This document outlines Jubilee's IT security policies and awareness training for 2018. It discusses the Clean Desk Policy, which requires securing sensitive information and locking or logging off computers when unattended. It also outlines social engineering threats like phishing scams and ransomware infections. The training aims to educate employees on recognizing cyber threats and improving security culture. Responsibilities are defined for both employees and managers to ensure policy compliance.

1. THEME:
CYBERSECURITY IS EVERYONE’S RESPONSIBILITY
IT SECURITY POLICIES AND
AWARENESS TRAINING 2018

2. 2ExcellencePassion TeamworkIntegrity
OBJECTIVES
 Get to know Jubilee’s IT Security Policies.
 Empower users with ability to recognize cyber threats
to information systems.
 Improve IT Security Awareness Culture in the
organization.

3. 3ExcellencePassion TeamworkIntegrity

4. 4ExcellencePassion TeamworkIntegrity
PART I- IT SECURITY POLICIES

5. 5ExcellencePassion TeamworkIntegrity
CLEAN DESK POLICY
 It’s About Security: Yes, a clean desk policy makes the office look neat and tidy, but
there’s a much more important reason for enforcing it: it’s a crucial step in
protecting our organization from fraud, security breaches, and information theft. It
also increase employee’s awareness about protecting sensitive information.
CDP TIPS
 Ensure that all sensitive/confidential information in hardcopy or electronic form is
secure in their work area at the end of the day and when you are expected to be
gone for an extended period. When no longer needed, it should be shredded
 Computer workstations must be locked when workspace is unoccupied. CTRL, ALT ,
DEL
 Laptops must be either locked with a locking cable or locked away in a drawer.
 Treat mass storage devices such as CDROM, DVD or USB drives as sensitive and
secure them in a locked drawer
 Computer workstations must be shut completely down at the end of the work day.

6. 6ExcellencePassion TeamworkIntegrity
CLEAN DESK CHALLENGE: SPOT 10 MISTAKES

7. 7ExcellencePassion TeamworkIntegrity
RESPONSIBILITIES
Employees:
 Knowing, understanding, and adhering to the Information Security Policy.
Departmental Managers/Supervisors:
 Ensure that staff under their supervision comply with the policy and other
appropriate directives.
 Communicate revisions to the Information Security Policy to employees in
their respective departments.

8. 8ExcellencePassion TeamworkIntegrity
PART II- IT SECURITY AWARENESS

9. 9ExcellencePassion TeamworkIntegrity
TOPICS
1. Social Engineering
2. E-mail Security
3. Ransomware

10. 10ExcellencePassion TeamworkIntegrity
SOCIAL ENGINEERING

11. 11ExcellencePassion TeamworkIntegrity

12. 12ExcellencePassion TeamworkIntegrity
PHISHING
 Phishing is a cybercrime in which a target or targets
are contacted by email, telephone or text message by
someone posing as a legitimate institution to lure
individuals into providing sensitive data such as
personally identifiable information, banking and
credit card details, and passwords.

13. 13ExcellencePassion TeamworkIntegrity
HOW TO SPOT A PHISHING MAIL
1. Check the
sending email
address carefully
2. Threatening or
alarming
messages.
3. They require you
to click on links
or download
attachments

14. 14ExcellencePassion TeamworkIntegrity

15. 15ExcellencePassion TeamworkIntegrity
RANSOMWARE
It’s fairly straightforward to find out if you are infected
by a ransomware virus. The symptoms are as
follows:
1. You suddenly cannot open normal files and get
errors such as the file is corrupted or has the
wrong extension.
2. An alarming message has been set to your
desktop background with instructions on how to
pay to unlock your files.
3. The program warns you that there is a
countdown until the ransom increases or you
will not be able to decrypt your files.
4. A window has opened to a ransomware
program and you cannot close it.

16. 16ExcellencePassion TeamworkIntegrity
CONCLUSION

17. 17ExcellencePassion TeamworkIntegrity
THANK YOU

18. 18ExcellencePassion TeamworkIntegrity