simoda Ltd

KnowBe4 Comprehensive security awareness and training with AI-driven phishing simulations

KnowBe4 is the world’s largest security awareness and compliance training and simulated social engineering platform. It combines the industry’s most comprehensive library of engaging, localised content, AI-driven simulated phishing and training recommendations, enterprise-grade reporting and robust user testing and assessments to drive awareness and change behaviour.

Features

• AI-driven phishing simulations tailor training to user behaviour
• Massive content library keeps security awareness engaging and effective
• Enterprise-grade reporting offers comprehensive oversight and analytics1
• User testing and assessments measure and improve security awareness
• Easy deployment and user-friendly interface ensure smooth operation
• Efficient administration streamlines security awareness program management
• Continuous intelligence and analytics enhance security posture
• ModStore variety offers diverse training content options
• Customizable campaigns adapt to specific organisational needs
• Real-time coaching corrects risky behaviour instantly

Benefits

• Reduces risk exposure, enhancing cybersecurity posture
• Lowers investigation costs for email alerts
• Avoids development costs for security content
• Saves on security program administration costs
• Engages users with AI-driven training methods
• Provides extensive, always-fresh training materials
• Delivers robust reporting capabilities for enterprises
• Includes assessments for awareness benchmarking
• Features straightforward platform setup and use
• Offers ongoing security insights and analytics

£1.78 to £38.35 a user a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsector@simoda.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

757244811284459

Contact

David Cook
0114 553 3600
publicsector@simoda.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements: None

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: 4 Hour response on Simoda's standard support package. (Mon-Fri 9am -5pm Excluding bank holidays.; 1 Hour response on Simoda's Premium support package. (Mon-Fri 8.30am - 5.30pm Excluding bank holidays)
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Standard Knowb4 Support; A user-based support contract for Knowb4; Standard Business Hours 9am – 5pm; 4 Hour Response; Customer Portal; Quarterly Review; Training Optimisation; Custom Campaign Management ; Cost per user £1 per user per month
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Onboarding process with KnowBe4; All onboarding is included in the price; Setup & Configuration is included with the service; Administrator Training ; Online Training
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: All user/client information can be downloaded via CSV at the end of the contract or anytime during the contract
• End-of-contract process: Minimum Contract term is 12 months if not renewed then access is removed and all documentation is archived then securely deleted

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: KnowBe4’s APIs are; REST APIs; that allow you to pull phishing, training, user, and group data from the KnowBe4 console. Data is returned in a JSON structure by default--no additional parameter is needed.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Users can customise their Knowb4 Platform in a wide variety of ways in order to achieve maximum benefits for their workforce including:; ; Training Content; Phishing Content; User Groups; Training & Phishing Frequency ; Clients Own Training and Policies can be Integrated; Reports; Customised branding can also be applied; ; Administrators of the platform be IT Staff and controlled functionality decentralised to departmental management or can be completely administrated by Simoda Ltd.

Scaling

• Independence of resources: SLA available on request

Analytics

• Service usage metrics: Yes
• Metrics types: Organisations Risk Score. Reporting of Simulated & Non-Simulated Phishing Emails. Phishing Campaign Results. Training taken by User
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Knowb4

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: Never
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Exported via CSV
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.9%
• Approach to resilience: Load balancing, snapshots, redundancy built in, WAF
• Outage reporting: Status Webpage

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Multi-Factor Authentication & Single Sign-On
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Cyber Essentials Plus Accredited; All endpoints are monitored and Protected by an External SOC; Multi-Factor Authentication in place.; Control over websites accessed.; Email Security Gateway.; Comprehensive regular security training
• Information security policies and processes: Simoda's internal information security policy

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Knowb4 control all change management
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Continued vulnerability scanning on all endpoints; Multi-Factor Authentication ; All software is updated with security patches regularly ; Threat Intelligence services
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Endpoint monitoring; Internal Siem; External SOC services overviewing our internal systems; Follow internal breech procedures for dealing with a potential compromise; Immediately with reporting to the customer within 72 hours of an incident
• Incident management type: Supplier-defined controls
• Incident management approach: Incidents reported through monitoring and procedures are followed dependent upon the type of incident.; All reported incidents are done via a written report and managed through our threat analytical systems

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  At Simoda, we are deeply committed to the Social Value objective of combating climate change. Simoda, an SME, is committed to fighting climate change and achieving Net Zero by 2040. We work with green IT solution providers like HPE and promote energy-efficient hardware, virtualisation, and renewable energy in data centres https://www.hpe.com/uk/en/living-progress/sustainable-it.html. We believe that every action, no matter how small, contributes to a larger impact. ; ; Our sustainability strategy includes establishing a baseline of our greenhouse gas emissions (5.49 metric tonnes for Scope 1 and 2.90 metric tonnes for Scope 2) and pursuing reduction strategies. We’re actively pursuing reduction strategies around travel and energy usage and leveraging analytics, technology, and AI to drive our operations towards our Net Zero target. We’re preparing to submit our emissions data and targets to the SME Climate Hub. Our overall emissions, which include partly gathered Scope 3 emissions that we’ve managed to calculate using available data, equate to 11.81 metric tonnes of CO2 annually. ; ; Our Sustainability Strategy can be requested. ; ; Offsetting Carbon Footprint: At Simoda, we have pledged to plant a tree for every new customer and employee as part of our carbon offset initiative, in partnership with Evertreen: Home - Evertreen We will be announcing this in May 2024. This initiative not only offsets our carbon emissions but also supports biodiversity and helps restore natural habitats across countries that have suffered from many years of deforestation and destruction. ; ; Landfill Waste Reduction: Simoda has implemented an effective office recycling scheme that plays a crucial role in our waste management on and off-side. Our team receive recycling training and we have appointed a recycling champion.

