How to choose a Security Awareness Platform
watch video here
As you already know, the weakest link in your security is your users. Security Awareness Training is key for your organisation to stay safe in the digital world. The issue of Email Phishing has been on the rise. For effective Security Awareness Training, you will want to utilise an online Platform that can help. There is a number of different options in terms of Security Awareness Training. How to choose the right one for you?
We speak to many customers regarding Security Awareness Training and the platform in our line of work. Here we listed the most commonly sought after inquiries combined with our expertise. So, how do you choose a Security Awareness Platform?
There are essentially 5 different aspects you need to consider when it comes to choosing a Security Awareness Platform. They are
- Admin overhead
Content is the king. If you would like your Security Awareness Platform to work for you then the content is king here. You will need fresh and engaging content to make the training more effective. You will need different types of content to make it appealing for all demographics in your organisation. For example, the younger generation tends to engage more with short videos, puzzles, games, etc… Is your Security Awareness Training Platform offering that? Are they consistently updating the content library with new and fresh content? Who is producing the content? Are interactive videos too long to watch? These are some of the questions that can help nail down the content aspect of the Security Awareness Training Platform.
2: Admin Overhead
Ok, the content aspect of the platform has impressed and you want to look at the next aspect. What’s the admin overhead to manage, administer and maintain the platform? Do you need to export the usernames and details manually? What happens when the user leaves? How easy it is to set up the campaigns? How is it is to run the reports? Can it be managed by one person? How easy it is to run reports?
The system we provide integrates with your Active Directory and syncs [one-way sync] the users & groups to the console. Do you have a new user? No problem. It’s automatically synced and the new user gets the training campaign automatically. It pretty much runs on autopilot [yeah, just like Tesla] once the initial logistics are over. Are you impressed now?
This aspect of the Security Awareness Platform slightly overlaps with the Admin Overhead. Obviously, more functionality and less admin overhead. Most of our customers that look for Security Awareness Platform usually ask for Email Phishing Simulator. Can you run Email Phishing campaigns from your Security Awareness Training Platform? Can the platform automatically deliver campaigns to those that failed the phishing test? If the user passes the training course can it automatically move them to a separate group? Can the users report Phishing Emails from a click of a button? Can you randomise the phishing templates while you are sending phishing campaigns? Does the platform offer Vishing [voicemail Phishing] and USB tests? How granular are the reports? Dynamic user groups? Are the line managers getting alerts for the users that are not taking their training? Can you upload your own training policies? Can you customise the platform? Can you award the pass certificates? Can you publish the leader board? So many different aspects to consider.
Try to answer the above questions. More Yes's you get better fit the platform for you.
Reporting is essential if you would like to see how effective the training has been. It is good if you have an HR department, Learning/Training department or if you need to show the effectiveness of the training. You want to see how a user keeps failing the training course. Maybe they are skipping through the content and keep clicking next. Can you see that in the Training Platform? Can you see how many users enrolled in the training course? Can you how many passed at any given time? How many acknowledged the companies policies? Can you compare different departments, groups, locations, line managers, etc…?
Finally, the costs of a Security Awareness Training Platform. The most important part of all according to some. On some occasions, this is the first question we get asked by the IT professionals. They will only want to see the demo if they are happy with the costs. How much does the Security Awareness Platform cost? How does the cost model work? Is it per user? Or per server? What does it cost to customise the platform? Is there a limit on the number of Phishing and Training campaigns you can run? Can you replace the leaver’s licences? Is the monthly subscription or yearly? Are there any discounts on multi-year purchases? Is it a managed service or the license only?
I hope the above 5 points help you choose the correct Security Awareness Training Platform for your organisation. Here are the Gartner Peer Reviews of a few Platforms of such kind. We are the experts in this area and we have been helping a number of different companies. If you would like any advice or have any questions please get in touch on 01224 516181 or hit the chat button to speak to one of our experts.
Cyber Essentials Plus accreditation/certification explained
The article dives deep into what Cyber Essentials Plus accreditation/certification is, the requirements for the certification, cost and the process to achieve it.More
IASMECyber Essentials questionnaire
Read or Download the IASME Cyber Essentials Questionnaire pdf copy here. The questionnaire has different sections laid out for all the controls as well as providing the preparation advice.More
What is the process for Cyber Essentials Plus Certification?
Cyber Essentials Plus accreditation involves the auditing of your IT systems. Read the article to know what exactly is involved in the process.More
What exactly is involved in Cyber Essentials Plus audit?
Cyber Essentials Plus accreditation involves the auditing of your IT systems. Read the article to know what exactly is involved in he audit process.More
FOR LATEST UPDATES SUBSCRIBE HERE: