Digital Security Training In The Aftermath Of The NSA Leaks And Edward Snowden
You probably heard all about the NSA digital file leaks and Edward Snowden. Regardless of your personal opinion of Mr. Snowden, it does shed light on a very important problem in many companies. The protection of sensitive business information and daily operations requires hyper-vigilance from all of your employees who have access, and even from those that do not. Here is how you can stress the importance of security during your company's digital security training sessions.
Company Integrity and Personal Integrity Rely on Each Other
In order for a company to operate and compete with similar organizations and businesses, company secrets have to remain secret. For example, if you work for an international cola company that has a secret recipe for its namesake drink, you are required to keep what you know about that recipe a secret. If you release what you know to the world or to your best friend on social media, there is still a high probability that the sensitive information will end up in the hands of your company's competition. The competition can choose to reproduce the recipe and sell it, thereby closing out the competition between companies. Since you leaked the sensitive information, you will be fired and will not likely be hired by any other company any time soon, because you cannot be trusted.
Emphasizing the Imminent Danger
Digital security training teaches a lot about the potential hazards of hackers and information sellers. Usually the dangers of ignoring one's digital security training session are implied, but there is nothing against emphasizing and stressing the importance to maintain secrecy. The trouble that some people find themselves in is deciding whether the sensitive information they are privy to should be exposed or remain secret. Whistleblowers, despite the negative moniker, are good, but the potential for harm to others should not exceed the good intentions of the whistleblower. You can help your employees differentiate between the two while they are still in training.
Knowing and Understanding the Personal Consequences
Another thing you need to teach and stress to all of your employees as they go through the security training is that there are heavy and unpleasant consequences for their actions. Snowden is an extreme case, but he not only lost his job, he lost his American citizenship as well. If the breach of your digital security systems is severe enough, your employees should be aware of what that means to the offending party--fines, jail/prison time, permanent unemployment, etc. Sometimes employees go through the motions of these trainings and do not stop to consider consequences, because they do not remember what they are.