Mimecast Awareness Training: Configuring Administration Preferences

Document created by user.oxriBaJeN4 Employee on Sep 13, 2018Last modified by user.oxriBaJeN4 Employee on Aug 27, 2019
Version 21Show Document
  • View in full screen mode

This guide describes how administrators can configure their Mimecast Awareness Training account settings. End users wanting to configure their settings should read the Changing Your Local Language page.


Accessing Ataata SettingsTo configure your administration preferences:

  1. Click on your Account Icon in the top right corner.
  2. Click on the Settings menu item. Your company settings are displayed.
  3. Click on one of the following menu items in the left navigation panel:
    • Current Account Settings
    • Features
    • Configuration
    • Configure SSO
  4. Complete the Settings as required.
  5. Click on the Save Settings button.


Current Account Settings


Full NameChanges the account name displayed in the "Logged In As" setting of the toolbar.
New PasswordAllows you to change your password. A check is made to ensure the values in both fields are the same. The specified values must be at least eight characters and contain at least one capital letter and one number.
Repeat Password




Pricing TierDisplays your current licensing level.
Enable PhishingMimecast Awareness Training's phishing training functionality is part of your tier plan but is disabled by default. You can enable / disable phishing training emails by clicking on either the Enable Phishing or Disable Phishing button.
Disabling phishing also deletes all data related to the phishing training. A confirmation dialog is displayed requiring you to confirm this is what you intended.




Reply to Source Address

If set, this replaces the default noreply@ataata.com email address used in messages and alerts with another email address. If a recipient replies to a message, it will be sent to the specified address. To set this option:

  1. Enter the required Email Address.

    Enter a display name (e.g User A <usera@domain.com>) to include a custom display name to the email address used.

  2. Optionally select the Use This Email as Source Address option to also change the source address in the message header.
  3. Click on the Save button. This:
    • Verify Source Email AddressDisplays a verification notification (see right).
    • Sends a Verification Message from the Amazon Web Services email address (no-reply-aws@amazon.com) to the specified email address's inbox.
      The link in the verification message expires after 24 hours.
  4. Click on the Link in the Amazon Web Services verification message.
  5. Close the Verification Notification displayed in step 3.
  6. Click on the Save button.
New User PolicyControls whether new users automatically receive notifications of previously scheduled modules.
  • New: New users only receive notifications of newly scheduled modules.
  • All: New users are sent notifications according to the following schedule for all previously scheduled modules:
    • Mime-OS: One every Sunday at 3pm until they've caught up. The time is taken from the local server in the Mimecast region your account is located in.
    • Non-MimeOS: One per week until they've caught up.
Toggle Training Module AcknowledgmentControls whether an acknowledgement is sent to users to confirm they've read and understood your security awareness policy. If selected, clicking the Edit Acknowledgment button allows you to customize the acknowledgement. Up to 300 characters can be specified.
Time Zone SettingsSelect a time window during which emails, alerts and notifications are sent to users.
Enable / Disable External API AccessControls whether external access to Mimecast Awareness Training's API is enabled. If enabled, a secret passphrase must be added and confirmed. The specified values must be at least eight characters and contain at least one capital letter and one number.
Company Logo ConfigurationAllows you to specify your company logo and control how it is applied.

This option is currently only available to legacy Mimecast Awareness Training customers. If you're in doubt whether this applies to you, contact our support team. Customers on the Mime OS platform should follow our Service Updates space for news of when this functionality is available to them.

Field / OptionDescription
Logo Applies to EmailsThe image is added to all Mimecast Awareness Training notifications sent to users.At least one of these options must be selected if using a logo.
Logo Applies to BrandingThe image is added to the top left corner of the administration dashboard and end user libraries.
Upload File From SystemIf selected, click and drag an image into the "Drag and Drop" panel.The recommended image size is 100 px x 50 px.  Supported image file formats are .GIF, .PNG, .JPG, or .BMP file.
Upload Public URLIf selected, you can specify the URL of the image to use.
Outlook Add In Configuration
  1. Click on the Configure button to configure Mimecast Awareness Training's Microsoft Outlook add-in.
    Header 1Header 2
    Forward Non-Simulated Phishing Emails ToSpecify an email address that users can report any non-simulated phishing emails to. You can use multiple email addresses for this action. See the Outlook Add In Considerations section below.
    Send Us a CopyIf selected, Mimecast also receives a copy of any reported non-simulated phishing emails.
    Non-Simulated Emails Action

