1-866-245-5224 info@globallearningsystems.com
Wed, August 23, 2017 Twitter LinkedIn

Compliance Training Blog

Security is everyone's responsibility

Key Elements in a Custom eLearning Program

How to Quickly and Effectively Educate your Workforce

Whether your goal is to educate the sales team, meet compliance, product knowledge, improve performance or enhance the human capital of your organization, custom eLearning can provide you with an effective channel to educate your workforce.

To be an effective learning organization, however, you need the culture and tools for continuous learning. In fact, in the learning industry research group Bersin & Associates’ The Corporate Learning Factbook® 2012, recognition of the need for “Continual Reinforcement” of learning was one of the key findings.

Look for the following items when starting your program:

Quick Development: You want a tool that allows you to get your content to market quickly. Don’t waste unnecessary time with a complex tool that is not user friendly and is hard to navigate. Team internal staff with professional instructional designers to quickly develop the training.

Current Content: Look for a solutions that provides you with the tools needed to quickly make changes to articles or videos as needed. You need to make sure your training remains current, and you don’t want to have a solution that takes weeks to make a few edits.

Accessibility: With custom eLearning, you want to find a solution that is fully hosted and can be accessed from anywhere, any time. Your workforce needs to have access to training 24/7.

Modular Design: With a modular design, your learners will be able to access the topic they need without having to run through the entire course. For certain compliance courses, you may not want the modular design, but for most custom learning, this should be an option.

Unifying your Content: You want a solution that will unify your existing and new content into a consistent cohesive curriculum for your organization.

Localization options: If you are a global company, be sure to provide training that is translated and localized to your various populations.

I think this list is a good start when looking for custom eLearning solutions. We offer these services and more for our clients, so if you’d be interested in our services you can always contact us here.

Additionally, to see our methodology for our custom eLearning solutions fill out the form below:


New Poll shows Shoppers Concerned about Information Security, but who is Responsible?

Following the recent Target breach, when polled, American shoppers say they are very concerned about the safety of their personally identifiable information but, according to the new Associated Press–GfK Poll, they are not all taking proper precautions to protect their data.

Key Findings from the survey:

Shopper Concerns

  • The survey found that nearly 50 percent of those polled are extremely concerned about their personal data when shopping in stores since the breach
  • 58 percent say they have deep worries when spending online
  • 62 percent are very concerned when they buy on their mobile phones

Shopper Safety Precautions (or lack thereof). Who's Responsible?

  • 41 percent have checked their credit reports
  • Less than 41 percent have changed their online password at retailers’ websites, requested new credit or debit card numbers from their bank or signed up for a credit monitoring service
  • Just 37 percent say consumers bear most of the responsibility for keeping their data safe, while 88 percent place the burden on the retailers who are collecting it
  • Six in 10 say the banks that provide credit or debit cards or the credit bureaus should bear most of the responsibility

What do these findings tell us?

Well, they shed light on two areas: company responsibility and shopper responsibility. Both parties have a responsibility to keep information secure, yet shoppers want to rely on the retailers or credit card companies.

It is important to understand we are all responsible for our security. That means the retailer and the shopper both have roles to play in security. Here are some key tips for each of these groups:

Some tips for Retailers

  • Request payment card authorization.
  • Check payment card security features (expiration date, appearance of Card Validation Code, and the appearance of the magnetic stripe).
  • Verify the account number. Depending on your system, you may be able to verify the account by comparing the card number to the magnetic stripe number that appears on your POS terminal or by entering the last four digits of the card number into the terminal, then watching for an alert.
  • Verify the customer’s identity. Check the signature on the receipt to the signature on the card. Ask for government identification.
  • Abide by PCI Standards and provide PCI training to your staff.

Some tips for Shoppers

  • Change your PIN frequently, and have a completely different PIN for every card.
  • Have different security questions and answers for your various cards.
  • Create and maintain different passwords for all online banking, and change your passwords frequently.
  • Check your credit report often to be sure there is not any unauthorized spending.
  • Review your purchases thoroughly via your banking statement to ensure there are no fraudulent charges.
  • Stay updated on recent breaches and security best practices.