  Covid-19 recovery

  Simoda is supporting Covid-19 recovery by providing robust IT solutions that enable remote working, thereby helping businesses maintain continuity during and after the pandemic. They can also offer cloud services and cybersecurity solutions to ensure secure and efficient remote operations. ; ; Simoda Limited played a crucial role in supporting local Covid-19 recovery efforts, particularly in South Yorkshire’s NHS Clinical Commissioning Groups (CCGs) Nightingale Centre. Here’s how we contributed: ; ; Rapid Deployment of network services, routers and switches as part of the IT Infrastructure: Simoda responded swiftly to the urgent need for IT infrastructure in the newly established Covid-19 test centres. We provided the necessary connectivity and networking solutions, enabling these centres to become operational in a short space of time. This rapid deployment was critical in the early stages of the pandemic when testing was paramount. ; ; Customised IT Solutions: Understanding that each test centre had unique requirements, Simoda offered customised IT solutions. This included setting up secure and reliable internet connections, installing necessary hardware such as switches and routers. ; ; Technical Support and Maintenance: Beyond the initial setup, Simoda offered ongoing technical support and maintenance to ensure the smooth operation of these test centres. ; ; Impact: The impact of Simoda’s support was significant. The test centres were able to operate efficiently and effectively, contributing to the region’s Covid-19 recovery efforts. ; ; Simoda continues to support businesses, charities and the public sector with essential IT infrastructure and consultancy services, working with partners to ensure the best prices are achieved and projects can be delivered within required turnaround times.

  Tackling economic inequality

  Simoda is addressing economic inequality by working with a diverse supply chain, including SME’s, VCSE’s and charities. We also provide affordable IT solutions to small and medium-sized enterprises (SMEs) to support their growth and have provided spare laptops and equipment without cost. We are creating local employment opportunities and offering apprenticeships or internships including individuals from diverse and low socioeconomic backgrounds. ; ; We are committed to creating social value in the South Yorkshire region in particular, where our office is based as a report by the South Yorkshire Combined Authority identified that Sheffield’s unemployment rate is 7.5%, approximately double the national average. Between 2018-2019 and 2022-2023, the number of Trussel Trust food parcels given out in South Yorkshire rose by 261.5%. ; ; https://www.southyorkshire-ca.gov.uk/SheffieldCityRegion/media/PDF-library/KADA-South-Yorkshire-Skills-and-Employment-Evidence-Base-v1-1-(002)-(2).pdf ; ; Every year, our team commit to our Christmas Foodbank appeal. We buy items most required by the local Trussel Trust foodbank and ask employees, suppliers, local businesses and partners to contribute through a social media before delivery: Simoda’s Christmas Foodbank Appeal.

  Equal opportunity

  At Simoda, we are committed to promoting equality and diversity in our workforce. We have implemented policies to ensure equal opportunities in employment, skills development, and pay. We have updated our Equality, Diversity and Inclusion policy, which can be provided on request. Our recruitment strategy is designed to attract a diverse range of candidates, including those from disadvantaged or minority groups. We also provide regular training and development opportunities to all our employees, enabling them to acquire new skills relevant to their roles and progress within the company. ; ; We understand the importance of in-work progression and are committed to helping our employees, including those from disadvantaged or minority groups, move into higher paid work. We do this by providing them with opportunities to develop new skills relevant to their contracts. We offer a variety of training programs and workshops, and we encourage our employees to take advantage of these opportunities to enhance their skills and advance their careers. ; ; In terms of managing the risks of slavery, we have a stringent anti-slavery policy in place. We are proactive in identifying and managing any risks associated with slavery and human trafficking in our supply chain. We have started to conduct audits of our suppliers to ensure they adhere to our anti-slavery policy and take immediate action if any non-compliance is identified. We believe that it is our responsibility to ensure that our business operations are free from slavery practices, and we are committed to doing everything we can to achieve this. ; ; We are dedicated to promoting social value through our commitment to equality, diversity, and ethical business practices. We believe that by doing so, we can make a positive impact on our employees, our supply chain, and the wider community.

  Wellbeing

  At Simoda, we place a high value on the well-being of our staff. We believe that a happy and healthy workforce is key to our success. We have implemented a range of initiatives to support our staff’s well-being. ; ; We ensure that all staff are paid above the minimum wage and have flexible working arrangements to accommodate their personal needs, including flexibility for parents and school runs. We also hold weekly “Thoughts and Feelings” sessions where staff can share their experiences and discuss what went well or not so well during the week. This proves vital in sharing issues and successes across the team so that everyone feels involved and positive for the next week ahead. ; ; To promote work-life balance, we organise social events such as nights out for functional teams and trips, such as golf days, which are enjoyed by all. We also have a mental health first-aider available to provide support to staff when needed. ; ; In addition, we have introduced an initiative called “Fitness Truck”. Every Wednesday, staff have the opportunity to participate in a physical well-being and fitness training session. This initiative has proven to be highly beneficial in improving staff productivity and positivity. ; ; We also provide user-friendly IT solutions that reduce stress and improve the user experience. We make any necessary adjustments for home working, such as providing blue screens, to ensure our staff can work comfortably and efficiently. ; ; Through these initiatives, Simoda is committed to creating a supportive and positive work environment that prioritises the well-being of our staff. We believe that by investing in our staff’s well-being, we can foster a more productive and positive workplace.

Pricing

• Price: £1.78 to £38.35 a user a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Over 300 users to qualify for a free trial; Full access to the complete training suite for a limited amount of users ; Limited test emails

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsector@simoda.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.