lucy_onboarding_checklist
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revision | Next revisionBoth sides next revision | ||
| lucy_onboarding_checklist [2019/10/15 15:27] – lucy | lucy_onboarding_checklist [2019/10/15 15:29] – [Run your campaign] lucy | ||
|---|---|---|---|
| Line 77: | Line 77: | ||
| | Send all at once? | A great option to consider when sending out phishing simulation emails is scheduling. A scheduler allows you to plan test email delivery in a time frame of your choosing. Best practices include scheduling around weekends and vacations, not at night-time or Friday afternoon.| •Do you want to use a scheduler and if yes: what are the required rules? | [[scheduler|Scheduler]] | | | Send all at once? | A great option to consider when sending out phishing simulation emails is scheduling. A scheduler allows you to plan test email delivery in a time frame of your choosing. Best practices include scheduling around weekends and vacations, not at night-time or Friday afternoon.| •Do you want to use a scheduler and if yes: what are the required rules? | [[scheduler|Scheduler]] | | ||
| | Monitor | When you run your simulation, make sure you can and do monitor it in real time in case something goes awry. Having this kind of understanding of your campaign will allow you to catch replies, out-of-office messages and NDR, and to track any issues that may arise.The LUCY platform allows you to set up view-only users, where real-time statistics can be monitored without access to configuration pages. | - | [[create_campaign_reports|Create Campaign reports]] \\ \\ [[export_campaign_data|Create Exports]] \\ \\ [[monitor_a_campaign_statistics|Monitor]] | | | Monitor | When you run your simulation, make sure you can and do monitor it in real time in case something goes awry. Having this kind of understanding of your campaign will allow you to catch replies, out-of-office messages and NDR, and to track any issues that may arise.The LUCY platform allows you to set up view-only users, where real-time statistics can be monitored without access to configuration pages. | - | [[create_campaign_reports|Create Campaign reports]] \\ \\ [[export_campaign_data|Create Exports]] \\ \\ [[monitor_a_campaign_statistics|Monitor]] | | ||
| + | | Follow up communication | After you run your campaign, make sure you send out explanatory emails a few days to a week later. The emails should contain information about the importance of the used scenario as well as the clues you expected your employees to notice. Remember that positive feedback and consequence are the best ways to learn good behavior. So, set up a reward system for those employees who are able to spot the phishing clues and follow up by reporting the scams. Encouraging your staff will create trust in case of future threats – fake and real. For those who fail the test, and there will always be such individuals, | ||
| + | | Next Steps | Running a phishing simulation campaign has one main purpose: raising employee awareness to cyber threats. So, the first test is just the beginning. Build a baseline, reward high-performers, | ||
| + | | Rewards |If any of your employees achieve outstanding results, reward them. Congratulate their success in an email, noting everything they did right (no click-throughs or data leaks, timely reporting, etc.) to keep the company safe from cyber threats. You can stimulate an entire department if their cumulative results rated best in the organization. To bring things further, you can create a contest among departments to determine which one was the safest in a given period of time. As stimulation you could sponsor a lunch or dinner for the team with highest test and report results. | - | - | | ||
lucy_onboarding_checklist.txt · Last modified: 2021/09/29 10:28 by lucysecurity