SecurityIQ is always streamlining and improving its features in order to create a better user experience for its members. Though many of the improvements happen unobtrusively in the background, we wanted make sure you knew about this important new feature.

Starting now, AwareEd course progress carries over to the next campaign run. This feature focuses on decoupling the length of a campaign run from time limit for learners to take all their courses.  It also allows customers to “slide in” additional modules to existing campaigns, and supports the ability to enroll people who get phished into an automatic AwareEd campaign covering phishing.  Let’s look at all three features below:

ONE: TIME TO TAKE COURSE vs. CAMPAIGN RUN LENGTH

In previous versions, if you wanted learners to take a course sometime in the next year, you would set up a campaign run with a length of one year.  While technically correct, this approach had two drawbacks: there was no impetus for people to finish early (why would you hurry when your notifications say you have “340 days left”?), and it confuses the reporting, since all you would see in your first-year summary was one dot.

Now, if you want your learners to take a course sometime in the next year, you can set up a monthly campaign run with a length of 30 days repeating 11 times OR a quarterly campaign run with a length of 90 days repeating 3 times – and UNCHECK the “reset progress” box when doing so (see below).  Now, everyone will get their initial enrollment notification, just like before, but each one will tell the learner that they only have 30 or 90 days to complete the course.  (Urgency!)  Then people will either take their modules or ignore them as before…until the first campaign run is complete.  Now, when the second campaign run starts, everyone who completed their course in the previous run(s) will get nothing (they’re done), but everyone else who didn’t finish will be “reenrolled” in the course again.  As you might expect, people who previously completed some modules will only have to complete some of them, but their 30 or 90 day countdown will start again.

In terms of reporting, breaking up a time into multiple campaign runs also means that instead of one point on the summary, you will have 4 or 12 points to see, and you will see increasingly higher numbers of starts and completions.

1

TWO: SLIDE IN NEW CONTENT

One of the promises of SecurityIQ is that we can loosely associate people with training.  This happens because although we tightly associate groups, batteries and courses with a specific campaign, the exact members of these entities can change over time (e.g., you can change the members of a group, the templates in a battery, or modules in a course.)

With the introduction of the (no reset) option, we can take this to the next logical level.  Let’s say you have a campaign in which 90% of your learners have completed a 7-module course and the next run of the campaign is scheduled to begin in 10 days.  Now, let’s say you want to roll out just one more module to everyone, regardless of previous progress.  In previous releases, you would have had to set up a separate campaign just for the new module.

However, with the new (no reset) option, all you need to do is add the new module to the EXISTING course, and SecurityIQ will automatically re-enroll all learners with one extra course when the campaign run starts again.  In other words, “not started” learners with 7 modules left to go would now have 8, while “complete” learners would now be told to take one additional module, and those who just “started” would have one extra module to complete.

This is how you can “slide in” new content to existing campaigns in a relatively painless way.

THREE: ENROLL PEOPLE WHO GOT PHISHED

One of the rarely used options in SecurityIQ is our ability to automatically enroll anyone who gets phished into a specific “reeducation” group.   Before now, this option didn’t make much sense, because you would need to essentially create a new campaign every week or so to train these learners.

However, the new (no reset) option finally makes this a viable option when you use it in this way:

1. Set up a new group called “Phished Learners” and add yourself to it (since you can’t have a group with zero learners)

2. Set up a new Course called “Phishing Reeducation” that only has phishing content

3. Set up a new AwareEd campaign called “Phishing Reeducation” that repeats every 7-14 days and many times, targeting “Phished Learners” with “Phishing Reeducation”.  Be sure to UNCHECK the “reset” box (see below).  Run it now.

4. Set up your phishing campaigns to automatically enroll phished learners in the “Phished Learners” group.

When your system is configured this way, phished learners will join the “Phished Learners” group (no surprise there!).  Every 7-14 days (depending on the length of your “Phishing Reeducation” campaign), every phished learner who has NOT yet completed the content of the “Phishing Reeducation” course (including all newly added learners) will be automatically enrolled in the course and will be prodded to complete it.  The next time the campaign runs, everyone who has completed the “Phishing Reeducation” course will be ignored so people only have to take it once. However, if you change your mind down the road and switch out the course material, everyone still in the group will be prompted to take the new material too.

HOW IT WORKS

To use the new option (and we recommend that you use it), you must UNCHECK the “reset learner progress for each run” box when setting up or restarting a campaign.

Here is the option on Step 3 of the campaign wizard:

2

Option when restarting a campaign:

3

Note that you must UNCHECK since this box is checked by default!

 

Keep watching InfoSec Resources for more upgrades, tips, and tricks for SecurityIQ users. And if you have any questions or suggestions, feel free to leave them in comments!