This guide describes how administrators can configure their Mimecast Awareness Training account settings. End users wanting to configure their settings should read the Changing Your Local Language page.
- Click on your Account Icon in the top right hand corner.
- Click on the Settings menu item. Your company settings are displayed.
- Click on one of the following menu items in the left hand navigation panel:
- Current Account Settings
- Configure SSO
- Complete the Settings as required.
- Click on the Save Settings button.
Current Account Settings
|Full Name||Changes the account name displayed in the "Logged In As" setting of the toolbar.|
|New Password||Allows you to change your password. A check is made to ensure the values in both fields are the same. The specified values must be at least eight characters, and contain at least one capital letter and one number.|
|Pricing Tier||Displays your current licencing level.|
|Enable Phishing||Mimecast Awareness Training's phishing training functionality is part of your tier plan, but is disabled by default. You can enable / disable phishing training emails by clicking on either the Enable Phishing or Disable Phishing button.|
Disabling phishing also deletes all data related to the phishing training. A confirmation dialog is displayed requiring you to confirm this is what you intended.
|Reply to Source Address||If set, this replaces the default firstname.lastname@example.org email address used in messages and alerts with another email address. If a recipient replies to a message, it will be sent to the specified address. This option doesn't change the source address in the message header, unless the Use This Email as Source Address option is selected, but this must be set by our Support Team.|
|New User Policy||Controls whether new users automatically receive notifications of past videos.|
|Toggle Training Module Acknowledgement||Controls whether an acknowledgement is sent to users to confirm they've read and understood your security awareness policy. If selected, clicking the Edit Acknowledgement button allows you to customize the acknowledgement. Up to 300 characters can be specified.|
|Time Zone Settings||Select a time window during which emails, alerts and notifications are sent to users.|
|Enable / Disable External API Access||Controls whether external access to Ataata's API is enabled. If enabled, a secret passphrase must be added and confirmed. The specified values must be at least eight characters, and contain at least one capital letter and one number.|
|Company Logo Configuration||Allows you to specify your company logo and control how it is applied.|
|Outlook Add In Configuration||Click on the Configure button to configure Mimecast Awareness Training's Microsoft Outlook add-in.|
|Support Email Address||If required, specify a company's email address that all user feedback or support requests are forwarded to. Mimecast automatically receives all feedback or support requests, and will respond appropriately.|
|Upon Employee Deletion|
Specify what happens when a request is made to delete a user:
The Outlook add-in checks the email source address against the preconfigured Mimecast Awareness Training list (shown right) to determine if it is either a simulated phishing email from Mimecast.
- If the add in detects a known source address, it marks the email as simulated.
- If no source address matches, the add-in marks the email as non-simulated.
The email is forwarded to Mimecast when the user selects the phishing alert icon. It is not sent to Mimecast for validation first. The Add-In is configured to look for different Mimecast Awareness Training source email address lists (see right) as part of creating a phishing campaign. It doesn't look at email headers to determine if an email is a simulated or non-simulated phishing email.
Once the add-in configuration is completed, Click on the Download Add In button to download the settings to an .XML file called "phishing.manifest.xml". You can work with your IT department to deploy the add-in to your employees' machines.
Configuring Single Sign-On (SSO) allows users to logon using the same credentials as their corporate Identifiy Provider (IdP). Using SSO requires you to supply your IdP metadata and configure Ataata's metadata in your IdP configuration.
To configure Single Sign-On:
- Click on the Proceed button.
- Select one of the following Authentication Request Binding methods:
- Select one of the following Add Authentication Metadata options:
- Identity Provider Metadata URL specifying the URL of your identity provider's metadata.
- Identity Provider Metadata specifying your identity provider's metadata.
- Click on the Submit button. If the metadata could be retrieved, the dialog shown is displayed.
Click on the ? icon in the top right hand corner to display a list of helpful resources, including a link for configuring ADFS for Mimecast Awareness Training.
- Click on the Download Ataata Metadata button to download the Ataata metadata XML file. You'll need to specify this on your side to complete the SSO configuration.
Updating Your SSO Certificate
Should you need to update your SSO certificate:
- Display your SSO Configuration (see above).
- Change the configuration as required.
- Click on the Update SSO Configuration button.