Protecting GRC Is Our Shared Responsibility
COME ON IN, PLEASE USE THE TECHNOLOGY
The GRC Information Technology (IT) department protects GRC data and personal information from internal and external threats. The college has invested in state-of-the-art intrusion detection software and systems to protect its network and data and employ information security staff to monitor the GRC information systems environment 24/7. Still, the best defense against a security or data breach is an informed and involved community. “Information Security Begins With You!”
IT’S A FACT
The number one reason for compromised accounts at GRC is when faculty, staff, or a student opens and responds to a phishing email.
Phishing is when someone tries, via email, text, or phone call, to get your personal information by pretending to be a trustworthy company, government entity, or a GRC entity.
Remember: No one at GRC will ever ask you for your GRC password or your Social Security Number!
If you are in doubt about an email or a phone call you to receive at work, check with the GRC helpdesk.
In order to assist you with detecting and avoiding scams like phishing, GRC provides annual security awareness training for all employees and students.
- Employee security awareness training is provided via KnowBe4 and can be accessed at: https://training.knowbe4.com/ui/login
- Student security awareness training is provided via Microsoft and can be accessed at: https://security.microsoft.com/trainingassignments
IT’S REQUIRED FOR ALL EMPLOYEES
Multiple regulations and state policies require that all GRC employees (staff and faculty) participate in annual security awareness training. Failure to do so can cause GRC to lose its accreditation and be prohibited from disbursing Federal Financial Aid. While it is not currently required for students to complete the training, it is highly encouraged.
- Who is required to take the annual security awareness training?
- All employees are required to take the security awareness training annually.
- Students are highly encouraged to take the security awareness training. Training will be assigned to all students at the beginning of each term.
- When must the training be completed by?
- All faculty and staff must complete the annual training within one month of it being assigned to them
- How will new hires take the training?
- New hires will automatically be enrolled in the security awareness training when their GRC account is created. They are given one month to complete the training.
- How can we monitor completion for our employees?
- Deans and supervisors will receive email alerts regarding which of their faculty or staff have not completed their security awareness training.
- Deans and supervisors are strongly encouraged to monitor and track the completion of the security awareness training by their faculty and staff to make sure that everyone completes it by the required date.