This pack uses Scores which must be configured by Nexthink Professional Services or by a certified Nexthink partner.
A comprehensive Security Awareness pack consisting of employee risk assessment, risk education and real-time security improvements to avoid threats from occurring.
Part of the Employee Security Awareness Solution by Nexthink.
The content pack is structured as follows:
Employee Security Risk module
For each employee across the organization, a risk score is calculated based on 4 basic risk scenarios:
- users accessing to suspicious domains
- users executing applications from USB
- users running new / unknown applications
- users generating high external traffic
Employees with high risk score are potential candidates to a specific security awareness campaign.
Note: risk scenarios must be adapted for each environment, ideally based on a risk assessment outcome.
Employee Security Awareness module
The first dashboard (Initial campaign) summarizes the results of a generic campaign that calculates an "awareness score" for each employee. Different security topics are covered, such as malwares, incident response, phishing or privileged accesses. It can be considered as a baseline to assess the knowledge across the company regarding information security.
The second dashboard (Single-questions campaign) presents the results of simple campaigns that are targeted to specific employees. For example, for users with a high-risk score due to multiple executions from USB mass-storage devices, a dedicated campaign related to the risks of such behaviors is published.
Note: again, this example has to be adapted to the real needs in term of information security education for each organization. Awareness campaigns must be developed in collaboration with internal security stakeholders.
- 184.108.40.206 - 04 Jan 2021 - Removed metric "Number of Users Accessing Suspicious Domains" as it used "Nexthink Enhance" which is no longer supported.
- 220.127.116.11 - 04 Apr 2019 - Initial release