Many companies provide technical safeguards for computers and the like; the human factor usually causes problems. Online training is intended to remedy this.
Not that there would be no warnings: Almost every company that deals with security on the Internet has already drawn attention to the fact that IT users should be particularly careful in times of the corona crisis. The employees of many companies work decentrally in the home office, sometimes with their own computers. It is important to secure the technology as well as possible, which includes, for example, that all security updates have been installed on the devices used. But another factor is at least as important: the human being.
The cynics among system administrators have long been talking about the greatest risk for IT security sitting 50 centimeters in front of the screen. Nevertheless, in surprisingly many companies, little or nothing is happening to raise awareness of what could happen and what needs special attention. The Bochum IT security company G Data also recognized this gap. Actually, it also comes from technical protection, for example antivirus software. But for some time now, it has also been offering online courses that are designed to increase employee safety awareness.
All reports on the current situation in Germany and worldwide as well as the most important news of the day – twice a day with SZ Espresso. Our Newsletter brings you up to date in the morning and evening. Free registration: sz.de/espresso. In our News app (download here) you can also subscribe to the espresso or breaking news as a push message.
The business psychologist Nikolas Schran is responsible for this at G Data. “We are being forced to digitize,” says Schran, referring to the often rash introduction of working from home because of the corona pandemic. “It would have been better if we had prepared better for it.” Prepare better, but that doesn’t just apply to technology, but also to how people deal with it.
Some attacks could not be fended off with purely technical means alone, “I can not exonerate myself,” he admits. Indeed: It has long since ceased to be as easy as before for malicious hackers to use gaps in the Windows operating system for attacks. As a result, criminals are increasingly trying to get users to overcome the security barriers built into Windows themselves. For example, they use e-mails that promise bargains or that pretend that their own account with Amazon is blocked. But often that is not even necessary. For example, if users do not lock their computers when they leave the workplace. In this way, a visitor in the open-plan office can quickly notice the offer of a competitor.
There is also a training module for working in the home office
Scenes like this are covered in the online courses. You always start by recording the basic knowledge of the participants. And, as Schran emphasizes, at the respective workplace. Because learning always depends on the context, what is important for work is best learned there. Nobody at G-Data initially knew how to set up such courses; the company therefore brought in the necessary expert knowledge to ensure that the courses were not only factually correct, but also didactically meaningful. No employer has to fear that employees will be absent for days because of the training. The courses are divided into small blocks, each of which is completed in a quarter of an hour. The participants can determine to a certain extent when they complete which block. The training runs on an online platform, to which users only have to register. With a special access, the superiors can understand how the learning progress of their employees is.
There were many inquiries from companies about the corona crisis, whether one should not take special training to deal with the particularities of the current situation. Therefore, there is now a module that focuses on the security issues that arise in the home office or on the go. You shouldn’t expect in-depth pro tips here. It’s more about making the basic issues clear to everyone.
Leave the laptop in the car? Not a good idea. What to do if the good piece is lost? Contact the company IT immediately. As a rule, this can delete the company data remotely. And please don’t just read emails over the wifi on the train – always set up a VPN first, a secure connection to the company’s mail servers. Three questions like these, each with three answer options, in front of this a short video that explains the problems – a learning task is completed quickly, the progress is saved automatically. The companies do not have to install anything, everything runs in the G Data cloud. This also has the advantage that updates can be incorporated quickly and are immediately available to all participants.
In between, the knowledge of the employees is checked
A total of 36 courses are available, including those for system administrators. The courses are usually spread over two years. Users will receive an email when a new course is available and can then complete it within a certain period of time. Anyone who fails to do this will be reminded again. The basic knowledge, which is asked at the beginning of the course program, should be queried twice while the training is running, advises Nikolas Schran: “This is how you get numbers about how knowledge has improved.”
With its offering, G Data appeals to a broad target group that goes beyond those that the company reaches with its products such as antivirus software. From the dental practice to medium-sized companies to corporations, everything is included. Some companies also offer the training under their own name, such as a Swiss consulting company. The annual fee per participant is billed, with more participants it is cheaper. Approximately three to four euros per month and employee can be expected.