Security Awareness Program

Contents

Security Awareness Program

Description

This pack uses Scores which must be configured by Nexthink Professional Services or by a certified Nexthink partner.

A comprehensive Security Awareness pack consisting of employee risk assessment, risk education and real-time security improvements to avoid threats from occurring.

Part of the Employee Security Awareness Solution by Nexthink.

The content pack is structured as follows:

Employee Security Risk module

For each employee across the organization, a risk score is calculated based on 4 basic risk scenarios:

  • users accessing to suspicious domains
  • users executing applications from USB
  • users running new / unknown applications
  • users generating high external traffic

Employees with high risk score are potential candidates to a specific security awareness campaign.

Note: risk scenarios must be adapted for each environment, ideally based on a risk assessment outcome.

Employee Security Awareness module

The first dashboard (Initial campaign) summarizes the results of a generic campaign that calculates an “awareness score” for each employee. Different security topics are covered, such as malwares, incident response, phishing or privileged accesses. It can be considered as a baseline to assess the knowledge across the company regarding information security.

The second dashboard (Single-questions campaign) presents the results of simple campaigns that are targeted to specific employees. For example, for users with a high-risk score due to multiple executions from USB mass-storage devices, a dedicated campaign related to the risks of such behaviors is published.

Note: again, this example has to be adapted to the real needs in term of information security education for each organization. Awareness campaigns must be developed in collaboration with internal security stakeholders.

Platforms

  • Windows only

License modules

  • Nexthink Engage
  • Nexthink Enhance

Compatibility

  • Nexthink v6.17 and later