Security Awareness Training

The Security Awareness Training feature in Harmony Email & Collaboration helps organizations create awareness among employees on essential security skills. It includes awareness of phishing simulation emails reflecting recent attacks and interactive training modules.

Activating Security Awareness Training

To activate Security Awareness Training, contact Check Point Support.

Notes:

  • This feature is available only to customers in the Early Availability program.

  • The Security Awareness Training is supported only for Exchange Online (Microsoft 365 cloud) mailboxes.

Configuring Security Awareness Training Policy

To configure a security awareness training policy:

  1. Access the Harmony Email & Collaboration Administrator Portal.

  2. From the left navigation panel, click Security Training > Policy.

  3. Click Create New Policy Rule.

  4. (Optional) In the Rule name field, enter a name.

  5. In the Rule state dropdown, select Running.

  6. In the Users and groups section, select the users and/or group of users for whom the policy is applicable:

    1. To apply the policy to all users and groups in your organization, select All Office 365 users.

    2. To apply the policy to specific users or groups, select the users/groups and click Add to Selected.

  7. Select a Phishing Simulation Strategy:

    • Prioritize the past attack types of the user - Sends phishing simulation emails that reflect recent attack types faced by the users in your organization.

    • None, do not perform simulations - No simulation emails are sent to the users.

  8. (Optional) To view the phishing email templates used to send simulation emails to users, click Phishing simulations templates.

    The system shows all the available simulation templates.

  9. In the Frequency section, select the required frequency of the simulation emails.

    • Daily

    • Weekly

    • Biweekly

    • Monthly

    • Quarterly

    • Yearly

    Note - By default, the frequency of the simulation emails is set to Biweekly.

  10. In the Send randomly on section, select the days to randomly send simulation emails to users.

    • Monday

    • Tuesday

    • Wednesday

    • Thursday

    • Friday

    • Saturday

    • Sunday

  11. In the Time Range Start section, select the start time to send emails on the selected days.

  12. In the Time Range End section, select the end time to stop sending emails on the selected days.

    Note - By default, the time range is set to 9:00 AM to 18:00 PM.

  13. In the Select Time Zone section, select the required time zone.

    Note - By default, the time zone is set to (UTC +00:00) UTC.

  14. Select the Training Modules.

    Notes:

    • To view the contents of the training module, click the icon (preview) next to the training module name.

    • The deadline for completing each training is 14 days.

  15. To configure settings for the training and reminders for the email notifications, click Advanced settings and do these:

    1. In the Training reminder interval field, enter the number of days after which the system sends a reminder. For example, if you enter 2, the system sends reminder after every 2 days.

    2. In the Training max frequency (days) field, enter the number of days after which the system initiates a new training session.

    3. To configure email notifications for the training and reminders:

      • In the Training invitation subject field, enter the subject for the training invitation email.

      • In the Training invitation body template field, enter the body for the training invitation email.

      • In the Training remind subject field, enter the subject for the training reminder email.

      • In the Training remind body template field, enter the body for the training reminder email.

      To view the supported placeholders, see Training and Reminder Emails - Supported Placeholders.

    4. Click Save.

  16. Click Save.

    Note - Now that the security awareness training policy is configured the end users receive an email with a link to access the training modules. To allow users to access the training modules, the administrator must authenticate by granting the necessary permissions.

Authorizing Training Module Access for the Organization

Harmony Email & Collaboration allows users to access the training modules using the link provided in the email notification.

The administrator must authorize access for the entire organization by granting the necessary permissions.

To authorize the Microsoft login permissions for training modules:

  1. Click on the link provided in the email.

  2. Click Sign in with Microsoft.

  3. Enter the admin credentials and sign in.

    The Permissions requested pop-up appears for the Check Point Harmony Email & Collaboration – Training application and requests the necessary permissions. See Required Permissions for Microsoft Login Authorization.

  4. To allow end users to sign in using Microsoft credentials, select the Consent on behalf of your organization checkbox.

  5. Click Accept.

    End users can now sign in with their organization's Microsoft credentials using the link provided in the email to access the training modules.

Required Permissions for Microsoft Login Authorization

Permissions required from Microsoft/Google

Functions performed by Harmony Email & Collaboration
Sign you in and read your profile Allows users to sign in to the app and allows the app to read the profile of signed-in users. It also allows the app to read basic company information of signed-in users.
Maintain access to data you have given it access to Allows the app to view and update the signed-in user data even when you are not currently using the app.

Training and Reminder Emails - Supported Placeholders

While configuring email notifications for training and reminders in Security Awareness Training, the administrators can use these placeholders to replace content dynamically.

Placeholder Name

Placeholder Value

Email recipient name

{recipient_name}

Training module name

{training_name}

Training module description

{training_description}

Date before which the training module must be completed

{training_due_date}

Length of the training mode in minutes or hours

{training_duration}

Number of days remaining to complete the training module

{training_days_left}

Branding the Security Awareness Training Web Page

To customize the training module interface and phishing simulation web pages to reflect your organization’s branding:

  1. Go to Security Training > Policy.

  2. Click Configuration next to Security training policies from the top of the page.

  3. In the Branding of user interaction (landing pages, course screens) section, select one of these:

    • To show the web pages and course screens that matches your organization's branding, select Auto-brand pages with AI for my domain (recommended). Harmony Email & Collaboration uses AI and auto-brands the pages based on your organizational domain.

