1 / 34

User Awareness Information Forum

User Awareness Information Forum. Theresa A. Masse, State Chief Information Security Officer Department of Administrative Services Enterprise Security Office. Opening Remarks. Kris Kautz, Interim Director Department of Administrative Services. Agenda. Welcome and introductions

ailis
Download Presentation

User Awareness Information Forum

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. User AwarenessInformation Forum Theresa A. Masse, State Chief Information Security Officer Department of Administrative ServicesEnterprise Security Office

  2. Opening Remarks Kris Kautz, Interim Director Department of Administrative Services

  3. Agenda • Welcome and introductions • Employee Security Policy • Security Awareness Resources • Recommended Level of Security Awareness modules • Enterprise Learning Management System • Information Security Resource Center • Q&A • Demonstration of tools

  4. Employee Security Policy

  5. Employee Security Policy • Recommended Level of Security Awareness (RLSA) modules are designed to meet the requirements of the policy

  6. Security Awareness Resources Eva Doud, Business Analyst Department of Administrative Services Enterprise Security Office

  7. RLSA • Background • Assessment conducted in 2006 • Project to research, plan, and implement a core program, targeted at numerous audiences, available to multiple agencies • Recommended minimum level of information security knowledge for a typical state employee with access to information technology or sensitive information

  8. RLSA • Background (continued) • Designed to be delivered electronically (over the Web) to reach the largest audience • Interagency work group oversaw the development of the course material and look-and-feel • Judicial, Administrative Services, Consumer and Business Services, Treasury, Lottery, Secretary of State, and Justice

  9. RLSA • Design • Cover at least 80% of state staff • Not meant to cover agency-specific business requirements, policies or regulations • 30 minute “seat time” per module • Interactive • Benefit users in both work and home situations

  10. RLSA • Modules • Six modules created in initial suite • Can be customized to meet agency-specific requirements using a readily-available course authoring tool • One “refresher” course per year

  11. RLSA - Modules • IS101 – An Introduction to Information Security • What is information security • Basic principles • Policies, standards and procedures

  12. RLSA - Modules • IS201 – Securing Your Computer – Part 1 • Computer viruses • Spyware • IS202 – Securing Your Computer – Part 2 • Choosing strong passwords • Protecting your passwords • Safe use of the Internet • Physically secure your computer

  13. RLSA - Modules • IS203 – Using E-Mail • Introduction • E-mail content and etiquette • Keeping your e-mail private • E-mail from other people

  14. RLSA - Modules • IS204 – Dealing with Documents • Basic document security • Requests for information • Retaining documents • Destroying documents

  15. RLSA Modules • IS205 – When You’re Out of the Office • Introduction • General guidelines • Mobile devices • Laptop computers • USB flash drives • Cell phones

  16. RLSA - Demonstration An Introduction to Information Security We handle a great deal of sensitive information every day: customers' account numbers, Social Security numbers and credit card details; as well as internal information such as health records, payroll data, network information, ... Information security is critical to business at the State of Oregon. In addition, learning about information security will also help you to keep yourself safe at home as identity theft and fraud become increasingly common.

  17. Implementation • Agencies have access to source files, and to versions compiled in SCORM, LM-Light and HTML formats • Can customize content using a readily-available course authoring tool • Can be integrated into learning management systems, which will then track student completion and generate reports • Courses also can be run on an intranet with student completion tracked manually

  18. RLSA – Modifying the Content Dr. Steve Addison Cosaint, Inc. Mount Vernon, WA 18

  19. Modifying the Content 19 • Our aim is to use one common set of source files to generate courses in multiple formats: • SCORM • LM-Light • HTML Source files stored in the RLSA Warehouse at https://or.cosaint.net

  20. Modifying the Content We achieve this by using a commercial e-learning authoring tool called Lectora Lectora is an easy-to-use tool that allows you to develop/change content without a detailed knowledge of HTML, JavaScript, etc. Can handle static and dynamic content Can develop/modify tests and quizzes 20

  21. Lectora Course Authoring Tool 21 More information at http://www.trivantis.com

  22. Modifying the Content To customize a module, you must have access to a copy of Lectora (or a consultant with Lectora) Then: Download the source files from the RLSA warehouse (contact Eva Doud, DAS ESO for logon information) Modify as required Compile into SCORM, LM-Light or HTML format Upload to an LMS (SCORM & LM-Light) or to an intranet (HTML) 22

  23. eLMS Initiative Theme Grenz, Project Manager Department of Administrative Services Human Resources Services

  24. eLMS Initiative • Business Case • Deliver the “right” training at the “right” time • Leverage technology to help identify learning needs at the individual and organizational level and deliver training which is directly tied to skill gaps • Support Workforce Development efforts • Position learning as a critical component of an organization’s ability to respond to changing workforce demands

  25. eLMS - What’s in it for me? • As a student: • Access a robust on-line course catalog (eLearning, classroom) • Register/track course enrollments/completions • Receive real-time class notifications (registration confirmation, and reminder emails) • Transcript tracking

  26. eLMS - What’s in it for me? • As a manager: • Track key workforce metrics in real-time • Manage the entire performance management process (IDP/360 reviews) • Efficiently track training expenditures across the entire agency

  27. RLSA – Accessing the Modules • Courses are available today on the oregon.gov intranet: • https://intranet.egov.oregon.gov/egov/myportal • Select the “State” tab

  28. RLSA – Accessing the Modules

  29. Other Resources • Information Security Resource Center • Public-facing Web site • Links to many resources on a variety of information security topics • Can be used to supplement training and awareness efforts • http://secureinfo.oregon.gov

  30. Information Security Resource Ctr.

  31. Questions?

  32. For further information … • Eva Doud, DAS Enterprise Security Office(503) 378-3071eva.doud@state.or.us • Theme Grenz, DAS HRSD(503) 378-6213theme.grenz@state.or.us • Theresa Masse, DAS Enterprise Security Office(503) 378-4896theresa.a.masse@state.or.us

  33. Next Forum … Acceptable Use Policy Overview Panel Presentation March 31, 2008

  34. Tools Demonstration

More Related