Engage - Trial

Updated
This article contains information about the Engage trial, guiding users through user provisioning, rapid deployment, training module delivery, phishing simulations, behavioral nudges, and the Human Risk Command Center to enhance security awareness and manage human risk.

Trial Guide

Welcome to Mimecast Engage!

We’re here to make your Mimecast Engage trial a successful experience! Read on to learn how to get the most out of your Mimecast Engage trial.
 

What Makes a Trial Successful?

This guide is intended to help you evaluate Mimecast Engage over the course of your trial. When you follow these steps and embrace your employees as a critical part of your organization’s overall security, you can revolutionize your approach to Security Awareness and Human Risk Management.

Mimecast Engage offers unprecedented visibility into human risk and empowers you to align your training and intervention efforts with real employee behavior.

The trial is an opportunity to see these capabilities in action, empowering you to:

  1. Identify your riskiest employees in real-time.
  2. Stop risky behavior with a smarter approach to training.
  3. Reset your team’s focus on true risk reduction.

Why Invest in Human-Risk Powered Security Awareness? 

Research shows that nearly 70% of breaches involve a human element; and, on average, 8% of users lead to 80% of security incidents. Organizations face a 27% chance of suffering a major data breach involving 10,000 records or more. These massive breaches come with an average cost of $4 million dollars each to remediate.

Human error is not to be taken lightly, but efforts to reduce this risk are failing. Organizations pour untold resources into security awareness, but these investments struggle to produce results. The probability that companies of all types and sizes will experience a security breach is greater today than it was yesterday. Something needs to change.

Mimecast Engage is a revolutionized security awareness solution powered by Mimecast’s Human Risk Management platform. Mimecast Engage leverages risk signals from across the Mimecast ecosystem to deliver the right intervention and training to each employee at the point of risk and based on real behaviors. Engage is built for simplicity and scale, equipping security teams to focus on real security outcomes and behavior change, while still satisfying compliance requirements and CISO-level program visibility.

What Can You Expect to See?

Behavior-Based Risk Analysis and Response

Throughout your trial, behavior-based risk data will begin populating into the Human Risk Command Center, unlocking employee risk insights. This continuous evaluation uncovers real risk throughout your organization and targets training to employees who need more focused intervention.
 

Training and Simulation Engagement

Mimecast Engage equips you with both training and phishing simulation tools to measure your organization’s resilience and increase awareness. Each tool provides engagement that is critical to understanding your organization’s security culture and posture.

In the following pages, learn about:

  • What to evaluate during your trial
  • User Provisioning & Authentication
  • Rapid Deployment & Settings
  • Reporting
  • Access to Engage assets
  • Understanding Human Risk Score (HRS)

This program will explain these important steps:

  • User Provisioning
  • Rapid Deployment & Configs
  • End-User Notifications
  • Module Delivery & Settings
  • Phishing Delivery & Settings
  • Behavioral Nudges
  • Human Risk Command Center
  • Engage Reporting & Insights
  • Human Risk Score

Resources for success:

Mimecast Engage Hub

What Are You Evaluating During This Trial?

Training Company-Wide and Targeted

Training is critical to building a security-aware culture. During the trial, we recommend assigning four modules. This will give you a good understanding of the training experience and how performance statistics are presented.

Phishing Simulation Templates and Campaign

Simulated phishing is one of multiple data points that can help detect human risk by telling us who is prone to clicking on suspicious links. By testing its functionality, you can assess if this tool is right for your organization.

Behavioral Nudges

Humans learn most effectively when they are given feedback in the moment. Nudges allow you to provide near real-time responses to users based on different behaviors and interactions.

Human Risk Score

4% of users cause 80% of phishing incidents, and 3% of users cause 92% of malware incidents. So, what do we do about it?

Mimecast’s human risk functionality takes data already available in your security solutions and provides your security leaders with powerful risk insights. This information helps direct your HRM strategy to prevent future breaches.

The HRS enables your organization to make informed decisions and enhance your security posture by shining a light on the human attack surface.

