Thought I would share a success story of security awareness training. This was posted by a security manager whose employees learned from their training and acted. This just goes to show how important awareness training is.
------------------------------------------------------------------------------
I was alerted that the contractors that were hired by our building management company had tried twice to gain access to our suite without authorization or without checking in at the front desk. In the first instance, one of the contractors was engaging in dialog with another employee while someone was entering their code to open the door. The other contractor was then on the other side watching the code being entered. The employee noticed this and alerted their manager.
In the other instance, after two employees entered through the coded door and the door was about to close the contractor forced his hand and foot to prevent it from latching to gain access. They immediately called the Information Systems Manager who came by and took control of the situation.
I brought all of the employees into my office and asked them to tell me what happened. Then I gave them each a gift card for lunch on the company today, thanked them, and gave them huge kudos for a job well done! They all did exactly what they should have done and while there wasn’t any actual malicious intent, the contractors were just trying to do their job, it’s instances like these that could cause a major breach.
This doesn’t mean that my users will catch everything. But the user layer of our defense worked this time around! This is my favorite layer of our defense because contrary to popular belief, when your users care about security, they are a force to be reckoned with!
Monday, June 10, 2013
Subscribe to:
Comments (Atom)