Learn, Do, Secure
The University is committed to protecting the confidentiality, integrity, and availability of the information relating to students and employees, and other business information and IT systems that support its operations.
One of the ways to achieve this is to provide awareness training to the University's community on information security threats and risks and ways to combat them to keep the University safe. The objective of the information security awareness training is to reduce the risk of human error which could result in data breaches and other information security incidents and to help users comply with the University's IT policies and relevant legislation.
Users include students, employees, and other members of the University community with access to its information and IT Resources.
From this page, you can access the University’s awareness training platform (KnowBe4) to complete your assigned course modules. You will also find useful resources that will educate you on how to make information security practice part of your daily work habits to keep university information safe, as well as your personal data.
The University's awareness training platform (KnowBe4) is updated periodically with new courses, quizzes, games, and other learning resources that can help you to be cyber-smart. These updates will be communicated in the targeted awareness messages and may also be available as optional training modules.
Awareness training is mandatory for employees.
All users of the University's information and ITR play an important role and have the responsibility to keep these resources secure. To properly carry out this responsibility, users should be aware of information security threats and the risks associated and follow good practices.
- Complete the Awareness Training Course.
- Read and understand the University’s IT Policies.
- Familiarize yourself with other awareness resources on the information security web pages and the KnowBe4 awareness and training platform.
- If you think your user account has been compromised, change your password as soon as possible. Report any suspected or actual information security incident as soon as possible to firstname.lastname@example.org or call (773) 442-4357.
Is the awareness training mandatory?
Yes. The course is mandatory to ensure that users of the University's information and IT Resources are equipped with the knowledge and skills to identify security threats and risks and be able to combat them.
Who should complete the training?
All employees including student employees. The course may be made available to other members of the University's community as appropriate.
How long is the training course?
The course offers various modules that can be completed within one (1) hour. You do not need to complete the course at once and you can continue on from the last activity at any time.
When should I complete the training?
There is currently no deadline but you should complete the training as soon as you have access to University IT systems or receive the course enrollment notification.
Do I have to do the training every year?
The University will provide an annual refresher course. You will be notified of the refresher course when it becomes available. However, you need to complete the main awareness training course before you can complete the annual refresher course.
How do I access the training?
You will receive an enrollment notification via email when you are added to the training database. You can access the course from the link provided in the email or go directly to Awareness Training Course and log on to complete the course.
Can I access the training from home?
Yes. The training portal is web-based and you can access it from anywhere.
Will I need to do an assessment?
Yes. Each course module has a short test that you will need to complete before the module is marked as completed.
Will I receive a certificate after completing the training?
Yes. You will receive a certificate after completing each course module that you can download or access anytime on the training portal.
I am a temporary staff. Do I need to complete the training?
All employees are required to complete the training. If you are not sure if you need to complete the training, please speak with your supervisor and contact email@example.com.
I don't use computers for work. How can I complete the training?
You can access the training from any University computer or your home computer using your NetID and password. Please contact firstname.lastname@example.org for any computer-related matters.
I need help with completing the course modules, who should I contact?
Please email email@example.com stating what you need help with.
What if I don't complete the training
The University's policy mandates training for all employees. This is because the University seeks to create and maintain a security-conscious culture within its community to keep employees, students, and the University safe, and to satisfy regulatory requirements. Failure to complete the training is noncompliance with the awareness training policy. This may result in limiting your access to University information and IT resources. In situations where University information and IT Resources are actively threatened, the CIO will act in the best interest of the University and access may be removed completely.