Security Awareness Training
The Security Awareness Training feature in Harmony Email & Collaboration helps organizations create awareness among employees on essential security skills. It includes awareness of phishing simulation emails reflecting recent attacks and interactive training modules.
Activating Security Awareness Training
To activate Security Awareness Training, contact Check Point Support.
|
Notes:
|
Configuring Security Awareness Training Policy
To configure a security awareness training policy:
-
Access the Harmony Email & Collaboration Administrator Portal.
-
From the left navigation panel, click Security Training > Policy.
-
Click Create New Policy Rule.
-
(Optional) In the Rule name field, enter a name.
-
In the Rule state dropdown, select Running.
-
In the Users and groups section, select the users and/or group of users for whom the policy is applicable:
-
To apply the policy to all users and groups in your organization, select All Office 365 users.
-
To apply the policy to specific users or groups, select the users/groups and click Add to Selected.
-
-
Select a Phishing Simulation Strategy:
-
Prioritize the past attack types of the user - Sends phishing simulation emails that reflect recent attack types faced by the users in your organization.
-
None, do not perform simulations - No simulation emails are sent to the users.
-
-
(Optional) To view the phishing email templates used to send simulation emails to users, click Phishing simulations templates.
The system shows all the available simulation templates.
-
In the Frequency section, select the required frequency of the simulation emails.
-
Daily
-
Weekly
-
Biweekly
-
Monthly
-
Quarterly
-
Yearly
Note - By default, the frequency of the simulation emails is set to Biweekly.
-
-
In the Send randomly on section, select the days to randomly send simulation emails to users.
-
Monday
-
Tuesday
-
Wednesday
-
Thursday
-
Friday
-
Saturday
-
Sunday
-
-
In the Time Range Start section, select the start time to send emails on the selected days.
-
In the Time Range End section, select the end time to stop sending emails on the selected days.
Note - By default, the time range is set to 9:00 AM to 18:00 PM.
-
In the Select Time Zone section, select the required time zone.
Note - By default, the time zone is set to (UTC +00:00) UTC.
-
Select the Training Modules.
Notes:
-
To view the contents of the training module, click the
icon (preview) next to the training module name.
-
The deadline for completing each training is 14 days.
-
-
To configure settings for the training and reminders for the email notifications, click Advanced settings and do these:
-
In the Training reminder interval field, enter the number of days after which the system sends a reminder. For example, if you enter 2, the system sends reminder after every 2 days.
-
In the Training max frequency (days) field, enter the number of days after which the system initiates a new training session.
-
To configure email notifications for the training and reminders:
-
In the Training invitation subject field, enter the subject for the training invitation email.
-
In the Training invitation body template field, enter the body for the training invitation email.
-
In the Training remind subject field, enter the subject for the training reminder email.
-
In the Training remind body template field, enter the body for the training reminder email.
To view the supported placeholders, see Training and Reminder Emails - Supported Placeholders.
-
-
Click Save.
-
-
Click Save.
Note - Now that the security awareness training policy is configured the end users receive an email with a link to access the training modules. To allow users to access the training modules, the administrator must authenticate by granting the necessary permissions.
Authorizing Training Module Access for the Organization
Harmony Email & Collaboration allows users to access the training modules using the link provided in the email notification.
The administrator must authorize access for the entire organization by granting the necessary permissions.
To authorize the Microsoft login permissions for training modules:
-
Click on the link provided in the email.
-
Click Sign in with Microsoft.
-
Enter the admin credentials and sign in.
The Permissions requested pop-up appears for the Check Point Harmony Email & Collaboration – Training application and requests the necessary permissions. See Required Permissions for Microsoft Login Authorization.
-
To allow end users to sign in using Microsoft credentials, select the Consent on behalf of your organization checkbox.
-
Click Accept.
End users can now sign in with their organization's Microsoft credentials using the link provided in the email to access the training modules.
Required Permissions for Microsoft Login Authorization
Permissions required from Microsoft/Google |
Functions performed by Harmony Email & Collaboration |
---|---|
Sign you in and read your profile | Allows users to sign in to the app and allows the app to read the profile of signed-in users. It also allows the app to read basic company information of signed-in users. |
Maintain access to data you have given it access to | Allows the app to view and update the signed-in user data even when you are not currently using the app. |
Training and Reminder Emails - Supported Placeholders
While configuring email notifications for training and reminders in Security Awareness Training, the administrators can use these placeholders to replace content dynamically.
Placeholder Name |
Placeholder Value |
---|---|
Email recipient name |
{recipient_name} |
Training module name |
{training_name} |
Training module description |
{training_description} |
Date before which the training module must be completed |
{training_due_date} |
Length of the training mode in minutes or hours |
{training_duration} |
Number of days remaining to complete the training module |
{training_days_left} |
Branding the Security Awareness Training Web Page
To customize the training module interface and phishing simulation web pages to reflect your organization’s branding:
-
Go to Security Training > Policy.
-
Click Configuration next to Security training policies from the top of the page.
