IT security and managed services specialist, Pentura has launched an informative e-learning portal to help businesses educate their staff on the importance of best practice in data security, and the key role they have in avoiding data breaches.
The portal, LearnwithPentura, features eight e-learning modules covering data security and computing best practice in compliance with ISO27001, the information security standard, and ISO27002, the Code of Practice which sets out that security issues should be addressed at employee level. The modules cover the use of removable media, responsible email usage, anti-phishing awareness, physical security, use of the web and social media, data classification, secure remote working, and an introduction to Data Loss Prevention (DLP).
LearnwithPentura enables businesses to manage the rollout of e-learning to all employees and any relevant third parties. It provides supporting e-learning for all levels of user, from new starters to internal migrations, to leavers. It gives a secure platform for users to access the materials with a unique username and password, with a test at the end of each module to gauge users’ understanding. It also features reporting on which modules have been completed by employees, and if any further training is required based on their test results.
Steve Smith, managing director of Pentura said: “As well as providing technology solutions for data security, we want to create a virtual community to assist businesses in educating and empowering their users, and to enforce corporate policies to help prevent unintentional security breaches and data losses at source. Even the most robust security technologies can be undermined if, for example, a member of staff accidently loses a USB stick containing sensitive information, or sends an email to the wrong recipient.”
According to a Ponemon Institute 2013 Cost of Data Breach report, the perception that malicious attacks pose the biggest risk to organisations is unfounded, as 63% of data breaches were the result of human or system errors.
Steve Smith added: “People can be the weakest link in any security strategy. By educating users on best practice policies, businesses reduce the risk of breaches and better meet their governance, risk and compliance requirements. It is crucial that companies operate a training and awareness programme that is easy to follow, doesn’t blind staff with technical jargon, and is very clear in what it is appropriate to do with corporate equipment and data.”