other companies.
However, the results of a recent survey by Enterprise Management Associates (EMA) show that 56% of corporate employees have not received any security awareness or policy training.
A recent article from SC Magazine explains EMA’s findings, “Security Awareness Training: It’s Not Just for Compliance, 45 percent of employees received their training in a single annual session. But a one-off training session that covers a broad swath of security issues likely isn’t effective.”
According to the report, the average cost of providing security training is only $50. This seems like a small price, but multiply that by a few hundred users and you start to see why this simple exercise in protecting their company may be overlooked. Yet, providing the staff with proper training could result in saving the organization from the far greater expense of a data breach.
“35 percent said they clicked on an email from an unknown source and 33 percent have the same password for both work and personal devices.” White goes on, while “30 percent still leave mobile devices unattended in their car. They need to know why security is important.”
While under-education of the population at large can seem startling, a best practice for increasing security within any environment is to have a strong password policy that includes specific password expiration increments. In order to deploy such a password policy, the company must first roll out a self-service password reset program. Many companies turn to the authentication experts at PortalGuard for their self-service password reset needs and other authentication solutions.