Access Keys:
Skip to content (Access Key - 0)

Q: How do I conduct phishing simulations and security awareness training for my DLCI?

Answer

MIT licenses the KnowBe4 platform for simulated phishing campaigns that are highly customizable. It also provides short security awareness training videos, which may be assigned to all users, or on demand to users that fail the phishing tests. This platform provides some reporting, including what users clicked on the links and what users actually entered information, if relevant (the actual information submitted is not stored or saved for security and privacy reasons).

Getting started with KnowBe4

For DLCI IT Partners

On request, delegated access can be given to IT contacts to conduct training and do simulated phishing test campaigns.  A delegated portion of reporting and statistics is also provided.  In order to request access, perform the following:

  • Create two moira groups with the following naming convention
    • admin group
      • dlciname-kb4-admins, e.g. meche-kb4-admins
    • user group(s), please limit the number of user groups to 3 per department
      • dlciname-kb4 or dlcname-kb4-subgroup for each user list or sublist, e.g. meche-kb4 or meche-kb4-faculty
    • Entries in the list that are not MIT Kerbs (@gmail.com or @csail.mit.edu addresses for example) will not be sync'd to the KnowBe4 groups
    • Groups can be nested lists of existing groups if desired
  • Submit a ticket to security@mit.edu
    • Request Knowbe4 access
      ** Include the admin group name and user groups name. 

Once access is granted, administrators may log into https://training.knowbe4.com using MIT Touchstone and access the training tab in order create a campaign.  Documentation and knowledge base access is available through the question mark drop-down on the top right from within the console.

Viewing the results of a phishing campaign

Detailed information on the progress of the DLCI's campaigns themselves are provided through the console, including individual users' progress and status. The report tab is for the entire tenant and currently cannot be delegated by the product, however most DLCIs find the detailed campaign statistics more than adequate.

Help setting up the initial campaigns

Currently, MIT has credits for KnowBe4 managed service hours. Once the delegated access above is set up, file a servicedesk ticket to the Information Security group in order to get help from KnowBe4 managed services.

IS&T Contributions

Documentation and information provided by IS&T staff members

Last Modified:

January 22, 2025

Get Help

Request help
from the Help Desk
Report a security incident
to the Security Team
Labels:
c-security c-security Delete
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.
Feedback
This product/service is:
Easy to use
Average
Difficult to use
This article is:
Helpful
Inaccurate
Obsolete
Adaptavist Theme Builder (4.2.3) Powered by Atlassian Confluence 3.5.13, the Enterprise Wiki