Re: KnowBe4 Training and Phishing Sim

["McClenon, Brady" <Brady.McClenon () ONEONTA EDU>]

We are an O365 campus and have just started using the Report Message add-in from Microsoft.  You can deploy it to all 
click-to-run Outlook users, by selected groups or all users.

https://appsource.microsoft.com/en-us/product/office/wa104381180

It reports all messages to MS, but with a mail flow rule, we send a copy to us as well.  Instructions are at the bottom 
of this article.

https://docs.microsoft.com/en-us/office365/securitycompliance/enable-the-report-message-add-in




Brady McClenon
IT Security Administrator
ITS – IT Security
SUNY Oneonta

Information Security is Everyone’s Responsibility!  Learn more at http://staysafeonline.org/ncsam/




From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Taylor Randle
Sent: Friday, August 31, 2018 12:09 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] KnowBe4 Training and Phishing Sim

+1 for the Phish Alert Button. We deployed it immediately and have had a lot of success with it.

Taylor Randle
Director of Client Services & IT Security

[Description: Description: Description: 
https://www.parker.edu/uploadedImages/0000_Home/0012_Images/Email_Signature/Parker_H_RGB.png]

2540 Walnut Hill Lane, Dallas, TX 75229
T: 214.902.2439 | F: 214.902.2431
trandle () parker edu<mailto:trandle () parker edu>
www.parker.edu<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.parker.edu%2F&data=02%7C01%7Cbrady.mcclenon%40ONEONTA.EDU%7Cd62467cba9234dc2820e08d60f5c0db4%7Cb2c9b1a8d1ad4c9f9172728a8c08eb65%7C1%7C0%7C636713285395032752&sdata=McAervNu4R77z3bMFr5NYSscQU6Mo0I3k%2BP8%2BYabe%2Fs%3D&reserved=0>
 | 
www.parkerseminars.com<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.parkerseminars.com%2F&data=02%7C01%7Cbrady.mcclenon%40ONEONTA.EDU%7Cd62467cba9234dc2820e08d60f5c0db4%7Cb2c9b1a8d1ad4c9f9172728a8c08eb65%7C1%7C0%7C636713285395189023&sdata=ZhFndt0gcSujxr%2F%2FVDr4gmwVwVnRTJ8gvJ%2Fe8A8XRz4%3D&reserved=0>

[Description: Description: Description: 
https://www.parker.edu/uploadedImages/0000_Home/0012_Images/Email_Signature/Twitter_Icon_RGB.png]<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.twitter.com%2FParkerUniv&data=02%7C01%7Cbrady.mcclenon%40ONEONTA.EDU%7Cd62467cba9234dc2820e08d60f5c0db4%7Cb2c9b1a8d1ad4c9f9172728a8c08eb65%7C1%7C0%7C636713285395189023&sdata=jWwjIawaQKBLkLkF78tGQUlSpoN3IDjUBMtmw3dvfNA%3D&reserved=0>

................................................





From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> On Behalf Of Manjak, Martin
Sent: Friday, August 31, 2018 11:07 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] KnowBe4 Training and Phishing Sim

We are in our third year as KnowBe4 customers. I’ll echo Walter’s comments, and add that perhaps the biggest benefit to 
our campus is the Phish Alert widget that can be added to the Outlook Client, or your OWA instance, that lets students 
and staff (not licensed per seat like the training and phishing campaigns) report suspicious messages by clicking on 
the add-on.

You can configure it to forward the message to your designated unit (ours goes to our InfoSec team), and also configure 
the text displayed after they confirm they want to report the email. These are tracked on our KnowBe4 console, plus, 
the forwards include the full headers of the original message, which can be extremely valuable. Lastly, the widget also 
deletes the original message from the recipient’s account.

Both our employees and students use the tool frequently so we see all kinds of crap that they’re receiving. Often, it’s 
the first indication we have that an internal account has been compromised. This lets us sinkhole the collection 
domains, and initiate a search and delete for the messages.

Marty Manjak
CISO
University at Albany

From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> On Behalf Of WALTER KERNER
Sent: Friday, August 31, 2018 11:54 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] KnowBe4 Training and Phishing Sim

Hi.  We have just started with Knowbe4 this semester so we've only started to get our feet wet with it.  We have the 
platinum level.  I can say that in setting up with white hat phishing exercise I find the console very easy to use and 
almost 100% customizable. The customer service so far has been awesome - our rep is very helpful and available to 
answer questions.




Walter Kerner
Assistant Vice-President and CISO
[blue]
333 7th Avenue, 13th Floor
New York, NY 10001
Voice: 212-217-3415

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () 
LISTSERV EDUCAUSE EDU>] On Behalf Of Weston Woolworth
Sent: Friday, August 31, 2018 11:27 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] KnowBe4 Training and Phishing Sim

Hi Chris,

We started with Gold because it had a lower price and had a number of good resources, however we shifted over to 
Diamond recently – primarily for their FERPA training, and other relevant modules to us as Higher Ed. For the most part 
though, Gold was highly effective.

WESTON WOOLWORTH
Director of IT Operations
661.362.2345 | wwoolworth () masters edu<mailto:wwoolworth () masters edu>
[Machine generated alternative text:  THE MASTER'S   UNIVERSITY]

From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> On Behalf Of Davis, Chris
Sent: Friday, August 31, 2018 7:37 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] KnowBe4 Training and Phishing Sim

For those of you that have KB4, what level of their package do you have and are you satisfied with it?  We are looking 
at the options they offer and are trying to determine which level is appropriate for us.  While I like the offerings in 
the Platinum package, specifically the custom tailored training that responds to how people interact with the phishing 
sims, I am also wondering if it is really necessary and is it worth the cost.  Any input would be appreciated.

Thanks!

Chris


Christopher Davis, Ph.D.
Chief Information Officer
Assistant Professor of Education
Apple Teacher
Lourdes University
6832 Convent Blvd | REH 003P | Sylvania, OH 43560
cdavis () lourdes edu<mailto:cdavis () lourdes edu>

CyberAware – Be aware. Stay Secure!
Lourdes University will never ask you to send sensitive information through unsecure channels. Report any message that 
asks you to provide or confirm personal information such as credit card and/or bank account numbers, Social Security 
numbers, passwords, etc. or any other suspicious activity to infosec () lourdes edu<mailto:infosec () lourdes edu>. For 
more information please visit 
lourdes.edu/cyberaware<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fprotect-us.mimecast.com%2Fs%2Fb65HCERyQLi30qGLtN-6tS%3Fdomain%3Dna01.safelinks.protection.outlook.com&data=02%7C01%7Cbrady.mcclenon%40ONEONTA.EDU%7Cd62467cba9234dc2820e08d60f5c0db4%7Cb2c9b1a8d1ad4c9f9172728a8c08eb65%7C1%7C0%7C636713285395189023&sdata=bYX5H7dREMt%2FaIXyxHPLRu0oIJNb2ADcALqy810UHvE%3D&reserved=0>.

CONFIDENTIALITY NOTICE: The contents of this email message and any attachments are intended solely for the addressee(s) 
and may contain confidential and/or privileged information and may be legally protected from disclosure. If you are not 
the intended recipient of this message or their agent, or if this message has been addressed to you in error, please 
immediately alert the sender by reply email and then delete this message and any attachments. If you are not the 
intended recipient, you are hereby notified that any use, dissemination, copying, or storage of this message or its 
attachments is strictly prohibited.