-
In the Branding of user interaction (landing pages, course screens) section, select one of these:
-
To show the web pages and course screens that matches your organization's branding, select Auto-brand pages with AI for my domain (recommended). Harmony Email & Collaboration uses AI and auto-brands the pages based on your organizational domain.
-
To use Check Point's branding, select Use Check Point branding.
-
-
Click Save.
Monitoring User Interactions with Phishing Simulations
The Security Training Dashboard shows an overview of training completion and phishing simulation performance for organization members using widgets, charts, and tables. It also shows individual training statuses and user details, enabling administrators to analyze the organization's security awareness and readiness against phishing threats.
To view the Dashboard page, click Security Training > Dashboard.
To select a time frame for the Dashboard, select an option from the dropdown next to Dashboard at the top of the page.
-
Last 24h
-
Last 7 days
-
Last 30 days
-
Last 12 months
-
Custom
To export the details to a PDF, click Export to PDF.
Overall Training Progress
The Overall Training Progress widget shows the number of trainings assigned and their status in the selected time frame.
-
Passed
-
Failed
-
Not Completed
To view specific assigned trainings, click the relevant field in the widget, and the system shows the filtered trainings on the Users page.
Phishing Simulation Overview
The Phishing Simulation Overview widget shows the number of phishing simulation emails sent and their status in the selected time frame.
-
Unread
-
Read
-
Deleted
-
Reported
-
Phished
-
Clicked
-
Scanned QR Code
-
Replied
-
Forwarded
-
Opened attachment
-
Called unknown number
-
Shared data
-
To view specific phishing simulations, click the relevant field in the widget, and the system shows the filtered phishing simulations on the Users page.
Training Compliance Level Over Time (Entire Organization)
The Training Compliance Level Over Time (Entire Organization) widget shows the percentage of users in the organization who have completed the training in the selected time frame.
Phishing Simulation Emails Sent
The Phishing Simulation Emails Sent widget shows the total number of phishing simulation emails sent and their status in the selected time frame.
Phishing Simulation by Attack Type
The Phishing Simulation by Attack Type widget shows the number of phishing simulation emails sent based on the attack type in the selected time frame.
To view specific phishing simulation details based on the attack type, click the relevant field in the widget, and the system shows the filtered phishing simulations by attack type on the Users page.
Interaction Patterns of Phished Users
The Interaction Patterns of Phished Users widget shows the total number of phished emails and their interaction status in the selected time frame.
To view specific phished emails and their interactions, click the relevant field in the widget, and the system shows the filtered interactions of phished users on the Users page.
Phishing Simulation - Failure Rate Over Time
The Phishing Simulation - Failure Rate Over Time widget shows the percentage of emails that have failed the simulation in the selected time frame.
Top Phished Departments
The Top Phished Departments widget shows the top ten departments in the organization with the most phished users in the selected time frame.
To view specific department in the organization with the most phished users, click the relevant field in the widget, and the system shows the filtered departments on the Users page.
Top Phished Users
The Top Phished Users table shows the users that are phished more times in the selected time frame.
Column |
Description |
---|---|
Name |
Name of the user in the organization. |
Title |
Job title of the user in the organization. |
Department |
Department the user belongs to within the organization. |
Failures |
Number of phishing emails opened. |
Monitoring User Training Progress
Training Progress
The Training Progress widget shows the training modules and their status in the selected time frame.
Training Status
The Training Status table shows the status of each training module.
Column |
Description |
---|---|
Training |
Training module name |
Policy |
Name of the policy. |
Start Date |
Date on which the training module is assigned to the users. |
Training Status |
Training status:
|
Users |
Users that are assigned the training module. |
Passed |
Percentage of users that have passed in the training module. |
Failed |
Percentage of users that have failed in the training module. |
Not Completed |
Percentage of users that have not started the training module. |
Users
The Users table shows the phishing simulation emails sent to the users and their training status in the selected time frame.
Column |
Description |
---|---|
Name |
Name of the user in the organization. |
Title |
Job title of the user in the organization. |
Department |
Department the user belongs to within the organization. |
Phishing Simulation |
Type of simulation email sent to the user and their status. Click on the simulation name to view analytics filtered specifically for that simulation. See Monitoring Phishing Simulations. |
Awareness Training |
Training module name and their status. Click on the training module name to view analytics filtered specifically for that module. See Monitoring User Awareness Training Progress. |
Monitoring Phishing Simulations
To view the details of a specific phishing simulation, click on the required phishing simulation name in the Phishing Simulation column of the Users table.
Harmony Email & Collaboration redirects you to the relevant phishing simulation dashboard.
To select a time frame for the phishing simulation, select an option from the drop-down next to the phishing simulation name at the top of the page.
-
Last 24h
-
Last 7 days
-
Last 30 days
-
Last 12 months
-
Custom
To export the details to a PDF, click Export to PDF.
Phishing Simulation Overview
The Phishing Simulation Overview widget shows the number of phishing simulation emails sent and their status for the selected phishing simulation in the selected time frame.
-
Unread
-
Read
-
Deleted
-
Reported
-
Phished
-
Clicked
-
Scanned QR Code
-
Replied
-
Forwarded
-
Opened attachment
-
Called unknown number
-
Shared data
-
Top Targeted Departments
The Top Targeted Departments widget shows the top ten targeted departments in the organization with the most phished users for the selected phishing simulation in the selected time frame.
