The Office of Information Technology provides information technology security training to employees of Western Michigan University. This training is provided by means of a presentation at new employee orientation as well as enrollment in the online SANS Securing The Human training program that is offered to all units of the University for all faculty, staff and temporary employees. New employees are enrolled in the program as part of their orientation. Other units are enrolled at the request of their IT support person, or another person of authority assuming the responsibility in their department.
SANS Securing The Human Online Education
This program offers a series of modules comprised of short videos followed by quizzes. Some modules also link to additional WMU-specific content. An employee who is enrolled in this training program will login at https://wmich.securingthehuman.org using their Bronco NetID and password to complete the training which may be started and stopped as often as necessary.
Account requests and responsibilities
Only Unit IT support staff, or a person deemed by your unit to be responsible for your unit's security training may request unit training. Please read the instructions below before requesting accounts:
- Requester will be deemed the administrator of your unit's training accounts.
- Submitting a request will result in a listing of names for the unit(s) you have requested. This list must be reviewed by the requester and names added or removed as necessary. This list is then returned to the Office of Information Technology for processing.
- When the edited list is returned, OIT will create the requester's admin account, create accounts for all names on the list, and assign the required 22 modules.
- The system will generate email notifications that training has been requested and assigned to the individual's accounts. These emails will appear to be from the requester (admin).
- The requester/admin will be the go-to person for the individuals who have been assigned training. Please do not refer them to OIT.
- The requester/admin will be responsible for ensuring that their account holders complete the training and running reports for their records.
- It is requested that training be completed within 60 days.
- Reporting features are available for requester/admins to keep up with their account holders' progress (see below).
- Please read the information above before you Request accounts (you will be taken to the IT Direct service management system and you will be asked to login using your Bronco NetID and password.
You may keep up with the status of your members' training by running reports. The Summary Report gives a summary of who was assigned, who has not started, who is in progress and who has completed. It also allows one opportunity to send a system-generated reminder notice to those who have not started and those who are in progress. Since we request this training be completed within 60 days, we suggest a reminder be sent at 30 days.
- In the Reports section, select Summary Reports.
- Click Run Report.
- Click the numbers shown for further detail.
The Breakaway report gives a listing of all accounts and shows assigned date, started date and completed date (if completed). This is a good report to run at the end of the program year prior to accounts being purge (wiped out) to begin the next year. You will receive an email from OIT prior to the purge date so you will know when you must run this report. OIT does not keep a record of your accounts so it is your responsibility to know who within your unit did or did not complete the training program, in case you want training re-assigned to those who did not complete it in the following year.
- In the Reports section, select Breakaway Reports
- Click Run Report
- Export report to save it for your records
If you have any questions about the SANS online training, please contact Nancy Kroes at (269) 387-5017. Questions about using IT Direct to submit your request should be referred to the Technology Help Desk at (269) 387-4357, option 1.
- You are the Shield
- Social Engineering
- Email and Messaging
- Social Networks
- Mobile Device Security
- Data Security and Data Destruction
- Working Remotely
- Protecting Your Personal Computer
- PCI Dss
- Gramm-Leach-Bliley Act (GLBA)
- Red Flag Rules
- Data Retention
- Federal Personally Identifiable Information
- International Travel