You can anonymize your users’ phishing and USB test results in your KSAT console. When enabled, admins on your account won’t be able to see which users failed a test.
The anonymization feature allows admins to follow the privacy requirements established in certain countries. Because these privacy requirements are not typical, this feature isn’t necessary or recommended for most accounts.
How to Anonymize Your Account
If you would like to anonymize your account, submit a support request. Our support team will respond to schedule your account anonymization.
During setup, our support team will ask you to select a minimum size for groups that can be phished in your organization. Setting a minimum group size that is reasonable for your organization will help keep the test results truly anonymous. The minimum group size suggested is 10-25 users.
How Anonymized Console Data Affects Your Console and Results
Anonymized console data affects your console and test results differently depending on the specific tool or feature you are reviewing.
-
Phishing: In individual phishing campaign results, you will see a list of users who received the phishing test. You will also see if messages were delivered or if the email bounced. The console will display totals for how many users clicked, opened, exploited, or otherwise failed the test, but not which users failed.
- When setting up a phishing campaign, you will not be able to phish any groups that are smaller than your minimum group size. Your minimum group size is set during the How to Anonymize Your Account process. Only groups that meet the minimum will be available to enroll in your campaign.
- You can use reply-to phishing, but you will not be able to view which users replied or what your users replied with. You will also not be able to add users who failed a phishing test to a group with the Add Clickers to feature.
- Platinum and Diamond customers that have access to Smart Groups will only be able to use the User Field, User Date, Training, Assessment, and Custom Event Smart Group criteria.
- USB tests: You will see the name of the computer that the user was on when they failed your USB test, but not the user’s display name or username.
- Training: Training results are not affected. You will still be able to see a user’s progress on a training campaign. You will still be able to see a user’s progress on a training campaign under the Reports subtab in the Training tab. For more information, please consult the Training Reports Guide in our Knowledge Base.
-
Reporting: The Reports tab and its subtabs will be unavailable.
- However, when an account is anonymized, limited reports regarding group activities are available in the Phishing tab. For example, you will still be able to view the totals for actions such as emails sent, opened, and clicked for each group separately provided that each group meets the minimum group size, which is set to ensure anonymity.
- In addition, you can view a user’s training progress under the Reports subtab in the Training tab.
-
Data Retention: Historical data that has been anonymized will remain in that state. If you require non-anonymized data moving forward, you would need to create new accounts and capture data as normal from the point of reversing the anonymization setting.
- For more information on KnowBe4’s data retention policies, please consult our KnowBe4 Data Retention Schedule article in our Knowledge Base.
- Virtual Risk Officer (VRO): Risk Scores throughout your console will be unavailable. Since calculating Risk Scores involves categorizing and analyzing users, it would run contrary to protecting their privacy, which is the goal of having an anonymous console.