Menu English (US) Čeština Dansk Deutsch Español (Latinoamérica) Español (España) Suomi Français (Canada) Français (France) हिंदी Magyar Bahasa Indonesia Italiano 日本語 한국어 Bahasa Melayu Nederlands Norsk Polski Português do Brasil Português (Portugal) Română Русский svenska ไทย Türkçe Українська Tiếng Việt 简体中文 繁體中文

User Profile Guide

Updated:

Created:

User Profile and Settings

All users added to your KMSAT console have a personal profile that displays their performance on Phishing Security Tests, their training completion, and their Risk Score and Phish-prone Percentage. User information such as email address and job title is also found here and can be manually modified as needed.

After you add users to the console, they will display in the user list. To view this list, navigate to the Users subtab of the Users tab. Click any user's name or email address to access their profile.

The user profile is made up of five tabs. Click the links below to navigate to a specific subtab or section.

Jump to:

User Dashboard Subtab
Phishing Subtab
Training Subtab
User Timeline Subtab
User Information Subtab

User Dashboard Subtab

After clicking on a user in the user list, you’ll be taken to their User Dashboard. This subtab shows the user’s phishing results, training assignments, and Risk Score.

  1. Name and Groups: This area shows the user’s name and the number of groups they are in. To see a list of these groups, click Groups (Click to view).
  2. Phishing Results: This section shows the user’s Phish-prone Percentage, how many simulated phishing emails they received, how many phishing tests they failed, and how many simulated phishing emails they reported.
    • Click the Phish Failures by Type button to view a graph of the different types of failures this user has had (Click to view).
  3. Training Assignments: This section shows the user’s training completion percentage as well as how many assignments are currently in progress, how many they have completed, and how many they haven't started yet.
    • Click the View Training Details button to view a graph of the user's current campaigns. This graph can be filtered by status (Click to view).
  4. Risk: This section shows the user’s Risk Score, risk factors, and a line chart of the user’s risk history. For more information on user risks, see our Virtual Risk Officer (VRO) and Risk Score Guide article.

Back to top

 

Phishing Subtab

The Phishing subtab displays the user’s Personal Phish-prone Percentage. Their Phish-prone Percentage is based on the number of phishing test failures divided by the number of phishing emails delivered. See the Failures and Phish-prone Percentages article for more information on the Phish-prone Percentage.

This tab also lists each simulated phishing email that the user has interacted with. This includes interactions such as clicking a link, opening an attachment, and reporting the email through the Phish Alert Button (PAB). Hover over a checkmark to view the timestamp for that interaction (Click to view).

You also have the ability to download this information by clicking Download CSV.

If you’d like to view the phishing template the user interacted with, click the eye icon to preview the email.

Back to top

 

Training Subtab

The Training subtab displays all campaigns that the user has been enrolled in. For each campaign, you’ll see the date the user was enrolled, if they have started their training, how long they have worked on their training, how much time is left before the due date, what they scored, and the completion status.

You also have the ability to download this information by clicking Download CSV.

If you’d like to download a completion certificate for any of these training assignments, click the trophy icon to the right of the completion status of that assignment.

Back to top

 

User Timeline Subtab

The User Timeline subtab shows a complete history of the user's phishing tests, related emails, and the training console itself (Click to view).

You can use the drop-down menus at the top of the page to filter your results by event type or date range.

In the Event Type drop-down menu, you can select one or more event types such as Passed Phishing or Started Course. To remove a selected event type from the filter, click the x next to the name of the event type (Click to view).

In the Date Range drop-down menu, you can select from common time frames such as Last Quarter or Year to Date. You can also select Custom Date Range to choose a specific start and end date.

The user timeline records all of the below events:

KMSAT Event Types

 Event

General user events
  • The user was created.
  • The user logged in.

Phishing test-related events
  • The user received an email.
  • The user bounced an email.
  • The user clicked a link.
    • Only the first click will be recorded here.
  • The user opened an attachment.
  • The user entered data on a landing page.
  • The user enabled a macro.
  • The user replied to an email.
  • The user passed a phishing test.
  • The user reported an email using the PAB.
  • The user reported an email without using the PAB.
  • The user reported an email as spam.

Training-related events
  • The user was added to a training campaign.
  • The user was enrolled in a course.
  • The user started a course.
  • The user completed a course.
  • The user was enrolled in an assessment.
  • The user started an assessment.
  • The user completed an assessment.
  • The user was enrolled in a policy.
  • The user started a policy.
  • The user completed a policy.

PasswordIQ events
  • The user was detected for a vulnerability.
  • The user was not detected for a vulnerability.
  • The user's detection status changed.

Other
  • A click or other failure type was removed from phishing test results.
  • The user's email was found in a security breach. This information is considered during Virtual Risk Officer (VRO) and risk calculations.

Note: Data breach involvement events may display with dates that occurred before your user was added to the console. This is because the User Timeline uses the date that a data breach was reported. For example, a user who was added to the console in 2018 may have been found to be part of a data breach that was reported in 2012.

Custom Event Types

  

User-created events

A list of all custom event types created through the User Event API will populate under the User Events section of the Event Type drop-down menu.

See our User Event API article for more information.

Back to top

 

User Information Subtab

The User Information subtab lists user attributes, such as user languages, job title, user account details, and number of sign-ins. From this page, you can also enable features such as multi-factor authentication (MFA).

For more information about user information and account details, read the below subsections.

Jump to:

Modifying User Information

User Account Details

 

Modifying User Information

There are three ways you can modify a user's information. These methods are listed below, with the most recommended method listed first:

  1. Automatically sync your user list through user provisioning.
    • As a best practice, we recommend modifying your user details with your identity provider when you are using user provisioning and allowing the next sync to update your user's information.
    • When using user provisioning to sync user information, most settings will be uneditable through the other methods.
    • See our Active Directory Integration (ADI) Configuration Guide or our SCIM Configuration Guide for more information.
  2. Import a prepared CSV file.
    • Navigate to Users > Import Users. Then click the CSV Import button. Once you click this button, you can import a CSV file containing your users' email addresses along with any additional information you'd like to include about your users.
    • Be sure to follow the formatting steps in our How to Import Users with a CSV File article when adding user fields and details to your CSV file.
  3. Manually edit a user’s profile from the User Information subtab.

Back to top

 

User Account Details

For more information about the different areas and fields in the User Information subtab, see the annotated screenshot and list below:

  1. User Account Details: This section shows basic account history and login data, such as how many times the user has signed in, when their confirmation email was sent, and the last IP address they used to sign in.
  2. Risk Booster: You have the option to set a Risk Booster for any user. See our Risk Booster Guide for more information.
  3. Out of Office Until: You can use this option to pause training notifications for a user while they are out of the office until the selected date. Notifications sent to managers and admins about this user will also be paused.
  4. PhishER: You have the option to enable or disable a user’s access to PhishER. By default, PhishER will be disabled for users and enabled for admins. As an admin, you have the option to disable and re-enable your own PhishER access. If PhishER is enabled, a Go to PhishER drop-down menu option will be available by clicking on your email address in the top-right corner of the KMSAT console.

  5. Multi-factor Authentication: You have the option to enable multi-factor authentication (MFA) for your users as an added layer of security. We strongly recommend that you enable MFA for any users with elevated security roles or admin access. For more information about MFA, see our How Do I Enable Two-Factor or Multi-Factor Authentication on My Account? article.

Back to top

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.

Related articles