This guide describes how administrators can configure their Mimecast Awareness Training account settings. End users wanting to configure their settings should read the Changing Your Local Language page.
- Click on your Account Icon in the top right corner.
- Click on the Settings menu item. Your company settings are displayed.
- Click on one of the following menu items in the left navigation panel:
- Current Account Settings
- Configure SSO
- Complete the Settings as required.
- Click on the Save Settings button.
Current Account Settings
|Full Name||Changes the account name displayed in the "Logged In As" setting of the toolbar.|
|New Password||Allows you to change your password. A check is made to ensure the values in both fields are the same. The specified values must be at least eight characters and contain at least one capital letter and one number.|
|Pricing Tier||Displays your current licensing level.|
|Enable Phishing||Mimecast Awareness Training's phishing training functionality is part of your tier plan but is disabled by default. You can enable / disable phishing training emails by clicking on either the Enable Phishing or Disable Phishing button. |
Disabling phishing also deletes all data related to the phishing training. A confirmation dialog is displayed requiring you to confirm this is what you intended.
|Reply to Source Address|
If set, this replaces the default firstname.lastname@example.org email address used in messages and alerts with another email address. If a recipient replies to a message, it will be sent to the specified address. To set this option:
|New User Policy||Controls whether new users automatically receive notifications of previously scheduled modules. |
|Toggle Training Module Acknowledgment||Controls whether an acknowledgement is sent to users to confirm they've read and understood your security awareness policy. If selected, clicking the Edit Acknowledgment button allows you to customize the acknowledgement. Up to 300 characters can be specified.|
|Time Zone Settings||Select a time window during which emails, alerts and notifications are sent to users.|
|Enable / Disable External API Access||Controls whether external access to Mimecast Awareness Training's API is enabled. If enabled, a secret passphrase must be added and confirmed. The specified values must be at least eight characters and contain at least one capital letter and one number.|
|Company Logo Configuration||Allows you to specify your company logo and control how it is applied. |
This option is currently only available to legacy Mimecast Awareness Training customers. If you're in doubt whether this applies to you, contact our support team. Customers on the Mime OS platform should follow our Service Updates space for news of when this functionality is available to them.
|Outlook Add In Configuration|
|Support Email Address||If required, specify a company's email address that all user feedback or support requests are forwarded to. Mimecast automatically receives all feedback or support requests and will respond appropriately.|
|Upon Employee Deletion|
Specify what happens when a request is made to delete a user:
|Suspend Email Options|
Specify your company's communication preferences by selecting which emails are sent to your users:
|Select Default Population Group |
This option is only available to users on the Mime OS platform. If you're unsure if this applies to your account, contact our support team.
Specify a group of users who'll receive scheduled modules. The users in the group receive module notifications according to the specified "New User Policy" option.
The Outlook add-in checks the email source address against the preconfigured Mimecast Awareness Training list (see right) to determine if it is either a simulated phishing email from Mimecast.
- If the add in detects a known source address, it marks the email as simulated.
- If no source address matches, the add-in marks the email as non-simulated.
The email is forwarded to Mimecast when the user selects the phishing alert icon. It is not sent to Mimecast for validation first. The Add-In is configured to look for different Mimecast Awareness Training source email address lists (see right) as part of creating a phishing campaign. It doesn't look at email headers to determine if an email is a simulated or non-simulated phishing email.
Once the add-in configuration is completed, Click on the Download Add In button to download the settings to an .XML file called "phishing.manifest.xml". You can work with your IT department to deploy the add-in to your employees' machines.
Configuring Single Sign-On (SSO) allows users to logon using the same credentials as their corporate Identifiy Provider (IdP). Using SSO requires you to supply your IdP metadata and configure Mimecast Awareness Training's metadata in your IdP configuration.
To configure Single Sign-On:
- Click on the Proceed button.
- Select one of the following Authentication Request Binding methods:
- Select one of the following Add Authentication Metadata options:
- Identity Provider Metadata URL specifying the URL of your identity provider's metadata.
- Identity Provider Metadata specifying your identity provider's metadata.
- Click on the Submit button. If the metadata could be retrieved, the dialog shown is displayed. Click on the ? icon in the top right corner to display a list of helpful resources, including a link for configuring ADFS for Mimecast Awareness Training.
- Click on the Download Ataata Metadata button to download the Mimecast Awareness Training metadata XML file. You'll need to specify this on your side to complete the SSO configuration.
Updating Your SSO Certificate
Should you need to update your SSO certificate:
- Display your SSO Configuration (see above).
- Change the configuration as required.
- Click on the Update SSO Configuration button.