The increasing portability and productivity of devices such as smartphones and tablets means that sensitive data is constantly on the move, which complicates endpoint management and compounds risk. Whether your organization issues mobile devices or supports a Bring Your Own Device (BYOD) program, it’s certain that users are blurring the lines of between corporate and personal communications.
Using our Continuous Training Methodology, our customers have seen up to a 90% reduction in successful phishing attacks and malware infections in just a few months. They’ve also seen measurable improvements in other important metrics, including less employee downtime; more effective use of IT resources; and better identification (and reporting) of suspicious email and text messages. Join them and make our unique, four-step Assess, Educate, Reinforce, Measure methodology the foundation of your security awareness training program.
CyberStrength Knowledge Assessments
Using CyberStrength®, you can assess your employees’ understanding of WiFi, Bluetooth, physical security practices, and other topics that pertain to proper use of mobile devices. Create your own mix of questions from our library, write your own questions, or use our Security on the Go Predefined CyberStrength assessment, which has a set selection of questions that focus on mobile and BYOD security. Our predefined assessments help streamline the administrative process and allow you to use Auto-Enrollment to automatically assign follow-up training to users who don’t exhibit a clear understanding of the topic.
SmishGuru Simulated Smishing Attacks
Use SmishGuru® to assess your employees by sending simulated smishing (SMS/text phishing) messages to approved mobile devices. You can track clicks and responses to different types of mock smishing messages. Any employee who falls for a simulated attack receives a Teachable Moment, which is a customizable “just-in-time teaching” message that explains the purpose of the assessment and displays practical tips for future use.
ThreatSim Simulated Phishing Attacks
Our ThreatSim® simulated phishing tool allows you to send a variety of mock phishing emails to your employees and track the results. (Within ThreatSim reports, you can see if employees accessed the messages from their mobile devices or their PCs.) As with SmishGuru, Teachable Moments deliver practical advice to those employees who interact with a simulated attack. Use the Auto-Enrollment feature to automatically assign follow-up training to users who fall for an attack.
Education is key to changing employee behaviors and long-term risk reduction, and our interactive training modules give your employees the opportunity to apply the principles related to mobile device security. This hands-on approach allows them to see the ways their actions can positively and negatively impact the safety and security of customers, clients, and fellow employees.
Our standard modules average 10 to 15 minutes in length, and our mini-modules generally take 5 to 7 minutes to complete. All modules are available on demand to give administrators and users more flexibility. Mobile-responsive options allow users to access and complete training on any connected device. Global organizations will appreciate the opportunity to deliver training in more than 25 languages.
In addition to our purpose-written, research-based educational content, our Training Jackets allow you to add custom content to the beginning and end of each module. Remind users about organizational policies, attach a training completion certificate, include a policy acknowledgement screen, and more.
To effectively reduce risk within your organization, we suggest licensing the following five modules at minimum to address some of the most pressing mobile security issues:
- Mobile Device Security – This mobile-responsive module teaches employees important physical and technical safeguards; how and when to have a conversation in a public place; and safe use of connectivity features like WiFi, GPS, and Bluetooth.
- Mobile App Security – A sister module to Mobile Device Security, this module helps users judge the reliability and safety of mobile applications prior to downloading.
- Security Beyond the Office – Use this mobile-responsive module to teach users how to establish a secure home office environment and how to avoid common external security threats, including open-access WiFi and public computers.
- Email Security – This in-depth anti-phishing training teaches users to recognize common phishing traps, including malicious links, dangerous attachments, and inappropriate data requests.
- URL Security – Users learn how URLs are constructed, URL warning signs, and how to identify and avoid malicious links.
Because cybercriminals continue to become more sophisticated, it’s critical to keep reinforcing best practices to improve retention. We recommend organizations use our PhishAlarm® email reporting tool and our portfolio of Security Awareness Materials to make the most of their awareness and training efforts.
Our PhishAlarm email client add-in enables your employees to report a suspected phishing email with a single mouse click. Users who report a suspicious message are immediately rewarded with a "thank you" pop-up message or an email that encourages this behavior in the future. You can add PhishAlarm Analyzer to prioritize reported messages and streamline response and remediation.
Our Security Awareness Materials are visible reminders of best practices learned. We offer a wide selection of posters, images, articles, and giveaways that complement our assessment and training products to deliver clear, consistent messaging and keep cybersecurity top-of-mind year round.
By continuing to emphasize best practices and encourage good behaviors, you can reduce your vulnerability to attack.
Measure and Analyze Results
Measurement is a key component of all our security awareness and training products because tracking and analysis provide value on many levels, including identification of ROI.
We offer a range of detailed reports that give you broad and granular insights into the results of your assessments and training, allowing you to monitor progress and, if desired, apply gamification techniques to further motivate users and encourage participation. Analysis tools are helpful in planning and executing your program over time; they can be used to identify the types of mock attacks you should send and the areas in which your users are likely to benefit from additional education.