Top Phished Departments
The Top Phished Departments widget shows the top ten departments in the organization with the most phished users for the selected phishing simulation in the selected time frame.
-
Clicked
-
Replied
-
Opened attachment
-
Shared data
Interaction Patterns of Phished Users
The Interaction Patterns of Phished Users widget shows the total number of phished emails and their interaction status for the selected phishing simulation in the selected time frame.
-
Clicked
-
Replied
-
Opened attachment
-
Shared data
-
Scanned QR Code
Interaction Patterns Over Time
The Interaction Patterns Over Time widget shows the total number of phished emails sent to the users and their interaction status for the selected phishing simulation in the selected time frame.
-
Unread
-
Read
-
Deleted
-
Reported
-
Phished
-
Scanned QR Code
User Interaction
The User Interaction table shows the phishing simulation emails sent to the users and their training status in the selected time frame.
Column |
Description |
---|---|
Name |
Name of the user in the organization. |
Title |
Job title of the user in the organization. |
Department |
Department the user belongs to within the organization. |
Phishing Simulation |
Type of simulation email sent to the user and their status. Click on the simulation name to view analytics filtered specifically for that simulation. See Monitoring Phishing Simulations. |
Awareness Training |
Training module name and their status. Click on the training module name to view analytics filtered specifically for that module. See Monitoring User Awareness Training Progress. |
Monitoring User Awareness Training Progress
To view the progress of a specific training module, click on the training module name in the Awareness Training column of the Users table.
Harmony Email & Collaboration redirects you to the relevant awareness training module progress dashboard.
To select a time frame for the training module, select an option from the drop-down next to the awareness training module name at the top of the page.
-
Last 24h
-
Last 7 days
-
Last 30 days
-
Last 12 months
-
Custom
To export the details to a PDF, click Export to PDF.
Overall Training Progress
The Overall Training Progress widget shows the number of training modules and their status for the selected training module in the selected time frame.
-
Passed
-
Failed
-
Not Completed
Top Departments Assigned
The Top Departments Assigned widget shows the top ten departments in the organization assigned to the selected training module and their status in the selected time frame.
Top Departments Unpassed
The Top Departments unpassed widget shows the top ten departments in the organization that did not pass the selected training module in the selected time frame.
-
Failed
-
Not Completed
Training Compliance Level Over Time (Entire Organization)
The Training Compliance Level Over Time (Entire Organization) widget shows the percentage of users in the organization who completed the training for the selected training module in the selected time frame.
Training Progress Over Time
The Training Progress Over Time widget shows the number of trainings assigned and their status for the selected training module in the selected time frame.
User Progress
The User Progress table shows the phishing simulation emails sent to the users and their training status in the selected time frame.
Column |
Description |
---|---|
Name |
Name of the user in the organization. |
Title |
Job title of the user in the organization. |
Department |
Department the user belongs to within the organization. |
Phishing Simulation |
Type of simulation email sent to the user and their status. |
Awareness Training |
Training module name and their status. |
Training Log
The Training Log table shows the users and their training status in the selected time frame.
Column |
Description |
---|---|
Name |
Name of the user in the organization. |
Title |
Job title of the user in the organization. |
Department |
Department the user belongs to within the organization. |
Days Left |
Number of days left to complete the training module. |
Training |
Name of the training module. |
Status |
Status of the training module.
|
Status Details |
Detailed information about the status. |
Time |
Date and Time of the training started. |
Phishing Simulations Live Activity Log
The Phishing Simulations Live Activity Log table shows the simulation emails sent to the users and their status.
Column |
Description |
---|---|
Name |
Name of the user in the organization. |
Title |
Job title of the user in the organization. |
Department |
Department the user belongs to within the organization. |
Simulation |
Type of simulation email sent to the user. |
Sent time |
Date and time at which the simulation email is sent. |
Status |
Status of the simulation email.
|
Status time |
Time at which the status is received. |
Security Awareness Training - End User Experience
As per the security training policy configured by the administrator, the end-user receives an email with the necessary training details. The email contains the training module name, duration, due date, and a link to access the training module.
To start the training module:
-
Click the link provided in the email.
The Welcome to Security Awareness Training page appears.
-
Click Sign in with Microsoft.
-
Enter your organization's Microsoft credentials and sign in.
The training module page appears.
-
(Optional) If the training module is available in multiple languages, the Choose your language widget appears to the right of the screen. Select the required language.
-
(Optional) To view the different sections in the training module, click the
icon.
The Menu appears, displaying the different sections in the module.
-
If required, click Start to begin the training.
The training includes a quiz with multiple questions to help users understand the content. It also covers key use cases and provides strategies to protect against security threats.
Phishing Simulation Email - End User Experience
As per the security training policy configured by the administrator, the end-user receives phishing simulation emails periodically. When a user clicks a link in these emails, a web page displays the risk indicators relevant to the simulation and allows the user to take the Phishing Awareness Training.