YALE-MSS-11.1: Require security training for all users of Yale Data and Yale IT Systems

Standards Group:
YALE-MSS-11: Security Training

Low Risk Endpoint Required Moderate Risk Endpoint Required High Risk Endpoint Required Low Risk Server Required Moderate Risk Server Required High Risk Server Required Low Risk Mobile Device Required Moderate Risk Mobile Device Required High Risk Mobile Device Required Low Risk Network Printer Required Moderate Risk Network Printer Required High Risk Network Printer Required

Details

Details and definitions

The purpose of security training and education is to enhance security by:

Improving awareness of the need to protect system resources
Developing skills and knowledge so users can perform their jobs more securely
Building in-depth knowledge, as needed, to design, implement, or operate security programs for organizations and systems

Guidance

Ensure all users are informed, understand their roles and responsibilities, and complete assigned security training.

System owners are responsible to:

Communicate the system's classification level
Provide instructions for user responsibilities to protect Yale data
Ensure users have access to up-to-date reference materials, procedures, and support resources

Critical vulnerability in all versions of Linux.

YALE-MSS-11.1: Require security training for all users of Yale Data and Yale IT Systems

Standards Group:YALE-MSS-11: Security Training

Details

Standards Group:
YALE-MSS-11: Security Training