Security Awareness Training

The Security Awareness Training feature in Harmony Email & Collaboration helps organizations create awareness among employees on essential security skills. It includes awareness of phishing simulation emails reflecting recent attacks and interactive training modules.

Activating Security Awareness Training

To activate Security Awareness Training, contact Check Point Support.

Notes:

This feature is available only to customers in the Early Availability program.
The Security Awareness Training is supported only for Exchange Online (Microsoft 365 cloud) mailboxes.

Configuring Security Awareness Training Policy

To configure a security awareness training policy:

Access the Harmony Email & Collaboration Administrator Portal.
From the left navigation panel, click Security Training > Policy.
Click Create New Policy Rule.
(Optional) In the Rule name field, enter a name.
In the Rule state dropdown, select Running.
In the Users and groups section, select the users and/or group of users for whom the policy is applicable:
1. To apply the policy to all users and groups in your organization, select All Office 365 users.
2. To apply the policy to specific users or groups, select the users/groups and click Add to Selected.
Select a Phishing Simulation Strategy:
- Prioritize the past attack types of the user - Sends phishing simulation emails that reflect recent attack types faced by the users in your organization.
- None, do not perform simulations - No simulation emails are sent to the users.
(Optional) To view the phishing email templates used to send simulation emails to users, click Phishing Simulations.

The system shows all the available simulation templates.

Select the Training Modules.

Notes:

To view the contents of the training module, click the icon (preview) next to the training module name.
The deadline for completing each training is 14 days.

To configure settings for the training and reminders for the email notifications, click Advanced settings and do these:

In the Training reminder interval field, enter the number of days after which the system sends a reminder. For example, if you enter 2, the system sends reminder after every 2 days.
In the Simulation max frequency (days) field, enter the number of days after which the system sends a simulation email.
In the Training max frequency (days) field, enter the number of days after which the system initiates a new training session.

To configure email notifications for the training and reminders:

In the Training invitation subject field, enter the subject for the training invitation email.
In the Training invitation body template field, enter the body for the training invitation email.
In the Training remind subject field, enter the subject for the training reminder email.
In the Training remind body template field, enter the body for the training reminder email.

To view the supported placeholders, see Training and Reminder Emails - Supported Placeholders.

Note - The system sends the phishing simulation, training invitations, and reminder emails at 7:00 AM UTC.

Click Save.

Click Save.

Note - Now that the security awareness training policy is configured the end users receive an email with a link to access the training modules. To allow users to access the training modules, the administrator must authenticate by granting the necessary permissions.

Authorizing Training Module Access for the Organization

Harmony Email & Collaboration allows users to access the training modules using the link provided in the email notification.

The administrator must authorize access for the entire organization by granting the necessary permissions.

To authorize the Microsoft login permissions for training modules:

Click on the link provided in the email.
Click Sign in with Microsoft.
Enter the admin credentials and sign in.

The Permissions requested pop-up appears for the Check Point Harmony Email & Collaboration – Training application and requests the necessary permissions. See Required Permissions for Microsoft Login Authorization.
To allow end users to sign in using Microsoft credentials, select the Consent on behalf of your organization checkbox.
Click Accept.

End users can now sign in with their organization's Microsoft credentials using the link provided in the email to access the training modules.

Required Permissions for Microsoft Login Authorization

Permissions required from Microsoft/Google	Functions performed by Harmony Email & Collaboration
Sign you in and read your profile	Allows users to sign in to the app and allows the app to read the profile of signed-in users. It also allows the app to read basic company information of signed-in users.
Maintain access to data you have given it access to	Allows the app to view and update the signed-in user data even when you are not currently using the app.

Training and Reminder Emails - Supported Placeholders

While configuring email notifications for training and reminders in Security Awareness Training, the administrators can use these placeholders to replace content dynamically.

Placeholder Name	Placeholder Value
Email recipient name	{recipient_name}
Training module name	{training_name}
Training module description	{training_description}
Date before which the training module must be completed	{training_due_date}
Length of the training mode in minutes or hours	{training_duration}
Number of days remaining to complete the training module	{training_days_left}

Branding the Security Awareness Training Web Page

To customize the training module interface and phishing simulation web pages to reflect your organization’s branding:

Go to Security Training > Policy.
Click Configuration next to Security training policies from the top of the page.
In the Branding of user interaction (landing pages, course screens) section, select one of these:
- To show the web pages and course screens that matches your organization's branding, select Auto-brand pages with AI for my domain (recommended). Harmony Email & Collaboration uses AI and auto-brands the pages based on your organizational domain.
- To use Check Point's branding, select Use Check Point branding.
Click Save.

