All new employees receive onboarding and systems training. This training is completed annually by employees and training compliance is monitored.
The main topics covered in security training are:
- Social engineering – primarily phishing and how to detect and report attacks.
- Passwords – background in how passwords are cracked, why strong passwords are important, and storage recommendations for passwords.
- Physical Security – guidelines for maintaining the physical security of offices and equipment.
- Data Handling – understanding data classification and how to properly handle such data.
- Compliance – its importance and how it affects operations.