␡
- The Methodical Approach and the Need for a Methodology
- Firewalls, Security, and Risk Management
- How to Think About Risk Management
- Computer Security Principles
- Firewall Recommendations and Definitions
- Why Do I Need a Firewall?
- Do I Need More Than a Firewall?
- What Kinds of Firewalls Are There?
- The Myth of "Trustworthy" or "Secure" Software
- Know Your Vulnerabilities
- Creating Security Policies
- Training
- Defense in Depth
- Summary
This chapter is from the book
Training
After you have your security model and policies in place, users will need to be trained on them. This can be something as simple as, for a home firewall, explaining to your spouse, roommates, or whomever that you now have a firewall in place and how it is configured.
For larger organizations, you will need to go a little further than this. Training your users can be the difference between a security plan that works and one that fails on the first day. For instance, your plan might be thwarted via something as simple as a social engineering attack. An employee or user is convinced to give someone else access to your systems or building.