Network and data security is the responsibility of ALL district staff and network users. Information Technology (IT) staff regularly install, maintain, and update district firewalls, servers, workstation operating systems, enterprise anti-virus, and anti-malware systems. Even with all those controls in place, the human factor can derail the best network and data security plan. Statistics show that most breaches (about 90 percent) occur through phishing attacks. Phishing is the term used to describe the nefarious action of trying to obtain financial or other confidential information from Internet users, typically by sending an email that looks as if it is from a legitimate organization, but it contains a link to a fake website where the user is tricked into either giving information or, unknown to the users, installing malicious software on their computer.
The MHRIC Phishing Security Audit Service provides access to online training programs that staff may complete at their own pace. The concepts and examples will educate staff about the types of emails they may wish to delete or bring to an administrator’s attention. Staff awareness training is the most effective and most economical way to fight cyber-attacks. Through a combination of periodic email phishing tests sent to your staff, as well as online security awareness training, you can dramatically improve your defenses against a network, data, or cyber-attack. The service also provides detailed phishing participation reports, which are generated and sent to your district for review and potential follow-up.