simoda Ltd

KnowB4 SecurityCoach: Instant online user coaching for preventing employee security risks

SecurityCoach enhances security posture by providing real-time, behaviour-triggered coaching to users, with easy setup and integration.

Focusing on real-time coaching capabilities, the ease of integration with existing security systems, and the straightforward setup process. It also highlights the improvement in overall security awareness and the reinforcement of current security investments.

Features

• Real-time coaching for immediate security behaviour correction
• Integrates with existing security stack for seamless operation
• Configurable campaigns for tailored SecurityTips delivery
• Enhances existing security awareness training effectiveness
• Improves knowledge retention and risk understanding
• Leverages KnowBe4’s new-school training platform
• Addresses organisation’s largest attack surface—employees
• Protects against increasing social engineering attacks
• Delivers contextual SecurityTips for user actions
• Strengthens overall security culture within organisation

Benefits

• Reduces risk exposure through proactive user education
• Streamlines security operations with real-time interventions
• Customised coaching to fit organisational policies
• Increases user awareness of security risks
• Integrates training with real-world security incidents
• Encourages secure behaviour with instant feedback
• Mitigates threats by educating at risk moment
• Strengthens defenses against social engineering tactics
• Enhances security policies with practical application
• Cultivates a resilient security-aware workforce

£1.78 to £38.35 a user a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsector@simoda.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

167298601644093

Contact

David Cook
0114 553 3600
publicsector@simoda.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements: None

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: 4 Hour response on Simoda's standard support package. (Mon-Fri 9am -5pm Excluding bank holidays.; 1 Hour response on Simoda's Premium support package. (Mon-Fri 8.30am - 5.30pm Excluding bank holidays)
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Standard Knowb4 Support; A user-based support contract for Knowb4; Standard Business Hours 9am – 5pm; 4 Hour Response; Customer Portal; Quarterly Review; Training Optimisation; Custom Campaign Management ; Cost per user £1 per user per month
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Onboarding process with KnowBe4; All onboarding is included in the price; Setup & Configuration is included with the service; Administrator Training ; Online Training
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: All user/client information can be downloaded via CSV at the end of the contract or anytime during the contract
• End-of-contract process: Minimum Contract term is 12 months if not renewed then access is removed and all documentation is archived then securely deleted

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: KnowBe4’s APIs are; REST APIs; that allow you to pull phishing, training, user, and group data from the KnowBe4 console. Data is returned in a JSON structure by default--no additional parameter is needed.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Users can customise their Knowb4 Platform in a wide variety of ways in order to achieve maximum benefits for their workforce including:; ; Training Content; Phishing Content; User Groups; Training & Phishing Frequency ; Clients Own Training and Policies can be Integrated; Reports; Customised branding can also be applied; ; Administrators of the platform be IT Staff and controlled functionality decentralised to departmental management or can be completely administrated by Simoda Ltd.

Scaling

• Independence of resources: SLA available on request

Analytics

• Service usage metrics: Yes
• Metrics types: Organisations Risk Score. Reporting of Simulated & Non-Simulated Phishing Emails. Phishing Campaign Results. Training taken by User
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Knowb4

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: Never
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Exported via CSV
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.9%
• Approach to resilience: Load balancing, snapshots, redundancy built in, WAF
• Outage reporting: Status Webpage

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Multi-Factor Authentication & Single Sign-On
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Cyber Essentials Plus Accredited; All endpoints are monitored and Protected by an External SOC; Multi-Factor Authentication in place.; Control over websites accessed.; Email Security Gateway.; Comprehensive regular security training
• Information security policies and processes: Simoda's internal information security policy

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Knowb4 control all change management
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Continued vulnerability scanning on all endpoints; Multi-Factor Authentication ; All software is updated with security patches regularly ; Threat Intelligence services
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Endpoint monitoring; Internal Siem; External SOC services overviewing our internal systems; Follow internal breech procedures for dealing with a potential compromise; Immediately with reporting to the customer within 72 hours of an incident
• Incident management type: Supplier-defined controls
• Incident management approach: Incidents reported through monitoring and procedures are followed dependent upon the type of incident.; All reported incidents are done via a written report and managed through our threat analytical systems

