Security Awareness Training
Note for New Employees: Training enrollment is updated weekly. You will receive an email when training is available. If your start date was more than a week ago and you have not received a training notification email, please contact umtech@memphis.edu.
Access Security Awareness Training
Be sure to click the "Complete Training" button on the final screen of the training module to receive credit for completion.
Did you know that around 90% of all data breaches involve some sort of human error?
Hackers know that it requires a lot of technical skill to get past a firewall into a server when it's so much easier to just trick someone into giving up a password or clicking on a malicious link in an email. You may be surprised to learn that employees are considered the weakest link in any organization's security defense.
Therefore, all UofM employees and emeritus faculty with active accounts are required to complete Security Awareness Training annually. This training gives users the tools and skills necessary to recognize common attack methods help protect our systems and data. Additionally, these principles can be applied to your personal digital life to help keep your personal data safe.
Training is provided by KnowBe4. Training takes approximately 30 minutes to complete for new hires and those who did not complete training during the previous training cycle. For all others, training takes approximately 15 minutes. Required trainees should receive email notifications and reminders during the training period, as well as a confirmation email upon completion. If you have received a notification email, training is required.
Training Instructions:
To begin training, click the "Access Security Awareness" button above. If you are
signed in to your UofM account, you will see the KnowBe4 dashboard. Otherwise, you
will be taken to the UofM Single Sign-On page (sso.memphis.edu) to log in with
your UUID and password.
Once signed in, you will see your training dashboard, which contains your required
trainings. Click the course title, then click the "Start" button to begin. For video
training modules, use the arrow buttons at the bottom of the new window to navigate
to the "Next" and "Previous" sections. The button with three lines at the top left
opens the course navigation and options menu. If you need to pause your training,
you can exit the window and resume training later without losing your progress. Be
sure to click the "Complete Training" button on the final screen.
For policy acknowledgements, click the "Start" button to open the relevant webpage.
After reviewing the provided information, return to KnowBe4 and click the corresponding
acknowledgement button.
After you complete all training items, you will receive a confirmation email within
one hour.
If you have any questions about training or issues accessing KnowBe4, contact umtech@memphis.edu.
Frequently Asked Questions (FAQ)
What is my username and password to log in to KnowBe4?
You will log in to KnowBe4 via the familiar UofM SSO login page using your UUID and
password. If you are redirected to a KnowBe4 login page or experience any other issues,
please contact securitytraining@memphis.edu.
What is the purpose of the training?
It is essential that users be equipped with the knowledge and skills that will help
protect the University in this digital age. As a university, we are concerned with
protecting all our assets, including electronic assets. It is the hope that this training
will increase employee awareness and security knowledge to help protect both UofM’s
and (possibly) each person’s personal assets.
Why was KnowBe4’s training selected?
KnowBe4 is a market leader in information security training and is ranked each year
by Gartner as one of the best training platforms. KnowBe4 training provides up-to-date
knowledge and useful techniques in today’s ever-changing world. KnowBe4 produces several
new or updated training modules each year as well as when significant events occur.
Why annual training?
Both technology and threats to technology change constantly. To ensure our users are
kept informed and aware of the latest changes, and to meet regulatory requirements,
UofM requires this training annually during the month of October, or within 30 days
for those who have not completed training within a year.
What if I receive an email that looks suspicious?
If you receive an email that looks suspicious, review the content for signs of a phishing attempt. This includes misspellings, immediately required actions, suspicious/incorrect links,
etc. If you have any questions, report the email and the IT Security team will help
review it. Each UofM email account is equipped with a Phish Alert button to allow the reporting of a potential phishing attempt. Finally, you can forward
the email to abuse@memphis.edu and the IT Security team will help evaluate the email and provide instructions for
next steps if needed.
Who manages the information security training program at the UofM?
This program is designed to be an awareness program for all users of the University.
The IT Security Team (IT Sec) manages the day-to-day functionality as well as the
implementation of the program.
Who must take the training?
Select users including, but not limited to, university administration; faculty (including
full-time, part-time, adjunct, and emeritus); full-time, part-time, and temporary
staff; and student employees must complete the security awareness training at least
annually via this program.
Where can I find more information regarding this training or other security topics?
For more information regarding security issues, training, concerns, or questions,
please contact IT Security via email at itsec@memphis.edu, or visit the IT Security team webpage at any time.
Virtual Security Presentations
IT Security also offers virtual security awareness sessions via Microsoft Teams on a variety of topics by request. Contact securitytraining@memphis.edu to request a session and let us know what topics you're interested in. Our mission is to help you work more securely!
Note: Virtual security presentations do not replace required annual training.