Security Posture Best Practices

Security Awareness Trainings

  • Updated

Regular security and privacy awareness training helps employees stay informed about their company's security practices. A thorough security training program requires employees to complete training at least annually to provide your organization with updated best practices and information. Vanta helps you manage a dynamic security program with yearly recurring training options. Since employees may have different security requirements, Vanta enables you to assign security and privacy training based on the topics required for various employee groups. To assign the training to relevant employees, you can create a group or leverage an existing one and assign the training to that group. 

Enabling Vanta Security Training

  • Security awareness training can be assigned to task lists assigned to groups.
  • Select the group whose tasklist you would like to include security training. 

Screenshot 2024-11-19 at 10.39.04 AM.png

  • From the Training section, select Add

Screenshot 2024-11-19 at 10.40.56 AM.png

 

  • Enable the security training you need for your personnel by toggling the switch on.
    • Please note that the trainings you have available are based on the frameworks you have purchased within Vanta. 

Screenshot 2024-11-19 at 10.42.21 AM.png

  • Vanta's training is a pre-established training program for your employees to use
  • Custom training allows you to link to a security training program outside of Vanta.
    • If you have integrated with a Security Training platform established with Vanta, this will be automatically selected, and Vanta's training will be greyed out.
    • If you are using a Security training platform not established with Vanta, you will need to select custom training and copy and paste the URL. Please note that this will only take the employee to the training site. It is recommended that you create a custom task so that the Admin can prompt employees to prove that they completed the training (e.g., uploading a screenshot, etc.).
  • Your employees will need to visit https://app.vanta.com/onboarding to complete their security tasks. Once you are ready, you can enable Vanta's automated reminders to notify them automatically.
  • As an Admin, you can see an employee's progress by opening the People page, selecting the person, and viewing their completed tasks and default requirements.

Screen_Shot_2022-08-31_at_3.05.58_PM.png

  • By default, this is an annually recurring task for employees. The training anniversary date is based on the employee's last security training.
  • Security Awareness training in the second year and any after that will be added to the employee task list.

Custom Tasks for Custom Security Training

  • From the Groups Tasks tab, select the Trainings section 

Screenshot 2024-11-19 at 10.43.54 AM.png

  • Select + Create custom training. 
  • Complete the modal with the required information and select Create. 

Screenshot 2024-11-19 at 10.46.31 AM.png

Re-completing the Training Before the Annual Due-date

  • If you need certain users to redo their Security Awareness Training before the annual due date, they can revisit the training by going to https://app.vanta.com/onboarding
  • After they complete the training and hit submit, a new entry will be created in their profile on the People page, indicating the most recent completion date.
    • However, it is not possible to uncheck the task that has already been marked as completed.