The Office of Information Technology provides information technology security training to employees of Western Michigan University. This training is provided by means of a presentation at new employee orientation as well as enrollment in the online SANS Securing The Human training program that is offered to all units of the University for all faculty, staff and temporary employees. New employees are enrolled in the program as part of their orientation*. Other units are enrolled at the request of their IT support person, or other persons of authority assuming the responsibility for their unit or department.
* New employees are enrolled in the program the first week of the month following their orientation sessions with Human Resources.
SANS Securing The Human Online Education
This program offers a series of modules comprised of short videos followed by quizzes. Some modules also link to additional WMU-specific content. An employee who has enrolled in this training program will login at https://wmich.securingthehuman.org using their Bronco NetID and password to complete the training which may be started and stopped as often as necessary.
Account requests and responsibilities
Only Unit IT support staff, or other persons responsible for other unit or departmental staff may request unit training. Please read the instructions below before requesting accounts:
- Requester will be deemed the administrator of the requested training accounts.
- Submitting a request will result in a listing of names* for the unit(s) you have requested. This list must be reviewed by the requester and names added or removed as necessary. This list is then returned to the Office of Information Technology for processing.
* If the unit you are requesting training for is a subset of a larger department, you may be asked to provide a list of the names for those you are requesting training.
- When the edited list is returned, OIT will create the requester's admin account, create accounts for all names on the list, and assign the required 22 modules.
- The system will generate email notifications that training has been requested and assigned to the individual's accounts. These emails will appear to be from the requester (admin).
- The requester/admin will be the go-to person for the individuals who have been assigned training. Please do not refer them to OIT.
- The requester/admin will be responsible for ensuring that their account holders complete the training and running reports for their records.
- It is requested that training be completed within 60 days.
- Reporting features are available for requester/admins to keep up with their account holders' progress (see below).
- Please read the information above before you Request accounts (you will be taken to the ITDirect service management system and you will be asked to log in using your Bronco NetID and password.
You may keep up with the status of your members' training by running reports. The Summary Report gives a summary of who was assigned, who has not started, who is in progress and who has completed. It also allows one opportunity to send a system-generated reminder notice to those who have not started and those who are in progress. Since we request this training be completed within 60 days, we suggest a reminder be sent at 30 days.
- In the Reports section, select Summary Reports.
- Click Run Report.
- Click the numbers shown for further detail.
The Breakaway report gives a listing of all accounts and shows assigned date, started date and completed date (if completed). This is a good report to run at the end of the program year prior to accounts being purge (wiped out) to begin the next year. You will receive an email from OIT prior to the purge date so you will know when you must run this report. OIT does not keep a record of your accounts so it is your responsibility to know who within your unit did or did not complete the training program, in case you want training re-assigned to those who did not complete it in the following year.
- In the Reports section, select Breakaway Reports
- Click Run Report
- Export report to save it for your records
- You are the Shield
- Social Engineering
- Email and Messaging
- Social Networks
- Mobile Device Security
- Data Security and Data Destruction
- Working Remotely
- Protecting Your Personal Computer
- PCI Dss
- Gramm-Leach-Bliley Act (GLBA)
- Red Flag Rules
- Data Retention
- Federal Personally Identifiable Information
- International Travel
- General Data Protection Regulation (EU GDPR)