Learners & Groups
Table of Contents:
- Creating Users
- Managing Individual Learners
- Importing Multiple Users
- Managing Groups
- Active Directory Synchronizer
Once you have completed this section, you will be able to:
- Understand how learners are counted in SecurityIQ
- Create a single learner manually
- Create multiple learners by importing a CSV file
- Create groups
- Assign learners to a group
- Delete a group
- Understand how groups are used in SecurityIQ
As you learned in the Planning section, groups will be a key part of effectively and efficiently delivering security awareness training and simulated phishing attacks to your learners, as well as reporting on their progress. In this section, you will learn how to create learners manually or by importing a large number of them via a CSV file and assigning those learners to the appropriate groups.
Before we begin creating learners, it will be helpful to review how SecurityIQ handles licensing. When you subscribe to SecurityIQ, you are purchasing “seats” within the system. Much as with a physical classroom that may have 20 seats that are occupied by students at any given time, students will come and go throughout the year. When a new student arrives to take the place of one who left, you don’t purchase a new seat, you simply re-assign the seat of the student who left. In the same way, when a learner leaves your organization and a new one takes their place, you do not need to purchase an additional seat, you will simply delete the old learner from the system and add the new one.
There are two quick and easy methods for enrolling learners in SecurityIQ. If you only need to add one or two learners, you can create them manually. In certain situations, however, such as enrolling a large number of learners during the setup process or as part of seasonal hiring, it is more convenient to enroll multiple learners at once, which can be done by importing a comma separated (CSV) file. We will cover both methods.
The only information needed to create a SecurityIQ learner is the first and last name and the email address. No passwords are required in order for learners to use SecurityIQ. It is possible to provide additional information for a user, which can be used to customize the learning experience, and we will explore those options in the Importing Users section.
To create a single user:
- From the main menu, click “Learners” and then “Individuals”.
- Click the “New Learner” button.
- Enter the leaner’s first name, last name, and email address (these three fields are required).
- By default, the learner will be assigned to the All Learners group. If you would like to assign them to other groups, simply click the group name in the Available Groups section. As you select these, they will appear in the Selected Groups section.
- Click “Save” once you have added your learner’s information and assigned them to the appropriate groups.
Figure: New Learner Entry
To modify an existing user:
- On the main menu, hover over “Learners” and click “Individuals”
- In the Learners section, you can click the magnifying glass to search for a user or click the left or right arrows to scroll through the pages to the desired learner. Once they have been located, hover over their name and click the pencil icon to edit their record.
- On the Edit Learner page, you can update their name and update which groups they are assigned to.
- To add a learner to a new group, click the desired group in the Available Groups list and it will be moved to the Selected Groups list.
- To remove a learner from the group, click the desired group in the Selected Groups list and it will be moved to the Available Groups list.
- Click “Save”
Figure: Learners List
Figure: Edit Learner
To delete a learner:
In order to delete a learner from SecurityIQ, the learner must not be part of a running campaign. If you wish to remove a learner who is currently enrolled in an active campaign, you must wait for the campaign to finish or end it manually
Importing Multiple Users
Importing users is the ideal method for enrolling learners when you are first configuring SecurityIQ. In addition, the import method allows you to include additional information about your learners that can be used to customize the emails they receive and provide a truly realistic and engaging phishing experience.
A sample CSV file is available for download on the Import page. Simply download this file and fill it out or use it as a template for creating your own.
In the Planning section of this manual we discussed the importance of knowing how to group your users. During the import process we will put that planning to work. Each line of the import file will contain all information related to a single learner.
For the purpose of this document, we will walk through the process of completing the provided template file and using it to import our new learners.
To create your CSV import file:
- On the main menu, hover over “Learners” and click “Import”.
- Download the sample CSV file using the “Download Sample CSV File” link at the bottom of the page.
- Open the sample CSV file.
- Delete all rows below row 1. You should now see a sheet that looks like the Blank Import Template image below.
- Add information for all of your learners to the sheet. Only the first_name, last_name, and email columns are required. The additional columns can be used to customize your PhishSim email templates and it is recommended that you provide this information if possible.
- If you wish to add a learner to a group when the import is complete, include the group name in the group column. If you enter a group name that does not yet exist, it will be created during the import. If you would like to include the learner in more than one group, copy and paste the row containing the learner’s information and then change the group name in the pasted row. You may do this as many times as you need in order to include the learner in the desired number of groups. The Completed Import CSV File Example image below provides an example of how your file might look when adding a single learner to multiple groups.
- Save the CSV file.
- In the CSV Learner Destination section, select the desired group option for your learners:
- Group Listed in CSV – This option will assign the learner to the group you have listed in the group column of the CSV file.
- Existing Group – Choose from a dropdown menu of existing groups. All learners in the CSV file will be added to that group.
- New Group – Define a new group to assign all imported users to.
- In the Behavior for Existing Learners section, select what you would like to do when a learner in your import file already exists:
- Update Learners – Use the information in the CSV file to update the existing learner’s information.