    Specify an action to take once a user reports a phishing message that isn't a simulated phishing message:

    • No Action: The email remains in the user's inbox.
    • Delete Email: The email is deleted from user's inbox and moved to their trash folder.
    • Move to Junk: The email is deleted from the user's inbox and moved to their junk folder.
    Forwarded Email PrefixSpecify a prefix that is appended to the subject of any forwarded message (e.g. [Phishing Alert]).
    User Message to Show for Non-Phishing TestSpecify a message that a user receives when they report a phishing attempt that isn't a simulated phishing message.
    User Message to Show for Phishing TestSpecify a message that a user receives when they report a phishing attempt that is a simulated phishing message.
    Button TextSpecify a name for the icon used to report a phishing attempt.
  2. Click on the Save button.
  3. Click on the Download Add in button to download an .XML file that can be imported into Exchange/365 for a global deployment, or directly into OWA for per user deployments.
Support Email AddressIf required, specify a company's email address that all user feedback or support requests are forwarded to. Mimecast automatically receives all feedback or support requests and will respond appropriately.
Upon Employee Deletion

Specify what happens when a request is made to delete a user:

  • Delete From System: The user is removed from the system and all data and statistics are permanently deleted. 
  • Mark as Inactive: The user remains on the system as inactive with all its data and statistics, but won't be included in any future training exercises.
Suspend Email Options

Specify your company's communication preferences by selecting which emails are sent to your users:

  • All emails: No emails are sent to users.
  • Emails related to queue: No emails are sent to users about modules they've been sent to watch.
  • Emails related to training campaignNo emails are sent to users about phishing campaigns.
Select Default Population Group

This option is only available to users on the Mime OS platform. If you're unsure if this applies to your account, contact our support team.

Specify a group of users who'll receive scheduled modules. The users in the group receive module notifications according to the specified "New User Policy" option.

  1. Click in the Awareness Training Groups field.
  2. Either click on the:
    • Local Groups tab to select a group created in the Mimecast Administration Console. See the Managing Groups page for more information.
    • Active Directory Groups tab to select a group of users defined in your Active Directory.
  3. Select the required Group.

    Enter part of a group's name in the Search field and press the Enter key to find the required group.


Phishing Email AddressesOutlook Add In Considerations


The Outlook add-in checks the email source address against the preconfigured Mimecast Awareness Training list (see right) to determine if it is either a simulated phishing email from Mimecast.

  • If the add in detects a known source address, it marks the email as simulated.
  • If no source address matches, the add-in marks the email as non-simulated.


The email is forwarded to Mimecast when the user selects the phishing alert icon. It is not sent to Mimecast for validation first. The Add-In is configured to look for different Mimecast Awareness Training source email address lists (see right) as part of creating a phishing campaign. It doesn't look at email headers to determine if an email is a simulated or non-simulated phishing email.


Once the add-in configuration is completed, Click on the Download Add In button to download the settings to an .XML file called "phishing.manifest.xml". You can work with your IT department to deploy the add-in to your employees' machines.


Configuring SSO


Configuring Single Sign-On (SSO) allows users to logon using the same credentials as their corporate Identifiy Provider (IdP). Using SSO requires you to supply your IdP metadata and configure Mimecast Awareness Training's metadata in your IdP configuration.


To configure Single Sign-On:

  1. Click on the Proceed button.
  2. Select one of the following Authentication Request Binding methods:
    • HTTP-Redirect
    • HTTP-Post
  3. Select one of the following Add Authentication Metadata options:
    • Identity Provider Metadata URL specifying the URL of your identity provider's metadata.
    • Identity Provider Metadata specifying your identity provider's metadata.
  4. Click on the Submit button. If the metadata could be retrieved, the dialog shown is displayed.
    Click on the ? icon in the top right corner to display a list of helpful resources, including a link for configuring ADFS for Mimecast Awareness Training.
  5. Click on the Download Ataata Metadata button to download the Mimecast Awareness Training metadata XML file. You'll need to specify this on your side to complete the SSO configuration.


Updating Your SSO Certificate


Should you need to update your SSO certificate:

  1. Display your SSO Configuration (see above).
  2. Change the configuration as required.
  3. Click on the Update SSO Configuration button.


See Also...