Awareness Training Enhancement Notes
May 5, 2020
Criminals continue to target universities to steal valuable research data, personal information and financial resources. Many attacks target people, rather than computers. Your commitment to service and willingness to trust are seen as vulnerabilities by cyber criminals. As a member of the UT Dallas community, we need you to join the fight against cybercrime.
State-Mandated Compliance Training
The Information Security Office (ISO) will begin enhancing awareness training efforts, beginning with House Bill 3834 compliance. We are providing access to training videos developed by KnowBe4, a leading security awareness content provider approved by Texas DIR. Four modules have been assigned to you, which can be completed online from your computer, lasting approximately 1-hour. We ask that you complete the required training, linked below, by May 31, 2020. Not only is your participation in this training required for state compliance, but it prepares you to defend UT Dallas against cybercrime.
All employees received an email containing a the link to the training. If you have any questions about the legitimacy of the email you have received, refer below for a copy of the communication we have sent out:
Upon clicking the link KnowBe4 Training licensed by UT Dallas, you will be redirected to the standard UT Dallas login page. You can ensure that you are at the correct location by verifying that the address bar reads idp.utdallas.edu and that the website matches the picture below:
These are our most frequently asked awareness training questions
- I am a supervisor. How will I know if my team members completed the required training?
- This is a first year implementation based on the State of Texas new requirements under HB 3834, so please be patient as we refine our communication and tracking processes. UTD’s training content partner, KnowBe4, offers various tracking tools which help measure completion rates. Our current plan is to send follow-up communications to those people who have not completed the training by 5/31/20. After 6/1/20, we may inform supervisors of participation problems. In the meantime, communicating your support of the training to your team members will increase participation rates.
- I am an employee who will be ending my employment with UT Dallas soon, do I need to take this training?
- Employees who plan to leave UT Dallas before 6/1/20, such as student employees about to graduate, do not need to complete the training.
- I am an employee of UT SIS who recently transitioned to join the UT Dallas team. Do I need to complete the UT Dallas training?
- If you completed similar training in May 2020 while an employee of UT SIS, you do not need to take the UT Dallas training at this time. However, documentation from UT System Administration will be checked to verify your completion of their training.
- Do I need to print a certificate of completion? Who do I notify when I competed the training?
- The KnowBe4 system automatically tracks participation in training, so you don’t need to print certificates of completion or email the Information Security Office to update us on your completion. You are welcome to contact [email protected] if you wish to verify that the KnowBe4 system captured your completion status.
- Will the training videos offer accessibility options if I am unable to hear the audio?
- All of the videos can be used by persons unable to hear the audio. Closed captioning features, access to the video script, and dialogue bubbles within videos are provided. If you have additional concerns, please contact [email protected] so that we may coordinate reasonable accommodations.
- The communication of this training included an email with a link. I was told never to click links in email as a way of avoiding phishing scams.
- Cyber criminals have developed many techniques to perform their attacks against UT Dallas and you. Some of these attacks include hyperlinks to high-risk Internet destinations whereas some attacks consist of conversational dialogue by email, text, and phone. The best way to avoid falling for a scam is to gain confidence in the legitimacy of the communication and be willing to pause, analyze, and chat with a colleague when in doubt. Because of the significant number of communications and workflows dependent on links within emails, the Information Security Office does not endorse a “never click links” approach because it is unrealistic.
- Can I take this training on my mobile device?
- While we have tested the training on mobile devices, we have had users reporting issues completing the training in this manner. We’d recommend you use a macOS or Windows desktop with a standard browser like Safari or Chrome.
If you have any specific questions about the state compliance videos, please contact us at [email protected] or by visiting our contact page.