Information Security

Controlled Response IPS

Penetration Testing

Risk Analysis

Security Awareness Training

Security Management Process

Sifter

Procurement

Web Hosting

Strategic Planning

    


[We found that] financial service institutions have made significant investments in risk management and compliance ... but they didn't always make sure the message reached every corner of the enterprises.  The result:  huge compliance failures.

Optimize Magazine, May 2004

Topics Covered:
All three training methods will cover topics in your user-level information security policies, plus the following:

  • Definitions

  • Password construction

  • Internet usage

  • E-mails do's and don'ts

  • Social engineering

  • Viruses, worms, and trojans

  • Software licensing

  • Identity theft

  • Physical security

Methods Used:
We make it fun!  We use trivia contests, movies, exercises, real life stories, and humor to ensure your users pay close attention!
Security Awareness Training:


Too often we view information security as a technology issue related to policy and procedures.  However, we know that people present the greatest risk.  Information Security is organic . . . a process that relies heavily on a team approach involving the managers and users of your Information System.  By focusing on the awareness of our team members, your system security increases.

The Weakest Link
Even with the highest quality firewalls in place, the best policies and procedures, and the most detailed documentation; a user can still put sensitive information in an e-mail, or use “payroll” as the password for the payroll module.  By presenting your policy in a manner that increases security awareness and motivates an atmosphere of cooperation towards your Acceptable Use Policy, you will reduce risk.  Half the battle is helping your users recognize the important role they play in the security process.

Levels of Training
Beyond the free mailing lists we provide with our Controlled Response Intrusion Prevention System, we offer training to three primary levels of your team:

CxO Training

IT Staff Training

User Awareness

Our most popular service is our User Awareness Certification, primarily because we customize it to your Information Security Policies, but also because it makes a great tool for orienting your new employees, acts as excellent due diligence for the regulators, and creates a team approach toward securing your network.

User Awareness Certification
 infotex will review your Acceptable Use Policy and create training materials centered around this policy that will make it fun to learn how following good habits and disciplines can lower the risk present in your information system.  The training will also include appropriate written materials and due diligence testing.   We offer two methods of User Awareness Certification.

Seminar
Our trainers will deliver a two-hour presentation to your staff.  Your users can see first hand that Information Security policies and procedures are a best practice preached by an independent, third party.  This helps overcome resistance to the inconveniences of Information Security, as well as any incorrect assumptions on the part of your users about the Information Security process.

Webinar
Attendees of the Webinar connect into a “teleconference room” where they will be guided through the presentation in real time by our professional trainer, who will encourage interaction.  As with all our training, there will be due diligence tests after the webinar which we will certify for your personnel files!

Explore:

 

 See Also:

 infotex Portal

 ISC2

 HIPAA Links

 Final Security Ruling

 GLBA Links

 FTC Standards