What is the it factor

Not that there is a lack of warnings: Almost every company that deals with security on the Internet has already drawn attention to the fact that IT users should be particularly careful in times of the Corona crisis. The employees of many companies work decentrally in their home office, sometimes with their own computers. It is important to secure the technology as well as possible, this includes, for example, that all security updates are installed on the devices used. But another factor is at least as important: people.

The cynics among system administrators have long spoken of the fact that the greatest risk to IT security is 50 centimeters in front of the screen. Yet, in a surprising number of companies, little or nothing is being done to raise awareness of what could happen and what to pay special attention to. The Bochum IT security company G Data has also recognized this gap. Actually, it also comes from the technical protection, for example supplies antivirus software. But for some time now, it has also been offering online courses that are designed to increase employee safety awareness.

News about the coronavirus - twice a day by email or push message

All reports on the current situation in Germany and worldwide as well as the most important news of the day - twice a day with SZ Espresso. Our Newsletter brings you up to date in the morning and in the evening. Free registration: sz.de/espresso. In our News app (download here) you can also subscribe to the espresso or breaking news as a push message.

The business psychologist Nikolas Schran is responsible for this at G Data. "We are being forced to digitize," says Schran, referring to the often hasty introduction of working from home due to the corona pandemic. "It would have been better if we had prepared better for it." Prepare better, but that applies not only to the technology, but also to how people use it.

Some attacks could not be fended off with purely technical means alone. "I cannot absolve myself of them either," he admits. In fact, it is no longer as easy as it was before for malicious hackers to use loopholes in the Windows operating system for attacks. Therefore, the criminals are trying more and more to get the users to overcome the security barriers built into Windows. For example, they use emails that promise bargains or that pretend that their own Amazon account has been blocked. But often that is not even necessary. For example, if users do not lock their computer when they leave their workplace. A visitor to the open-plan office can quickly notice a competitor's offer.

There is also a training module for working in the home office

Scenes like this are covered in the online courses. You always start by gathering the basic knowledge of the participants. And, as Schran emphasizes, at the respective workplace. Because when learning, it always depends on the context, what is important for work, that's why it is best to learn there. In the beginning, nobody at G-Data knew how to set up courses like this; The company therefore brought in the necessary expert knowledge to ensure that the courses are not only factually correct, but also have a meaningful didactic structure. No employer has to fear that employees will be absent for days because of the training. The courses are divided into small blocks, each of which you have to complete in a quarter of an hour. To a certain extent, the participants can decide for themselves when they complete which block. The training runs on an online platform that users only have to log in to. The superiors can use a special access to see how the learning progress of their employees is.

In response to the corona crisis, there were many inquiries from companies as to whether a special training course should address the peculiarities of the current situation. That is why there is now a module that focuses on the security issues that arise in the home office or on the go. You shouldn't expect in-depth pro tips here. It's more about making the basic issues clear to everyone.

Leave the laptop in the car? Not a good idea. What to do if the good piece is lost? Notify the company IT immediately. The can usually delete the company data remotely. And please don't just read emails over the wifi on the train - always set up a VPN first, i.e. a secure connection to the company's mail servers. Three questions like this, each with three possible answers, in front of which a short video explaining the problems - a learning task is completed quickly, the progress is automatically saved. The companies don't have to install anything, everything runs in the G Data cloud. This also has the advantage that updates can be incorporated quickly and are immediately available to all participants.

In between, the employees' knowledge is checked

A total of 36 courses are available, including those for system administrators. Usually the courses are spread over two years. The users receive an e-mail when a new course is ready for them and can then complete it within a certain period of time. Those who fail to do so will be reminded again. The basic knowledge, which is queried at the beginning of the course program, should be queried twice while the training is running, advises Nikolas Schran: "This is how you get numbers about how the knowledge has improved."

With its offering, G Data addresses a broad target group that goes beyond those that the company reaches with its products such as antivirus software. From the dental practice to medium-sized companies to corporations, everything is included. Some companies also offer the training under their own name, such as a Swiss consulting company. An annual fee per participant is billed, with more participants it becomes cheaper. You have to reckon with around three to four euros per month and employee.