Course Title: Information Security:
Keeping Company Data Safe

Course Description: This interactive information security course uses an immersive workplace floorplan and a 360° office environment to help learners identify everyday security risks. Through scenario-based exploration, participants learn to think before plugging in unknown devices, verify identities before granting access, and respond appropriately to unfamiliar individuals. Learners also practice good desk security habits, including disposing of sensitive notes, locking screens, and maintaining a clean workspace to protect information.

Course Objectives: In this course you’ll learn:

• How to safeguard critical data

• How to handle interactions with outsiders securely

• How to adopt daily habits that contribute to a safer work environment

Resources: Learners will be able to download a job aide to post at their office to remind them of the company protocols when it comes to information security.

Business Problem: Data Defend has experienced an increase in security incidents caused by everyday employee behaviors—such as mishandling sensitive data, falling for phishing attempts, and sharing information without proper verification. While security policies exist, employees lack clear, practical guidance on how to apply them during daily tasks. This puts critical company and client data at risk and exposes the organization to compliance, financial, and reputational damage.

Solution: This course provides employees with simple, actionable guidance to help them recognize security risks and respond appropriately. Through short scenarios, job aids, and practical tips, learners build habits that support secure data handling, safe interactions with outsiders, and consistent security practices. The solution focuses on real-world application, enabling employees to make confident, security-focused decisions in their day-to-day work.

ADDIE Model

Analysis: The goal of this course was to address everyday information security risks that employees often overlook in familiar office environments. While most learners are aware of high-level security policies, analysis revealed gaps in situational awareness and behavioral application—particularly around physical security, social engineering, and routine desk habits.

The target audience included employees working in shared office spaces who interact with visitors, devices, and sensitive information daily. Learners needed practical, scenario-based practice rather than policy-heavy instruction. Key constraints included the need for short, engaging training that could be completed independently and applied immediately on the job.

Design: Using the ADDIE framework, the course was designed around experiential learning and real-world decision-making. Clear, behavior-focused objectives guided all design choices:

• Safeguard critical company data

• Respond appropriately to outsiders and unfamiliar situations

• Practice daily habits that reduce security risks

To support these objectives, the course structure centered on an immersive workplace floorplan and a 360° office environment. Learners explore the space and encounter realistic security scenarios such as unknown USB devices, unverified visitors, unattended notes, and unlocked screens.

Scenario-based interactions were intentionally designed to encourage learners to pause, evaluate risk, and choose an action, reinforcing the idea that information security is part of everyday decision-making—not just IT policy.

Development: During development, interactive elements were created to simulate common workplace security situations. Visual cues, hotspots, and guided prompts were used to draw attention to potential risks within the environment.

A downloadable job aide was developed to reinforce learning beyond the course. This resource provides a concise reminder of company information security protocols and supports long-term behavior change by allowing learners to post it directly in their workspace.

Content was written in clear, approachable language to ensure accessibility for learners with varying levels of technical knowledge.

Implementation: The course was designed for self-paced delivery and easy integration into a corporate learning environment. Learners progress through the virtual office, engaging with scenarios at their own pace while receiving immediate feedback on their decisions.

The job aide is introduced at the end of the course as a practical takeaway, reinforcing that security habits continue after training completion.

Evaluation: Effectiveness was evaluated through learner interactions within the scenarios, completion of decision points, and knowledge checks embedded throughout the course. Learner performance data and feedback were used to assess whether objectives were met and to identify areas for future enhancement.

The course’s immersive design allows for iterative updates, making it easy to add new scenarios as security risks evolve.

Storyline 360, Canva, Microsoft, Word, Course by Georg Volmer