Trial timeline

Four weeks is sufficient to evaluate this solution. It’s also enough time to become an expert user of the Engage platform.

 

Pro tip

Once your account is provisioned, contact your Mimecast Customer Success Manager to assist you in allowing the correct IP ranges, thus ensuring a seamless phishing experience.

One

User Provisioning

User Provisioning should be completed during your implementation (a requirement for using the Engage platform). If you already have Mimecast Cloud Gateway configured, you can skip the Importing Users and User Authentication steps, which are already set up in your tenant.

Importing Users

Directory Synchronization: Allows you to securely automate the management of Mimecast users and groups using your company directory, whether that is hosted on-premises or in the cloud. Integrating your company's directory with Mimecast has multiple benefits, ranging from feature enablement to reducing the administrative overhead of feature configuration and maintenance.

Read more here

Manual Import: Add multiple user accounts at a time using our Spreadsheet Import function. This also allows you to set user permissions, user attribute data, and alias associations.

Read more on Spreadsheet Import here

Read more on Creating & Editing Users here

User Authentication

SSO: Make Mimecast Engage even simpler by making use of our SSO options. While you may not need to make use of this for the testing phase, you may want to familiarize yourself with the options, should you continue with the service.

Read more on SSO here

AD Passwords: Domain Password Authentication is available for all Mimecast customers. It is typically used when your organization wants to manage and use the same password used with Active Directory when accessing Mimecast.

Read more on enabling domain passwords here

Cloud Passwords: Cloud Password Authentication is available for all customers and is typically used when your organization wants to manage and use specific Mimecast passwords when accessing Mimecast.

Read more on Cloud Authentication here

Create a Targeted User Group for Testing

This user group is identified as part of the POC evaluation. They will be sent Training Modules and Phishing Simulations during the evaluation. This process can be completed via an existing Directory group or via a Profile group built within Mimecast.

“I’ve been involved with enterprise security awareness for decades and have barely found anything as compelling and as fun as the content from Mimecast. Their video approach is an amazing way to move culture, and I suspect CISOs will really like their emphasis on risk analytics as well.”

 

Dr. Edward G. Amoroso,

CEO, TAG Cyber LLC, Former SVP and CSO, AT&T

Two:

Rapid Deployment

Rapid Deployment is an improved guided setup journey for Engage administrators. In this configuration, Mimecast automatically schedules 12 monthly training videos from a start date you specify. Your Sales Engineer will work with you to adjust the delivery timelines to meet the agreed-upon POC length. It also schedules five automated phishing simulations.

  • The initial setup journey will produce an effective and viable year-long Engage program that is preset and automated. It is built according to security awareness best practices.
  • The one-page setup process is simple and fast.
  • This is a seamless experience in a cross-functional suite product.

Full Rapid Deployment Guide here

Three:

End-User Notifications

It’s important to notify your users about what kind of training content and engagement they can expect. This is, however, more important in a live environment across the entire user base. If you feel it necessary to notify your test users, we’ve got you covered.


What do I need to send over to them?

Our Email Notification Template

View Here

End-User Guides

View Here

Four:

Training Module Delivery Adjustment

It is now time to configure and send modules out to your test users. We want this to be seamless, so follow the below to get this done perfectly!

Training Module Configuration Guide

Configuration

  1. Click on Engage on the left-hand navigation pane and scroll down to Training Queues.
  2. Click on Company-Wide Training. There will be 12 modules created during Rapid Deployment (one per month for the next 12 months).
  3. Choose four modules to use for validation during the POC timeframe. You can click on the ellipsis next to each module to preview the User Experience. We are going to change the dates of the four you choose to deliver during the POC. One per week is the recommendation.
  4. Repeat this process on the four modules you chose.

Five:

Phishing Delivery Adjustment

Most CISOs' typical phishing training and test solutions can be difficult to operate and next to impossible to customize for your company's needs. And, most critically, they are often disconnected from the rest of your security program. It's no wonder phishing training and testing solutions often don't work as well as they should. Mimecast will take care of that!

