Train employees — more knowledge, fewer mistakes

A lack of information on how employees are to behave in relation to IT systems is one of the greatest factors enabling intrusion or improper use of the company’s systems.

The purpose of training employees in IT and information security is to help the organization, easily and cost efficiently, raise employee awareness of the basic aspects of information security management and enable the desired levels of confidentiality, accuracy and accessibility in relation to the organization’s information assets.

Training at a minimum should include passwords, mobile devices, malicious code, social media, email, creating backups, traceability and logging, smartphones, tablets and secure behavior.

One such information security course is DISA – Datorstödd informationssäkerhetsutbildning för användare (in Swedish), which was produced by the Swedish Civil Contingencies Agency, MSB).

If you would like to improve your knowledge of what is required to maintain basic IT security according to the SSF 1101 Edition 1, SSF Cybersecurity Basic Level – Basic IT Security standard, SSF Swedish Theft Prevention Association offers a course that you can read about here (link).

Download our summary with definitions and measures for all IT areas.

All areas

• Computers and mobile devices
• Software and applications
• Networks
• External IT services
• Permissions
• Training