All employees are required to undertake annual security awareness training, consisting of a video presentation with a short quiz at the end to test your understanding. Emails with links to the training video are sent from training@csalearn.co.uk.

On a monthly basis, phishing emails are sent to test your security awareness. These emails will try to get you to click on a link. If you do click on the link, you will be asked to go through a short re-training course.

If you believe that you have received a phishing email and you are not sure whether or not it is a test email, feel free to contact a member of IT Support for verification.

Please do not share any details of the test phishing emails with your colleagues. It is important that everyone is tested equally and that is not possible if people have prior knowledge of the emails being sent our.

If you join Linaro part-way through a year, you may not get enrolled onto the system straight way.

Device Security

As noted in the https://linaro.atlassian.net/wiki/spaces/IKB/pages/29103030306, if it is possible to purchase biometric support as part of your device, this should be included and enabled.

Furthermore, your account on the device must require a password, even if biometric support is enabled. This password must be required when performing any admin tasks.

If anti-virus / anti-malware software is available for the operating system installed on your device, it must be enabled and kept up-to-date. If you are running Linux and would like assistance, IT Services are able to provide Microsoft Defender for Endpoint on Linux.

Your operating system must be patched in accordance with updates offered by the provider of your operating system.

The screen on your device must be locked when you are away from your device. You are permitted to do this automatically (e.g. through a period of inactivity, or if you walk away with a Bluetooth-connected device) but that must be reliable. If in any doubt, lock the screen manually when leaving the device unattended.