6. Security Toolkit: Training
What, When, and How
Many offices already understand the value of training for substantive work and client services, but training practices should extend to how staff use technology. You should provide training for staff on the core applications your organization uses (e.g., Outlook, Word, Excel, your case management system). You should also provide training on using the organization’s equipment. You should also provide training on using the organization’s equipment and security awareness. In fact, funders and insurance companies now ask if you are doing this; some are even requiring it.
Security training should teach your staff how to keep your organization’s data secure and how to share data externally in a secure way. Security training can also include “phishing tests,” or tests that help staff identify suspicious emails before opening them.