Demo

It’s that easy: the implementation of SMARTFENSE

Nicolás Bruna Blog No Comments

It’s that easy: the implementation of SMARTFENSE

The implementation of a Security Awareness platformcan be perceived a priori as a complex process, full of configurations and processes such as:

  • Set up an email account on a SMTP server providing Spoofing and a web server to host the Phishing simulation landing page.
  • Apply the relevant security measures on both servers to protect information security.
  • Acquire and configure domains for sending phishing simulationemails and for web browsing web browsing of the simulated phishing site, with their respective SSL certificates and SPF, DKIM and DMARC records.
  • Develop a contingency plan for simulation domains that fall into global blacklists and a procedure for updating and hardening the defined infrastructure.
  • Among others

But of course, these steps and many others are not necessary to implement a cloud awareness platform because they are already provided a priori. This allows us to spend our time on what really matters: delivering a positive end-user experience and successfully taking the necessary actions to bring about behavioral change in the organization.

Clear, well defined and simple

The implementation process of the awareness SMARTFENSE stands out for being clear, well-defined and simple to carry forward.

As it is carried out with the support of the integrator partner selected by the client, the process is performed in an orderly and careful manner, accompanied by certified professionals.

The main aspects that are part of the implementation process are related to:

  • Select an import and user authentication method.
  • Perform a whitelist process to ensure real results in the phishing or ransomware campaigns launched.
  • Customize everything you want: contents, notifications, reports, organizational variables, logos, etc.
  • Launch test campaigns prior to the actual campaigns to check the expected performance.

SMARTFENSE provides guides, checklists and Gantt charts to carry out each step in a clear and complete manner, thus guaranteeing a pleasant experience for the implementer.

User import and authentication

From simple CSV files to integrations with a high degree of customization through technologies such as Microsoft Azure Active Directory or Google WorkspaceSMARTFENSE provides a wide variety of options for both import users of the organization within the platform as well as to enable their authentication. The different options and its clear and up-to-date documentation make this a fundamental but very simple step to complete successfully.

Whitelist Process

It allows us to ensure that the universe of users we want to evaluate through Phishing and Ransomware simulations receive emails and be able to browse the target website without technical inconvenience.

It also enables that no false statistics are generated within campaigns launched because of email analysis by the organization’s security tools.

In short, the correct implementation of Whitelist allows you to measure user behavior in an objective manner, without technological bias.

Customization

In SMARTFENSE it is possible to customize even the smallest details. Whether the contents to be sent to users (with their texts and images), the organizational variables that define concrete values for the contents (such as names of area managers, telephone numbers, roles), the notifications assignment and reminders, the logos to guarantee White Label, up to the administrative reports and more.

Test campaigns

This type of campaigns provide the possibility to know first-hand if the implementation process succeeded. Como stories, no afectan las estadísticas globales del programa de concientización.

Launching the test campaigns allows to diagnose any extra steps that need to be performed before running the first real campaigns, as well as evaluate the correct functioning of Whitelist processes for Phishing or Ransomware simulation campaigns.

Implementation time

SMARTFENSE implementation time actually depends on the internal times for each organization.

For agile organizations with previous experience in similar processes, a single week may be enough to start executing the awareness plan, sending real campaigns and evaluating their results.

The most common case is for organizations to spend 2-4 weeks to complete the process, due mainly to internal administrative issues.

Integrator partner support

It’s not just about guidelines and procedures. A good experience in the implementation of a platform is only possible through close contact with experts. SMARTFENSE values and recommends the work of the people who are part of our certified partners, who will always support the customer at every step, providing the necessary tools and recommendations for a fast and effective implementation.


Share this post:

Share on LinkedIn Share on Pinterest Share on WhatsApp
Post Tags :
Prev Post

Next Post

Nicolás Bruna

Product Manager de SMARTFENSE. Su misión en la empresa es mejorar la plataforma día a día y evangelizar sobre la importancia de la concientización. Lidera el equipo de desarrollo y QA de SMARTFENSE. Ha escrito dos whitepapers y más de 50 artículos sobre concientización. También es uno de los autores de la Guía de Ransomware de OWASP y el Calculador de costos de Ransomware, entre otros recursos gratuitos.

Leave a Reply

Search

Recent Posts

Tag cloud

awareness awareness planning ciso cyber security direct message injection email security false positives Hiding statistics phishing phishing simulation phishing simulation campaign smartfense training and awareness user hardening whitelist

Spanish Blog

In the spanish blog we have hundreds of posts to read

Go to the Spanish Blog