Security training when onboarding people
dz0ny opened this issue · 5 comments
Interesting read:
https://slack.com/security
https://a.slack-edge.com/4c1ae/img/security_ent/Security_White_Paper.pdf
Slack’s personnel practices apply to all members of the Slack workforce (“workers”)—regular
employees and independent contractors—who have direct access to Slack’s internal information
systems (“systems”) and / or unescorted access to Slack’s ofce
space. All workers are required to
understand and follow internal policies and standards.
Before gaining initial access to systems, all workers must agree to condentiality
terms, pass a
background screening, and attend security training. This training covers privacy and security
topics, including device security, acceptable use, preventing malware, physical security, data
privacy, account management, and incident reporting.
Any idea where we can get the training done? I'm totally +1 for having obligatory background screening and security training as the first step of onboarding, we "just" need to find out how to do outsource it well.
Heh, outsource :) I've been/will be asking around.
reciprocitylabs: half hour talk with HR and internal docs, depending on position additional training (basic 2fa, secure notes, travel safety, how to communicate security issues to team or HR)
I've noticed that we no longer have anything related to security in onboarding ticket... or is this sent as part of initial mail?
This is not sent https://intra.niteoweb.com/operations/security-policy ?
Security Policy needs a review and then has to be added to the onboarding checklist.
Reviewed and posted to handbook: https://github.com/niteoweb/handbook/blob/master/security.md
Please update as necessary.