Social engineering training
Discussion, You Will Evaluate Potential Topics To Include In a Security Plan. Make Sure Your Evaluation Includes Any Topics That Need To Be Included For Specific Problems And Breaches.
Make Sure That It Includes At Least Two Topics You Consider Critical To a Security Plan.
Explain Why These Topics Are Critical, And Provide Real World Examples That Illustrate Situations In Which These Topics Have Been Successfully Incorporated Into Security Plans.
Social engineering training: Within the aspects of data security, significantly huge amount of time has to be devoted to technical section of the security aspects, namely the vulnerability scanning, firewalls as well as the penetration testing (Aldawood & Skinner, 2019). The social engineering aspect is considered the easiest method of stealing data specifically if the employees are not provided with the required training on the method of recognising as well as combatting it. As the social engineering mainly targets workforce, the most appropriate method of combating it is providing the required training to the employees. This training could be critical to the security plan of the organisation as it would equip the employees to properly tackle the social engineering.
Employee web usage: In the modern times, it has been observed that for preserving the business associated focus of employees, the managers perform the monitoring of the employee internet usage habits that denotes the tracking as well as the analysis of the internet activities on the internet during any working day (Lee & Lee, 2018). Some of the recent surveys revealed that the employees uses the internet facility for the non-work associated purposes commonly. The monitoring of the web usage is necessary to be included in the security plan of the organisation because it would help the companies to monitor the usages made by the employees and ensure that the internet facility is used for correct purposes and not for any leisure work.
E-mail/spam control: Email spam could be described as the utilisation of the email system for sending any kind of unsolicitated emails specifically the advertising emails to any particular recipient group. The unsolicited emails mainly denotes that any recipient has not provided all the required permission for gaining the particular emails. The use of various kinds of spam emails is presently growing in popularity in the last decade and it is particular problem that is faced by majority of the users of email. The E-mail/spam control is required to be included in the security plan for ensuring that the employees are not affected by the spam emails (Zhang, He & Xu, 2018).
Building evacuation policy: The building evacuation policy mainly helps with ensuring that in the situation of any kind of emergency in office building, the employees are well aware of the process by which they could get out of the building and save their lives (Solís & Gazmuri, 2017). The building evacuation policy mainly determines the safest method for the employees to evacuate from the office building during situations of emergency.
Smartphone policy: In the modern times, the new technology significantly influences the method any work is conducted in any organisation. the mobile phone technology is not the new technology but it has been considered as the essentials in the present life (Aguilera & Boutueil, 2018). The employees in any organisation could use this technology and misuse it that could lead to security threats. For ensuring that the technology does not lead to any kind of security threats in the organisation, this policy has to be included in the security plan.
Aguilera, A., & Boutueil, V. (2018). Urban Mobility and the Smartphone: Transportation, Travel Behavior and Public Policy. Elsevier.
Aldawood, H., & Skinner, G. (2019). Reviewing Cyber Security Social Engineering Training and Awareness Programs—Pitfalls and Ongoing Issues. Future Internet, 11(3), 73.
Lee, H., & Lee, M. (2018). Social learning constructs and employee learning performance in informal Web-based learning environments. Journal of Workplace Learning, 30(6), 394-414.
Solís, I. A., & Gazmuri, P. (2017). Evaluation of the risk and the evacuation policy in the case of a tsunami in the city of Iquique, Chile. Natural hazards, 88(1), 503-532.
Zhang, Y., He, J., & Xu, J. (2018). A new anti-spam model based on e-mail address concealment technique. Wuhan University Journal of Natural Sciences, 23(1), 79-83.