Recently, DIGIT assigned a cyber-security
training to all Commission staff – as this includes your friendly Generation 2004 team, we take the liberty to give a bit of feedback on this training. This seems necessary because the training contains some outright contradictory advice, forcing colleagues to choose either one or the other. The training is marked as confidential, so we cannot give you quotes here – which is a pity, because the advice is rather general in nature and applies in every company in one way or another.
- The training asks you to install certain applications on your mobile device, so that you have an alternative in case that the Commission network is unavailable.
May we point out that the provision of working material is one of the core duties of an employer? If the Commission wants staff to have certain applications on mobile devices, it should equip staff with mobile devices. This is not rocket science, the German railroad company “Deutsche Bahn” has equipped all its employees with either a tablet or a smartphone: more than 200.000 employees, and the last batch of 60.000 employees was equipped with it in less than a year – including apprentices! - The training then suggests that you should not store corporate data on your personal device. May we ask how this goes together with advice #1 above? Or is #1 meant to say that colleagues should only install said applications, but never use them on their mobile devices?
- There is a question about discussing sensitive topics on the phone. It would be useful if the content of the training allowed you to answer this question – it is not mentioned at all before the exam questions. Besides, “Skype” and “Skype for Business” are separate products, with different security implications. Referring to one in the question and to the other in the answer is misleading.
- Finally, we like and support the presentation of KeePass. This is the sort of advice that such trainings should have: short, to the point and, above all, actionable
As always, we welcome your feedback.