    • To use Check Point's branding, select Use Check Point branding.

  4. Click Save.

Monitoring User Interactions with Phishing Simulations

The Security Training Dashboard shows an overview of training completion and phishing simulation performance for organization members using widgets, charts, and tables. It also shows individual training statuses and user details, enabling administrators to analyze the organization's security awareness and readiness against phishing threats.

To view the Dashboard page, click Security Training > Dashboard.

To select a time frame for the Dashboard, select an option from the dropdown next to Dashboard at the top of the page.

  • Last 24h

  • Last 7 days

  • Last 30 days

  • Last 12 months

  • Custom

To export the details to a PDF, click Export to PDF.

Overall Training Progress

The Overall Training Progress widget shows the number of trainings assigned and their status in the selected time frame.

  • Passed

  • Failed

  • Not Completed

To view specific assigned trainings, click the relevant field in the widget, and the system shows the filtered trainings on the Users page.

Phishing Simulation Overview

The Phishing Simulation Overview widget shows the number of phishing simulation emails sent and their status in the selected time frame.

  • Unread

  • Read

  • Deleted

  • Reported

  • Phished

    • Clicked

    • Scanned QR Code

    • Replied

    • Forwarded

    • Opened attachment

    • Called unknown number

    • Shared data

To view specific phishing simulations, click the relevant field in the widget, and the system shows the filtered phishing simulations on the Users page.

Training Compliance Level Over Time (Entire Organization)

The Training Compliance Level Over Time (Entire Organization) widget shows the percentage of users in the organization who have completed the training in the selected time frame.

Phishing Simulation Emails Sent

The Phishing Simulation Emails Sent widget shows the total number of phishing simulation emails sent and their status in the selected time frame.

Phishing Simulation by Attack Type

The Phishing Simulation by Attack Type widget shows the number of phishing simulation emails sent based on the attack type in the selected time frame.

To view specific phishing simulation details based on the attack type, click the relevant field in the widget, and the system shows the filtered phishing simulations by attack type on the Users page.

Interaction Patterns of Phished Users

The Interaction Patterns of Phished Users widget shows the total number of phished emails and their interaction status in the selected time frame.

To view specific phished emails and their interactions, click the relevant field in the widget, and the system shows the filtered interactions of phished users on the Users page.

Phishing Simulation - Failure Rate Over Time

The Phishing Simulation - Failure Rate Over Time widget shows the percentage of emails that have failed the simulation in the selected time frame.

Top Phished Departments

The Top Phished Departments widget shows the top ten departments in the organization with the most phished users in the selected time frame.

To view specific department in the organization with the most phished users, click the relevant field in the widget, and the system shows the filtered departments on the Users page.

Top Phished Users

The Top Phished Users table shows the users that are phished more times in the selected time frame.

Column

Description

Name

Name of the user in the organization.

Title

Job title of the user in the organization.

Department

Department the user belongs to within the organization.

Failures

Number of phishing emails opened.

Monitoring User Training Progress

Training Progress

The Training Progress widget shows the training modules and their status in the selected time frame.

Training Status

The Training Status table shows the status of each training module.

Column

Description

Training

Training module name

Policy

Name of the policy.

Start Date

Date on which the training module is assigned to the users.

Training Status

Training status:

  • Not Started

  • In progress

  • Completed

Users

Users that are assigned the training module.

Passed

Percentage of users that have passed in the training module.

Failed

Percentage of users that have failed in the training module.

Not Completed

Percentage of users that have not started the training module.

Users

The Users table shows the phishing simulation emails sent to the users and their training status in the selected time frame.

Column

Description

Name

Name of the user in the organization.

Title

Job title of the user in the organization.

Department

Department the user belongs to within the organization.

Phishing Simulation

Type of simulation email sent to the user and their status.

Click on the simulation name to view analytics filtered specifically for that simulation. See Monitoring Phishing Simulations.

Awareness Training

Training module name and their status.

Click on the training module name to view analytics filtered specifically for that module. See Monitoring User Awareness Training Progress.

Monitoring Phishing Simulations

To view the details of a specific phishing simulation, click on the required phishing simulation name in the Phishing Simulation column of the Users table.

Harmony Email & Collaboration redirects you to the relevant phishing simulation dashboard.

To select a time frame for the phishing simulation, select an option from the drop-down next to the phishing simulation name at the top of the page.

  • Last 24h

  • Last 7 days

  • Last 30 days

  • Last 12 months

  • Custom

To export the details to a PDF, click Export to PDF.

Phishing Simulation Overview

The Phishing Simulation Overview widget shows the number of phishing simulation emails sent and their status for the selected phishing simulation in the selected time frame.

