A message from Scott Wright,
The Streetwise Security Coach, on how you can easily justify Security Awareness measurement and training in your organization...

Wouldn't it be a great advantage to have some hard data about how well your staff is protecting sensitive information in the workplace?

• Having some real metrics that clearly indicate whether or not there is a tendancy toward risky handling of sensitive information is the ideal way to justify taking decisive action.

Is it possible to measure the security awareness of staff?

• Yes, it is possible to measure different aspects of your staff's security awareness. Honey Sticks are a simple method of detecting real human actions as the basis for indicating risky habits.

Can measurement of awareness be done safely and anonymously, without relying on staff to respond to surveys?

• Yes, it is possible to measure risky human actions through a safe, "simulated" scenario that forces staff to make a security decision. Their actions tell the story, without pointing fingers at individuals.

The Honey Stick method of measuring security awareness gives you a live-action picture of how people handle risky situations - but in a controlled environment.

Here's how a Honey Stick test registers risky staff activity...

When a device is inserted into a computer connected to the Internet, and a file on the device is opened (i.e. double-clicked), a log entry is written at a webserver. The Device ID and time are recorded, and are reported back to you. No private information is collected, and no special programs are installed or run on the user's computer.

For information on how you could run your own Honey Stick Test, please contact me at:

scott@streetwise-security-zone.com

or call

613-693-0997

Scott Wright
The Streetwise Security Coach

For other useful tips and resources on security awareness, join the Streetwise Security Zone now!