Security Awareness Training

Access Security Awareness Training

Note for New Employees: Training enrollment is updated weekly. You will receive an email when training is available. If your start date was more than a week ago and you have not received a training notification email, please contact securitytraining@memphis.edu.

Be sure to click the "Complete Training" button on the final screen of the training module to receive credit for completion.

Did you know that around 90% of all data breaches involve some sort of human error?

Hackers know that it requires a lot of technical skill to get past a firewall into a server when it's so much easier to just trick someone into giving up a password or clicking on a malicious link in an email. You may be surprised to learn that employees are considered the weakest link in any organization's security defense.

Therefore, all UofM employees and emeritus faculty with active accounts are required to complete Security Awareness Training annually. This training gives users the tools and skills necessary to recognize common attack methods help protect our systems and data. Additionally, these principles can be applied to your personal digital life to help keep your personal data safe.

Training is provided by KnowBe4. Training takes approximately 30 minutes to complete for new hires and those who did not complete training during the previous training cycle. For all others, training takes approximately 15 minutes. Required trainees should receive email notifications and reminders during the training period, as well as a confirmation email upon completion. If you have received a notification email, training is required.

If you have any questions about training or issues accessing KnowBe4, contact securitytraining@memphis.edu.


Frequently Asked Questions (FAQ) 

What is my username and password to log in to KnowBe4?
You will log in to KnowBe4 via the familiar UofM SSO login page using your UUID and password. If you are redirected to a KnowBe4 login page or experience any other issues, please contact securitytraining@memphis.edu.

What is the purpose of the training?
It is essential that users be equipped with the knowledge and skills that will help protect the University in this digital age. As a university, we are concerned with protecting all our assets, including electronic assets. It is the hope that this training will increase employee awareness and security knowledge to help protect both UofM’s and (possibly) each person’s personal assets. 

Why was KnowBe4’s training selected? 
KnowBe4 is a market leader in information security training and is ranked each year by Gartner as one of the best training platforms. KnowBe4 training provides up-to-date knowledge and useful techniques in today’s ever-changing world. KnowBe4 produces several new or updated training modules each year as well as when significant events occur.

Why annual training? 
Both technology and threats to technology change constantly. To ensure our users are kept informed and aware of the latest changes, and to meet regulatory requirements, UofM requires this training annually. The annual training period is from the first of October through the end of February.

What if I receive an email that looks suspicious? 
If you receive an email that looks suspicious, review the content for signs of a phishing attempt. This includes misspellings, immediately required actions, suspicious/incorrect links, etc. If you have any questions, report the email and the IT Security team will help review it. Each UofM email account is equipped with a Phish Alert button to allow the reporting of a potential phishing attempt. Finally, you can forward the email to abuse@memphis.edu and the IT Security team will help evaluate the email and provide instructions for next steps if needed.

Who manages the information security training program at the UofM? 
This program is designed to be an awareness program for all users of the University. The IT Security Team (IT Sec) manages the day-to-day functionality as well as the implementation of the program. 

Who must take the training? 
Select users including, but not limited to, university administration; faculty (including full-time, part-time, adjunct, and emeritus); full-time, part-time, and temporary staff; and student employees must complete the security awareness training at least annually via this program. 

Where can I find more information regarding this training or other security topics? 
For more information regarding security issues, training, concerns, or questions, please contact IT Security via email at itsec@memphis.edu, or visit the IT Security team webpage at any time.

Face-to-Face Training Sessions

IT Security also offers face-to-face security awareness sessions on a variety of topics to any UofM group by request. We can also do a virtual session by Zoom. At the session, we will review relevant UofM policies and answer any questions you may have. Contact securitytraining@memphis.edu to request a session and let us know what topics you're interested in. Our mission is to help you work more securely!

Questions?  Email securitytraining@memphis.edu.