Managing Phishing Campaigns

Configuration

  1. Click on Engage on the left-hand navigation pane and scroll down to Phishing Training. Select the drop-down and click on Campaigns.
  2. You will see five phishing campaigns that were created during Rapid Deployment. Choose two that you would like to use during the POC validation.
  3. If you like, you can edit components of a campaign such as Template, Landing page, from Email, and Duration.
  4. We suggest that you run the first Phishing Campaign in parallel with the second module.

Six:

Behavioral Nudges

Humans are most receptive to learning new behaviors when training is provided at the point of risk. Delaying training from the point of risk creates a disconnect. Behavioral Nudges are designed to address this delay and respond with the right training at the right time for the right user.

Behavioral Nudges Configuration

Configuration

  1. Click on Engage on the left-hand navigation pane and scroll down to Phishing Training. Select the drop-down and click on Campaigns.
  2. Nudges are configured during the Rapid Deployment process. Nudges configured by default are Email (Text only). You have the ability to edit them to include videos where desired.
  3. The best practice is to select two Nudges to test. Note: Some may not be applicable during the POC timeframe.

Seven:

Human Risk Command Center

The Human Risk Command Center enables you to identify your riskiest users with unprecedented visibility. It provides a centralized view of human risk across your organization, by leveraging Engage training and simulation metrics, as well as Mimecast Email Security data. Within the Human Risk Command Center, you can carry out searches, basic filtering, and high-level human risk analysis.

Human Risk Command Center - Read more

The key components:

  1. Individual Risk Profile
  2. Risk Analysis
  3. Risk Response Engine
  4. Watchlists

Eight:

Engage Reporting & Insights

Compliance Center and Efficacy Reports provide administrators visibility into Engage Training completion and Phishing Simulation metrics, allowing organizations to track their compliance requirements. This data is also a component of the Human Risk Score and is used to trigger Behavioral Nudges.

Compliance and Efficacy Reporting - Read more

Nine:

Human Risk Score

This is where it all comes together! Mimecast offers comprehensive analysis for you to understand the performance of the platform and your users, by continually gauging Training, Actual Phishing, Simulated Phishing, and Attack Factors to surface who your risky and not-so-risky users are.

This article describes how Human Risk Scoring works

Human Risk is split into two components:

  1. Human Risk Score reflects the risk presented by the actions users take.
  2. Attack Factor measures how frequently employees are attacked compared to others in the organization.

Conclusion & Next Steps

Once you’re comfortable with the rollout of this trial and the risk metrics it monitors, advancing to Mimecast’s full Engage offering is easy!

By reading this document and completing all the pre-work, there are only a few more steps to complete, so you can begin training your entire organization.

What’s next?

If your trial experience was a success and you want to continue with Mimecast Engage, let your account team know! Mimecast will upgrade your trial account to a full license so you can continue targeting real risk and transforming employee behavior.

Update the Default Population Group

Next, update the group to include all of the users you’d like to enroll in the training. This is done in your settings tab

Notify your newly enrolled users

Lastly, let your users know they’ve been enrolled in Mimecast Engage Human Risk Awareness and Training with the announcement assets hosted on our Enablement Hub.

Related to

Was this article helpful?
0 out of 2 found this helpful

Comments

2 comments
Date Votes
  • Avatar
    Hardy H. Krüger

    There is ZERO mention on costs for this facility once the “Trial” ends. 
    Will using the trial and not cancelling “anytime” before 30 days, result in some or other annual fixed commitment or other bill?  
    I find it unfortunate that AI is not being added to existing client accounts as an enhanced service but masked in this greater sales theatre of “Engage”. Why not just make your existing product better? 
     

    0
  • Avatar
    Admin - LI

    Hi Hardy

    Thank you for your feedback. The trial lasts for 30 days and ends automatically, with no charges or renewals after the trial period. If your issue is more urgent and/or you wish to open a new Support case, please do so here.

    I hope this was helpful.

    0

Please sign in to leave a comment.