Help Desk: (814)865-HELP

Information Security Awareness Training

Information Security Awareness Training

As cyberthreats continue to significantly increase, Penn State remains a highly targeted institution in the Big 10 Conference. Whether you’re at home, on campus, or on the go, you should know how to protect your personal information and to keep your devices secure.

All newly-hired University faculty and staff are required to take the Information Security Awareness training within 30 days of receiving their Penn State access account. To access and receive credit for the training under Penn State’s Learning Resource Network (LRN), go to “My Training” and select “Information Security Awareness.” If the training does not show up in “My Training,” you can search for it training in the LRN search bar in the upper right hand corner of the LRN main page once you’ve logged in. The training will teach you requirements for safeguarding Penn State’s information, best practices for keeping yourself safe online, and how to spot malicious email messages. If you have any questions on the training or how to access it, please contact

Even if you’re not required to take the information security awareness training, learning how to protect yourself from malicious emails, create a strong account password, and practice CyberSMART habits online can benefit you. Check out our training video (at left), and review the Top Tips (below).

Review What You’ve Learned: Five Quick Tips and Tricks

1. Bookmark OIS’s website to learn more about information security, including how to protect your information online.

2.  As a Penn State community member, it’s important to create a unique password for your Penn State Access Account and use a different password for each of your other online accounts. When setting your Penn State Access Account password, provide an external email address that can be used to recover your account. Consider enabling 2FA for an extra level of security. If you’re a faculty member, staff member, or researcher, you are required to enable 2FA.

3. Email security is vital to the Penn State community, especially with the continual threat of attacks. To protect yourself from potential email attacks, be vigilant: look for red flags.

4. Social Engineering involves tricking people into providing confidential information. Social engineering attacks can be technical, non-technical or a combination of both. Current examples include phishing, vishing and piggybacking. New types are being created every day. If you receive a suspicious phone call or email, don’t provide the information–report it to

5. Mobile security continues to increase in importance given the advances in smartphones, tablets and other mobile devices. For ways to protect your mobile device, check out our mobile security page.