secure360 conference
I’ve finished the mid-May 2-day secure360 conference here in St. Paul. It was generally quite good even though it was very corporate-focused. Security is security no matter what you’re protecting. But first off I got my lanyard! That’s a Marvel’s Agents of S.H.I.E.L.D. reference for those not familiar.
The best session was the first one I attended – Users: your first line of defense (click for Slideshare) which had many immediately useful tips. Taking cues from social psychology, Ari Elias-Bachrach focused on methods for influencing people for making effective training. Some tips include
- Use positive advice: rather than tell someone “don’t run in the house” instead say “we walk in the house.” Frame things not as “don’t do” but instead “how to do” the right thing. And be sure to tell people what they should be doing. So instead of “don’t use weak passwords” frame it as “you should use strong passwords and here’s how to do that.”
- Use real images in your presentations, not the usual clip art. Take this
Users are never going to encounter a man in a ski mask on a laptop. Instead use a picture of a real phishing email. - Use language appropriate to the audience and not technical security terms. He mentioned using the general term virus rather than the technically accurate term of malware. This spawned a good discussion. The idea being, use a term that is commonly known. Malware was agreed to be almost common but virus was more strongly common. I am torn between being accurate vs. understandable in this case.
- Try making trainings about home or personal computing but all the concepts apply to the office. For example, hold an optional brownbag about how to protect your kids on the internet or how to protect your computer at home from hacking. People will come to those and then all the concepts apply equally at work.
Now, on to the social psychology tips. Some of those included (more…)
Educause 2013 round up
Well another Educause annual conference has come and gone. It’s been a few years since I attended the annual conference so it was a joy to return. There were more sessions that I wanted to attend than I could attend. Several time slots had multiple presentations that I wanted to see. With more and more sessions recorded I can catch some of those later. My priorities this year were student success (retention/advising), analytics and vendors. We are implementing Hobsons Retain/AgileAdvisor/AgileGrad suite which includes a CRM (retain), case management advising (AgileAdvisor) and a degree planner (AgileGrad). I was also recently on the team architecting a reboot of our institutional research operation that will be the Office of Planning and Effectiveness so analytics are of particular interest.
Sir Ken Robinson
The conference kicked off with an entertaining and engaging talk by Sir Ken Robinson. This article captures much of the talk. The very telling video (below) shows one of his points, how you stifle innovation by asking the wrong questions.
[youtube=https://www.youtube.com/watch?v=9TskeE43Q1M]