Automating KnowBe4 Security Awareness Onboarding (Without Upgrading)

By Chaim Sanders

 

KnowBe4 is a widely used SaaS tool that provides training including security awareness training. Its most annoying feature is that they purposely cripple their product at the ‘Silver’ and ‘Gold’ level, to a point that it becomes frustrating to use.

One of the things that is most annoying is that they won’t allow AD sync’d users to automatically be placed in a KnowBe4 ‘group’ upon being added from AD. They ‘solve’ this at the platinum level with ‘smart groups’ but IMHO a basic feature (new employee training) that is required to meet almost every compliance requirement should not be a pay-to-play feature.

With Active Directory Integration turned on and working it can seem laborious to not be able to provide training only to newly synced users, but there is a solution.

  1. You’ll want to have a group that all new members who need training are put into. In most orgs this is the same as all new users and so ‘Domain Users’ becomes the logical choice.
  2. To include ‘Domain Users’ you simply have to add it to the ‘includedGroups’ option within the ADISync configuration file for your domain.Screen Shot 2018-08-17 at 10.53.44 AM.png
  3. Create a training module in KnowBe4 with the trainings you want. You probably don’t want an end date on this (sorry end-date reminders won’t work). Don’t enable any notifications! Make sure that you select the ‘Domain Users’ group and select the ‘Automatically enroll users that are added to the above groups in the future’ (this last step is the part that makes this work).Screen Shot 2018-08-17 at 10.39.21 AM.png
  4. This will create a training routine everyone is enrolled in with no notifications, perfect!
  5. Once the training and under way go into it and select all the existing users on all the training modules and select ‘Pass Selected’,
  6. Now go back to the training screen and ‘Edit’ the training module adding notifications.Screen Shot 2018-08-17 at 10.50.46 AM

Now whenever you add new users to your AD box it should add them to this new employee security training and there is no need to spend more money to get features you don’t really need. Happy training!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s