In conclusion, it is important for all parties to follow best practices to avoid breaches, and it is very important that when fraud does take place shoppers change all passwords and security information immediately..

The AP-GfK Poll was conducted Jan. 17 through Tuesday and involved interviews with 1,060 adults. The survey has a margin of sampling error of plus or minus 3.9 percentage points.


Beware: Recent Malware Disguised as Customer Complaints

Security Awareness Alert: Do you know what CryptoLocker is? It’s a recent malware threat that attacks your organization in the form of a “customer complaint” or similar attachments.

The FBI recently warned of a file encrypting Ransomware called CryptoLocker. In this attack, organizations receive emails with attachments labeled as “customer complaints.”  The attachment opens as a window and is a malware downloader, downloading the CryptoLocker malware.

According to the FBI’s statement:

“The verbiage in the window states that important files have been encrypted using a unique public key generated for the computer. To decrypt the files, you need to obtain the private key. A copy of the private key is located on a remote server that will destroy the key after the specified time shown in the window. The attackers demand a ransom of $300 to be paid in order to decrypt the files.”

If this happens to you, what should you do? Do not click any of the links to pay a ransom or decrypt the files. You need to contact your security department immediately, and they will have to scrub your hard drive and restore your files from a back-up. They can direct you to a better approach if possible.

How do you avoid this? The best way to avoid this attack is to stay aware of such tactics and look out for them.

  • Do not download attachments unless you are 100 percent sure the email was intended for you and you were already aware that specific sender would be sending you an attachment.
  • If you receive an email with an attachment you weren’t expecting, even if you know the sender can be trusted, verify they intended to send you the attachment and it is secure.
  • Detect fraudulent emails by looking closely at subject lines and the sender. Look for unfamiliar names, misspellings, general mailing lists that you didn’t sign up for, and urgent but out-of-place calls to action.

For more information on staying safe and security awareness training for your organization contact us here.


New Year?s Resolutions: Start 2014 with a more Secure Organization

2013 brought many security breaches, but start the year off with a more secure organization

Security breaches reached record highs in 2013, and a recent UK survey done by the Department for Business Innovation & Skills shows 42 percent of large organizations don’t even provide ongoing security awareness training to their staff. The amount of breaches is alarming and should urge you to provide ongoing security awareness training for your organization, no excuses. First, understand the below statistics and second, take this knowledge and start 2014 with a more secure organization to prevent becoming the statistic.

Here are some other alarming key findings from the survey:

  • 93 percent of large organisations had a security breach last year
  • 87 percent of small businesses had a security breach in the last year (up from 76% a year ago)
  • 36 percent of the worst security breaches in the year were caused by inadvertent human error (and a further 10% by deliberate misuse of systems by staff)
  • 57 percent of small businesses suffered staff-related security breaches in the last year (up from 45% a year ago)

What does this mean for you?

Both large and small organizations are vulnerable to security breaches, and human error is a main cause. Take seriously these threats and provide ongoing awareness campaigns in your organization that promote a security minded culture. Security is everyone’s responsibility (not just your CISO or IT Security Manager but everyone in the company).

What type of program should you look for?
You need a program that highlights individual responsibility, as your organization’s security depends on all employees’ safety habits. Look for a security awareness program that is engaging, interactive and focuses on key topics, threats and vulnerabilities that the workforce is facing.

We suggest having a complete awareness package that includes posters, newsletters, email templates (with best practices, recent scam alerts), focused & short quick tip videos, refresher courses, complete eLearning security awareness courses (with certificates of completion) and simulated interaction that tests learners on their security knowledge and practices. Ongoing follow-up, reminders and messages from company leadership continue to highlight the importance of security within the company.

What topics should be covered in an awareness program?
Topics should include at least the following: phishing threats, social media security, mobile security, internet safety, email best practices, password security tips, physical security, identity theft, and more.

For more information on training options and courses, check out Global Learning System’s eLearning library of awareness courses.

award Winner Two Years In A rowaward award award  

Award-winning Training for Powerful Results

Request a Demo