BETA: User Awareness Enhancements

Document created by user.gA8uBK66K5 Expert on Jun 28, 2017Last modified by user.gA8uBK66K5 Expert on Sep 8, 2017
Version 2Show Document
  • View in full screen mode

Beta Information and overview

General

User Awareness is a feature of Mimecast Targeted Threat Protection: URL Protect that allows an administrator to 'challenge' end user URL clicks to help providing security awareness training and improve your organisations' security posture.  A percentage 'challenge' figure is applied to a TTP URL Protect policy.  Based on this frequency, users are diverted to the challenge page after clicking a re-written URL, where they are asked to review their decision on the URL click.  Responses are logged and the user is provided feedback to help change behavior by directing a 'think before you click' approach.  For more information on the existing functionality and setup of user awareness, please see: Targeted Threat Protection: Configuring URL Protection User Awareness 

Timeline and feedback

We are focused on providing an exceptional experience for our customers, so are look for candidates willing to participate in this beta, due to start mid September 2017.  Interested candidates are required to email eap@mimecast.com to register interest.  We will be in touch with further information.

 

Known issues and limitations

Currently there are no known issues or limitations

 

Work Flow Update

Once enabled on your account, the user pages will be updated automatically to reflect the new style, so no admin work is required to take advantage of these, but please be aware that based on user research, Mimecast has modified the existing workflow.  There are changes to a correctly classified 'safe' page.  The diagram below highlights this change.

 

1. Correctly classified 'safe'.  Mimecast will display a 'confirmed safe' response to provide feedback to the user on their decision

 

 

Admin guide

To apply user awareness policy, please see: Targeted Threat Protection: Configuring URL Protection User Awareness 

 

Custom page sets

User awareness pages provide a It's possible to edit the text on the displayed user awareness pages and the content of the safety tips.

 

Please follow the below steps to create a custom page set

 

  1. Navigate to Administration -> Services -> URL Protection
  2. Select 'User Awareness Page Sets' to view a list of currently configured sets
  3. Under 'User Awareness' select 'Use a custom template'
  4. Select 'Create New Page Set'
  5. Enter a 'Page Set Name' and use the options to configure the page set as you choose.  Components of the page set are as follows:
    • User Challenge Page: The page first shown to a user when randomly selected for a user awareness check
    • Safe Link Identified Page: The page shown after a user has successfully identified a safe link
    • Safe Link Misidentified Page: The page shown after a user has incorrectly identified a safe link
    • Harmful Link Identified Page: The page shown after a user has correctly identified a bad link
    • Harmful Link Misidentified Warning Page: The page shown to a user who has incorrectly identified a harmful link and who has a policy that allows them to proceed if the link has been classified as Harmful
    • Harmful Link Misidentified Block Page: The page shown to a user who has incorrectly identified a harmful link and who has a policy that stops them from proceeding
    • Safety Tips: You can choose between using the Mimecast safety tips provided by PhishMe, your own custom tips or a combination.
  6. Next, save the Page Set

 

Applying page sets

  1. Navigate to Administration -> Services -> URL Protection
  2. Select 'Definitions'

  3. In the chosen definition under the User Awareness option, you will see the ability to select the newly created Page Set

Attachments

    Outcomes