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  At Simoda, we are deeply committed to the Social Value objective of combating climate change. Simoda, an SME, is committed to fighting climate change and achieving Net Zero by 2040. We work with green IT solution providers like HPE and promote energy-efficient hardware, virtualisation, and renewable energy in data centres https://www.hpe.com/uk/en/living-progress/sustainable-it.html. We believe that every action, no matter how small, contributes to a larger impact. ; ; Our sustainability strategy includes establishing a baseline of our greenhouse gas emissions (5.49 metric tonnes for Scope 1 and 2.90 metric tonnes for Scope 2) and pursuing reduction strategies. We’re actively pursuing reduction strategies around travel and energy usage and leveraging analytics, technology, and AI to drive our operations towards our Net Zero target. We’re preparing to submit our emissions data and targets to the SME Climate Hub. Our overall emissions, which include partly gathered Scope 3 emissions that we’ve managed to calculate using available data, equate to 11.81 metric tonnes of CO2 annually. ; ; Our Sustainability Strategy can be requested. ; ; Offsetting Carbon Footprint: At Simoda, we have pledged to plant a tree for every new customer and employee as part of our carbon offset initiative, in partnership with Evertreen: Home - Evertreen We will be announcing this in May 2024. This initiative not only offsets our carbon emissions but also supports biodiversity and helps restore natural habitats across countries that have suffered from many years of deforestation and destruction. ; ; Landfill Waste Reduction: Simoda has implemented an effective office recycling scheme that plays a crucial role in our waste management on and off-side. Our team receive recycling training and we have appointed a recycling champion.

  Covid-19 recovery

  Simoda is supporting Covid-19 recovery by providing robust IT solutions that enable remote working, thereby helping businesses maintain continuity during and after the pandemic. They can also offer cloud services and cybersecurity solutions to ensure secure and efficient remote operations. ; ; Simoda Limited played a crucial role in supporting local Covid-19 recovery efforts, particularly in South Yorkshire’s NHS Clinical Commissioning Groups (CCGs) Nightingale Centre. Here’s how we contributed: ; ; Rapid Deployment of network services, routers and switches as part of the IT Infrastructure: Simoda responded swiftly to the urgent need for IT infrastructure in the newly established Covid-19 test centres. We provided the necessary connectivity and networking solutions, enabling these centres to become operational in a short space of time. This rapid deployment was critical in the early stages of the pandemic when testing was paramount. ; ; Customised IT Solutions: Understanding that each test centre had unique requirements, Simoda offered customised IT solutions. This included setting up secure and reliable internet connections, installing necessary hardware such as switches and routers. ; ; Technical Support and Maintenance: Beyond the initial setup, Simoda offered ongoing technical support and maintenance to ensure the smooth operation of these test centres. ; ; Impact: The impact of Simoda’s support was significant. The test centres were able to operate efficiently and effectively, contributing to the region’s Covid-19 recovery efforts. ; ; Simoda continues to support businesses, charities and the public sector with essential IT infrastructure and consultancy services, working with partners to ensure the best prices are achieved and projects can be delivered within required turnaround times.