- Ignore Learners – If an imported learners already exists in SecurityIQ, the imported entry will be skipped.
- In the Choose CSV File section, click “Choose File” and locate your template file.
- Click “Preview Upload” and confirm that no errors have occurred.
- Complete the import process by clicking “Upload Learners”.
- You will now see you new learners listed.
Figure: Blank Import Template
Figure: Completed Learners Import CSV File Example
Figure: Learners Import from CSV
Figure: Preview CSV File
A learner can belong to one or more groups. These groups can then be used in PhishSim and AwareEd campaigns to deliver targeted training to specific learners based on their role or job function.
Groups can either be created during the CSV import process, while creating new users individually, or they can be manually created.
To manually create a group:
- On the main meny, hover over “Learners” and click “Groups”.
- Click “New Learner Group”.
- Enter the Group Name.
- Select at least one existing learner from the Available Learners section or add a new user by entering their information in the Add New Learner Manually section. As users are clicked or manually added, they will be displayed in the Selected Learners section.
- Click “Save” once all changes have been made.
The new group is now ready to be used in PhishSim and AwareEd campaigns.
Figure: Create a New Group
To delete a group:
Figure: Group is In Use
- On the main menu, hover over “Learners” and click “Groups”.
- Hover over the name of the group you wish to delete and click the “Trash Can” icon.
- In the Delete Target Group prompt, click “Delete” to continue or “Cancel” to stop.
- If the selected group is part of an existing PhishSim or AwareEd campaign, the campaign will need to be deleted before the group can be removed from the system. If this action is required, please see the Deleting a Campaign in the PhishSim or AwareEd section of this manual for information on how to perform that process.
Active Directory Synchronizer
These instructions will guide you through using the SecurityIQ Active Directory Synchronizer to automatically import your learners into your SecurityIQ account.
- Requires Windows 7 SP1 or Higher
- Remote Server Administration Tools (RSAT). Alternatively, run on the domain controller.
- .NET 3.5 or higher
- PowerShell 3.0 or higher
Downloading the Active Directory Utility:
- Navigate and login to your SecurityIQ account.
- Click on Active Directory Synchronizer under Learners.
- Click the download link.
- Take note of your secret key.
5. If this is your first sync or you are making significant changes remember to override the safety switch and click Save.
6. Extract the downloaded ActiveDirectorySynchronizer to the folder that you wish the utility to reside.
|IMPORTANT – Before conducting your initial import, you must enable the “Override safety switch on next sync” option with the Active Directory Synchronizer section of the SecurityIQ web portal. The initial import will fail if this step isn’t taken.|
Using the Active Directory Utility with a GUI:
- Navigate to the extracted ActiveDirectorySynchronizer directory.
- Double click the AD-IMPORT file and run it.
- The first two boxes are for your username and password for the Active Directory account. These are Windows credentials for the administrator that maintains the Active Directory.
- The SIQ License Key is the secret key you noted while downloading the utility.
- The “Save Info” check box will save your username, password and license key for subsequent use. If you use this feature a file called config.txt will be created in the directory you run the utility from. If you enter incorrect credentials simply delete this file and rerun the utility with correct credentials.
- When finished click the Done button and the sync will begin.
- Checking the Save Info box will also save the configuration you selected when running the Active Directory Utility. If in subsequent runs you need to change your configuration you will need to delete the config.txt file.
Selecting Specific Organizational Units or Groups
- If needed, you can expand and select specific organizational units or groups. By default, the utility will select your entire active directory. Expanding allows you to select or deselect specific groups to be synchronized.
- Next, you can select Base, OneLevel, or SubTree
- Base will only sync the selected learners or learners.
- OneLevel will sync all the learners in a specific folder. It will not sync learners in sub-folders.
- SubTree will sync learners in a specific folder and its subfolders.
- When finished with your selection click the Done button and the sync will begin.
Using the Active Directory Utility with Windows Task Scheduler:
Before using the scheduler run the Active Directory Utility as describe above and make sure to select the Save info check box.
- Open Microsoft’s Task Scheduler Service and Create a Basic Task.
- Name your task and click Next.
- Configure your trigger and click Next.
- Select “Start a program” and click Next.
- Browse to select the AD-Import file.
- Click Finish.
- Click Next.
You can delete learners using the Active Directory Utility and SecurityIQ.
- Select Update existing learners and override the safety switch. Click Save.
- Remove or disable the learners you want to delete in your active directory and run the Active Directory Utility.
- Navigate to Learners to Delete in the Active Directory Synchronizer section of SecurityIQ account.
- Confirm that the learners that you expect are flagged for deletion. From here you can delete specific learners or delete all learners.
The Active Directory Synchronizer Change Log page displays an overview of synchronization activity between the ADS utility and SecurityIQ. If any changes were made during the synchronization, a “Download CSV” link will be available under the Changes and Errors columns. This document will provide a detailed report of any changes that took place during the sync.