Monitoring User Interactions with Phishing Simulations

The Security Training Dashboard shows an overview of training completion and phishing simulation performance for organization members using widgets, charts, and tables. It also shows individual training statuses and user details, enabling administrators to analyze the organization's security awareness and readiness against phishing threats.

To view the Dashboard page, click Security Training > Dashboard.

To select a time frame for the Dashboard, select an option from the dropdown next to Dashboard at the top of the page.

Last 24h
Last 7 days
Last 30 days
Last 12 months
Custom

To export the details to a PDF, click Export to PDF.

Overall Training Progress

The Overall Training Progress widget shows the number of trainings assigned and their status in the selected time frame.

Passed
Failed
Not Completed

Phishing Simulation Overview

The Phishing Simulation Overall widget shows the number of phishing simulation emails sent and their status in the selected time frame.

Unread
Read
Deleted
Reported
Phished
- Clicked
- Scanned QR Code
- Replied
- Forwarded
- Opened attachment
- Called unknown number
- Shared data

Training Compliance Level Over Time (Entire Organization)

The Training Compliance Level Over Time (Entire Organization) widget shows the percentage of users in the organization who completed the training in the selected time frame.

Phishing Simulation Emails Sent

The Phishing Simulation Emails Sent widget shows the total number of phishing simulation emails sent and their status in the selected time frame.

Phishing Simulation by Attack Type

The Phishing Simulation by Attack Type widget shows the number of phishing simulation emails sent based on the attack type in the selected time frame.

Interaction Patterns of Phished Users

The Interaction Patterns of Phished Users widget shows the total number of phished emails and their interaction status in the selected time frame.

Phishing Simulation - Failure Rate Over Time

The Phishing Simulation - Failure Rate Over Time widget shows the percentage of emails that have failed the simulation in the selected time frame.

Top Phished Departments

The Top Phished Departments widget shows the top ten departments in the organization with the most phished users in the selected time frame.

Top Phished Users

The Top Phished Users table shows the users that are phished more times in the selected time frame.

Column	Description
Name	Name of the user in the organization.
Title	Job title of the user in the organization.
Department	Department the user belongs to within the organization.
Failures	Number of phishing emails opened.

Monitoring User Training Progress

Training Progress

The Training Progress widget shows the training modules and their status in the selected time frame.

Training Status

The Training Status table shows the status of each training module.

Column	Description
Training	Training module name
Policy	Name of the policy.
Start Date	Date on which the training module is assigned to the users.
Training Status	Training status: Not Started In progress Completed
Users	Users that are assigned the training module.
Passed	Percentage of users that have passed in the training module.
Failed	Percentage of users that have failed in the training module.
Not Completed	Percentage of users that have not started the training module.

Training Log

The Training Log table shows the users and their training status in the selected time frame.

Column	Description
Name	Name of the user in the organization.
Title	Job title of the user in the organization.
Department	Department the user belongs to within the organization.
Days Left	Number of days left to complete the training module.
Training	Name of the training module.
Status	Status of the training module. Invited In progress Passed Failed
Status Details	Detailed information about the status.
Time	Date and Time of the training started.

Phishing Simulations Live Activity Log

The Phishing Simulations Live Activity Log table shows the simulation emails sent to the users and their status.

Column	Description
Name	Name of the user in the organization.
Title	Job title of the user in the organization.
Department	Department the user belongs to within the organization.
Simulation	Type of simulation email sent to the user.
Sent time	Date and time at which the simulation email is sent.
Status	Status of the simulation email. Unread Passed Failed
Status time	Time at which the status is received.

Security Awareness Training - End User Experience

As per the security training policy configured by the administrator, the end-user receives an email with the necessary training details. The email contains the training module name, duration, due date, and a link to access the training module.

To start the training module:

Click the link provided in the email.

The Welcome to Security Awareness Training page appears.
Click Sign in with Microsoft.
Enter your organization's Microsoft credentials and sign in.

The training module page appears.
(Optional) If the training module is available in multiple languages, the Choose your language widget appears to the right of the screen. Select the required language.
(Optional) To view the different sections in the training module, click the icon.

The Menu appears, displaying the different sections in the module.
If required, click Start to begin the training.

The training includes a quiz with multiple questions to help users understand the content. It also covers key use cases and provides strategies to protect against security threats.

Phishing Simulation Email - End User Experience

As per the security training policy configured by the administrator, the end-user receives phishing simulation emails periodically. When a user clicks a link in these emails, a web page displays the risk indicators relevant to the simulation and allows the user to take the Phishing Awareness Training.