  Tackling economic inequality

  Simoda is actively addressing economic inequality by fostering a diverse supply chain that includes SMEs, VCSEs, and charities. We are committed to providing affordable IT solutions to SMEs, thereby supporting their growth. We have also donated spare laptops and equipment to those in need. ; ; We are creating local employment opportunities and offering apprenticeships or internships to individuals from diverse and low socioeconomic backgrounds. Our commitment to social value is particularly focused on the South Yorkshire region, where our office is based. This is in response to the South Yorkshire Combined Authority’s report that identified Sheffield’s unemployment rate as 7.5%, approximately double the national average. https://www.southyorkshire-ca.gov.uk/SheffieldCityRegion/media/PDF-library/KADA-South-Yorkshire-Skills-and-Employment-Evidence-Base-v1-1-(002)-(2).pdf ; ; We are also aware of the significant increase in the number of Trussel Trust food parcels distributed in South Yorkshire between 2018-2019 and 2022-2023. In response, our team commits to an annual Christmas Foodbank appeal. We purchase items most needed and encourage our employees, suppliers and local businesses to contribute. ; ; At Simoda, we have a stringent anti-slavery statement in place. Despite being under the £36m threshold, we believe it is crucial to ensure our supply chain is free from slavery practices and human trafficking. https://www.simoda.co.uk/_files/ugd/d0d92b_503430dcd27641a7b98e7e08d14a35f2.pdf ; ; We are collaborating with local apprenticeship providers such as Baltic Apprenticeships and hosted our annual apprenticeship open day in March 2024. From this, we selected one full-time employee as an IT Support Technician and plan to recruit others throughout the year. ; ; We have established strong relationships with educational providers such as Sheffield Hallam University and Sheffield College. These collaborations enable us to tap into a pool of talented individuals. ; ; We are committed to creating job opportunities that are accessible to everyone, regardless of their socio-economic background. All our staff receive training and development appropriate to their skill level and role.

  Equal opportunity

  At Simoda, we are committed to promoting equality and diversity in our workforce. We have implemented policies to ensure equal opportunities in employment, skills development, and pay. We have updated our Equality, Diversity and Inclusion policy, which can be provided on request. Our recruitment strategy is designed to attract a diverse range of candidates, including those from disadvantaged or minority groups. We also provide regular training and development opportunities to all our employees, enabling them to acquire new skills relevant to their roles and progress within the company. ; ; We understand the importance of in-work progression and are committed to helping our employees, including those from disadvantaged or minority groups, move into higher paid work. We do this by providing them with opportunities to develop new skills relevant to their contracts. We offer a variety of training programs and workshops, and we encourage our employees to take advantage of these opportunities to enhance their skills and advance their careers. ; ; In terms of managing the risks of slavery, we have a stringent anti-slavery policy in place. We are proactive in identifying and managing any risks associated with slavery and human trafficking in our supply chain. We have started to conduct audits of our suppliers to ensure they adhere to our anti-slavery policy and take immediate action if any non-compliance is identified. We believe that it is our responsibility to ensure that our business operations are free from slavery practices, and we are committed to doing everything we can to achieve this. ; ; We are dedicated to promoting social value through our commitment to equality, diversity, and ethical business practices. We believe that by doing so, we can make a positive impact on our employees, our supply chain, and the wider community.

  Wellbeing

  At Simoda, we place a high value on the well-being of our staff. We believe that a happy and healthy workforce is key to our success. We have implemented a range of initiatives to support our staff’s well-being. ; ; We ensure that all staff are paid above the minimum wage and have flexible working arrangements to accommodate their personal needs, including flexibility for parents and school runs. We also hold weekly “Thoughts and Feelings” sessions where staff can share their experiences and discuss what went well or not so well during the week. This proves vital in sharing issues and successes across the team so that everyone feels involved and positive for the next week ahead. ; ; To promote work-life balance, we organise social events such as nights out for functional teams and trips, such as golf days, which are enjoyed by all. We also have a mental health first-aider available to provide support to staff when needed. ; ; In addition, we have introduced an initiative called “Fitness Truck”. Every Wednesday, staff have the opportunity to participate in a physical well-being and fitness training session. This initiative has proven to be highly beneficial in improving staff productivity and positivity. ; ; We also provide user-friendly IT solutions that reduce stress and improve the user experience. We make any necessary adjustments for home working, such as providing blue screens, to ensure our staff can work comfortably and efficiently. ; ; Through these initiatives, Simoda is committed to creating a supportive and positive work environment that prioritises the well-being of our staff. We believe that by investing in our staff’s well-being, we can foster a more productive and positive workplace.

Pricing

• Price: £1.78 to £38.35 a user a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Over 300 users to qualify for a free trial; Full access to the complete training suite for a limited amount of users ; Limited test emails

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsector@simoda.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.