Skip to main content
Sign in

Information Security Training for Employees

  • Updated
  • This article is maintained by the Office of Information Technology
Applies to: SANS Securing the Human Training
Platform: Web Browsers
Affiliation: Employees

The Office of Information Technology provides information technology security training to employees of Western Michigan University. This training is provided by means of a presentation at new employee orientation as well as enrollment in the online SANS Securing The Human training program that is offered to all units of the University for all faculty, staff, and temporary employees. New employees are enrolled in the program as part of their orientation. Other units are enrolled at the request of their IT support person, or other persons of authority assuming the responsibility for their unit or department. 

Note: New employees are enrolled in the program in the first week of the month following their orientation sessions with Human Resources.

SANS Securing The Human Online Education

The training consists of a series of video modules, each having a quiz at the end. Some modules will also have additional information attached to them and may contain links to additional WMU-specific content. You may start and stop the training as often as necessary. The total time to complete this training is less than two hours. If you have any questions about this training program, please contact the person whose name appeared on your training assigned email.

An employee who has enrolled in this training program will log in at https://wmich.securingthehuman.org using their Bronco NetID and password to complete the training which may be started and stopped as often as necessary. 

Account requests and responsibilities

Unit IT support staff or other persons responsible for other unit or departmental staff may request unit training. Please read the instructions below before requesting accounts:

  • The requester will be deemed the administrator of the requested training accounts.
  • Submitting a request will result in a listing of names* for the unit(s) you have requested. This list must be reviewed by the requester and names added or removed as necessary. This list is then returned to the Office of Information Technology for processing. 
    * If the unit you are requesting training for is a subset of a larger department, you may be asked to provide a list of the names for those you are requesting training.
  • When the edited list is returned, OIT will create the requester's admin account, create accounts for all names on the list, and assign the required 22 modules.
  • The system will generate email notifications that training has been requested and assigned to the individual's accounts. These emails will appear to be from the requester (admin).
  • The requester/admin will be the go-to person for the individuals who have been assigned training. Please do not refer them to OIT.
  • The requester/admin will be responsible for ensuring that their account holders complete the training and running reports for their records.
  • It is requested that training be completed within 60 days.
  • Reporting features are available for requester/admins to keep up with their account holders' progress (see below).
  • Please read the information above before you Request accounts 

Reports

You may keep up with the status of your members' training by running reports. The Summary Report gives a summary of who was assigned, who has not started, who is in progress and who has completed. It also allows one opportunity to send a system-generated reminder notice to those who have not started and those who are in progress. Since we request this training be completed within 60 days, we suggest a reminder be sent at 30 days.

  1. In the Reports section, select Summary Reports.
  2. Click Run Report.
  3. Click the numbers shown for further detail.

The Breakaway report gives a listing of all accounts and shows the assigned date, started date, and completed date (if completed). This is a good report to run at the end of the program year prior to accounts being purge (wiped out) to begin the next year. You will receive an email from OIT prior to the purge date so you will know when you must run this report. OIT does not keep a record of your accounts so it is your responsibility to know who within your unit did or did not complete the training program, in case you want training re-assigned to those who did not complete it in the following year.

  • In the Reports section, select Breakaway Reports
  • Click Run Report
  • Export report to save it for your records

Required Modules

  • You are the Shield
  • Social Engineering
  • Email and Messaging
  • Browsing
  • Social Networks
  • Mobile Device Security
  • Passwords
  • Encryption
  • Data Security and Data Destruction
  • Working Remotely
  • Protecting Your Personal Computer
  • Hacked
  • PCI Dss
  • FERPA
  • HIPAA
  • Gramm-Leach-Bliley Act (GLBA)
  • Red Flag Rules
  • Ethics
  • Cloud
  • Data Retention
  • Federal Personally Identifiable Information
  • International Travel
  • General Data Protection Regulation (EU GDPR)

Need help?

The Technology Help Desk is available to help you with this topic.

Article feedback

Submit Feedback

Related articles