  • Unread

  • Read

  • Deleted

  • Reported

  • Phished

    • Clicked

    • Scanned QR Code

    • Replied

    • Forwarded

    • Opened attachment

    • Called unknown number

    • Shared data

Top Targeted Departments

The Top Targeted Departments widget shows the top ten targeted departments in the organization with the most phished users for the selected phishing simulation in the selected time frame.

Top Phished Departments

The Top Phished Departments widget shows the top ten departments in the organization with the most phished users for the selected phishing simulation in the selected time frame.

  • Clicked

  • Replied

  • Opened attachment

  • Shared data

Interaction Patterns of Phished Users

The Interaction Patterns of Phished Users widget shows the total number of phished emails and their interaction status for the selected phishing simulation in the selected time frame.

  • Clicked

  • Replied

  • Opened attachment

  • Shared data

  • Scanned QR Code

Interaction Patterns Over Time

The Interaction Patterns Over Time widget shows the total number of phished emails sent to the users and their interaction status for the selected phishing simulation in the selected time frame.

  • Unread

  • Read

  • Deleted

  • Reported

  • Phished

  • Scanned QR Code

User Interaction

The User Interaction table shows the phishing simulation emails sent to the users and their training status in the selected time frame.

Column

Description

Name

Name of the user in the organization.

Title

Job title of the user in the organization.

Department

Department the user belongs to within the organization.

Phishing Simulation

Type of simulation email sent to the user and their status.

Click on the simulation name to view analytics filtered specifically for that simulation. See Monitoring Phishing Simulations.

Awareness Training

Training module name and their status.

Click on the training module name to view analytics filtered specifically for that module. See Monitoring User Awareness Training Progress.

Monitoring User Awareness Training Progress

To view the progress of a specific training module, click on the training module name in the Awareness Training column of the Users table.

Harmony Email & Collaboration redirects you to the relevant awareness training module progress dashboard.

To select a time frame for the training module, select an option from the drop-down next to the awareness training module name at the top of the page.

  • Last 24h

  • Last 7 days

  • Last 30 days

  • Last 12 months

  • Custom

To export the details to a PDF, click Export to PDF.

Overall Training Progress

The Overall Training Progress widget shows the number of training modules and their status for the selected training module in the selected time frame.

  • Passed

  • Failed

  • Not Completed

Top Departments Assigned

The Top Departments Assigned widget shows the top ten departments in the organization assigned to the selected training module and their status in the selected time frame.

Top Departments Unpassed

The Top Departments unpassed widget shows the top ten departments in the organization that did not pass the selected training module in the selected time frame.

  • Failed

  • Not Completed

Training Compliance Level Over Time (Entire Organization)

The Training Compliance Level Over Time (Entire Organization) widget shows the percentage of users in the organization who completed the training for the selected training module in the selected time frame.

Training Progress Over Time

The Training Progress Over Time widget shows the number of trainings assigned and their status for the selected training module in the selected time frame.

User Progress

The User Progress table shows the phishing simulation emails sent to the users and their training status in the selected time frame.

Column

Description

Name

Name of the user in the organization.

Title

Job title of the user in the organization.

Department

Department the user belongs to within the organization.

Phishing Simulation

Type of simulation email sent to the user and their status.

Awareness Training

Training module name and their status.

Training Log

The Training Log table shows the users and their training status in the selected time frame.

Column

Description

Name

Name of the user in the organization.

Title

Job title of the user in the organization.

Department

Department the user belongs to within the organization.

Days Left

Number of days left to complete the training module.

Training

Name of the training module.

Status

Status of the training module.

  • Invited

  • In progress

  • Passed

  • Failed

Status Details

Detailed information about the status.

Time

Date and Time of the training started.

Phishing Simulations Live Activity Log

The Phishing Simulations Live Activity Log table shows the simulation emails sent to the users and their status.

Column

Description

Name

Name of the user in the organization.

Title

Job title of the user in the organization.

Department

Department the user belongs to within the organization.

Simulation

Type of simulation email sent to the user.

Sent time

Date and time at which the simulation email is sent.

Status

Status of the simulation email.

  • Unread

  • Passed

  • Failed

Status time

Time at which the status is received.

Security Awareness Training - End User Experience

As per the security training policy configured by the administrator, the end-user receives an email with the necessary training details. The email contains the training module name, duration, due date, and a link to access the training module.

To start the training module:

  1. Click the link provided in the email.

    The Welcome to Security Awareness Training page appears.

  2. Click Sign in with Microsoft.

  3. Enter your organization's Microsoft credentials and sign in.

    The training module page appears.

  4. (Optional) If the training module is available in multiple languages, the Choose your language widget appears to the right of the screen. Select the required language.

  5. (Optional) To view the different sections in the training module, click the icon.

    The Menu appears, displaying the different sections in the module.

  6. If required, click Start to begin the training.

The training includes a quiz with multiple questions to help users understand the content. It also covers key use cases and provides strategies to protect against security threats.

Phishing Simulation Email - End User Experience

As per the security training policy configured by the administrator, the end-user receives phishing simulation emails periodically. When a user clicks a link in these emails, a web page displays the risk indicators relevant to the simulation and allows the user to take the Phishing Awareness Training.