Required Information Security Awareness Training

Announcement

You have all seen the flood of recent phishing emails (as in fishing for passwords and other sensitive information) and other social engineering attacks aimed at people. These generally try to trick you into typing your password into some sort of false sign-on screen or download malicious software. Automated controls such as SPAM filters and antivirus software provide some protection but ultimately, where people are the target, the University relies on your vigilance.

The basic training needed to equip you to exercise informed judgement in detecting and avoiding these and other attacks is provided by an online Information Security Awareness course in Canvas.  You should go to https://itsecurity.bham.ac.uk and navigate to the course from there.

The module should take about 45 minutes to complete, unless you watch the videos. There is a quiz which can be taken at any stage to assess your knowledge and thereby complete the requirement. The course is provided by UCISA (Universities and Colleges Information Systems Association) and is also used by many other universities.

Compliance

The University has to meet a number of legal and regulatory requirements and some of these involve maintaining records of staff training that may have to be produced on demand.

This is a requirement imposed by outside bodies for some of the regulatory regimes that affect the University such as NHS Information Governance and the General Data Protection Regulation (GDPR). In order for us to be fully compliant, the training must be repeated annually, as evidenced by the assessment.

Navigation

Access the online training from the IT Security intranet pages at https://itsecurity.bham.ac.uk, or access directly as follows:

• if you have access to Core, then go to https://uobcore.bham.ac.uk/ and select Me, My Learning (so that your training will be logged as part of your mandatory and compliance training).
• ONLY if you do NOT have access to Core, because you are a Contingent Worker (eg subcontractors) or Student, should you do the following:
  1. self-enrol on Canvas using https://canvas.bham.ac.uk/enroll/YFHRBT
  2. then you can use the following Canvas link https://canvas.bham.ac.uk/courses/68105/pages/information-security-awareness-training-for-contingent-workers-and-students

Those who wish to go straight to the quiz should scroll down to the blue ‘Begin’ button at the bottom of the first page of the UCISA course.

Clicking on ‘Begin’ will take you to the main page, where you can select any of the subject areas directly, including ‘Assessment’.

Other content shown on the course first page is optional but does give some additional UoB specific information that may be useful.

Browser Issues

A few users have reported difficulties in scrolling due to the way the course is rendered in some browsers, sometimes truncating text at the bottom of the page. It may be necessary to resize the window or zoom out to less than 100%. If you experience similar problems, you might also try closing the Canvas navigation pane on the left side of the screen.

Some have reported not seeing the vertical scroll bar to the right of the page and this may be due to using an out of date browser, although Canvas will normally show a warning if the browser or version is not supported. If you encounter this, you should try with another browser.

In case of technical difficulties in using the course please contact the IT Service Desk at http://www.itservicedesk.bham.ac.uk or phone them on 0121 414 7171.

Last updated on 2023-Apr-04: links under Navigation were updated to reflect the migration of mandatory training for Employes from Canvas to Core from 3 April 2023. This training will be retained on Canvas only for those without access to Core eg Contingent Workers and Students.