Skip to main content

Help us improve the Digital Marketplace - send your feedback

MONDAS CONSULTING LTD

KnowBe4 Security Awareness Training Licences

Purchase KnowBe4 Security Awareness Training licences to upskill your staff by utilising the KnowBe4 AI powered security awareness training and phishing simulations, to protect against Cyber Security threats. The KnowBe4 tool can be purchased in silver, platinum, gold or diamond. Our SOC team can run regular KnowBe4 exercises.

Features

  • Complete Security Awareness Training package through KnowBe4
  • Includes KnowBe4 bespoke phishing test campaigns
  • Increase User Awareness of common cyber attack types
  • KnowBe4 training available for phishing prone employees
  • Monthly Security Awareness Training report via KnowBe4 portal
  • Real-time Security Awareness Training dashboards via KnowBe4 portal

Benefits

  • KnowBe4 will increase your security against cyber attacks
  • Train your staff to be more cyber aware with KnowBe4
  • Create an a positive cyber security culture
  • Monitor Security Awareness Training campaign effectiveness
  • KnowBe4 can measure Security Awareness Training improvements
  • KnowBe4 will identify users who are susceptible to phishing emails

Pricing

£500 a licence a month

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at george@mondas.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

8 4 7 3 9 8 9 2 8 8 8 7 7 4 4

Contact

MONDAS CONSULTING LTD George Eastman
Telephone: 07738619533
Email: george@mondas.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
None.
System requirements
None.

User support

Email or online ticketing support
Email or online ticketing
Support response times
24x7x365. All tickets will be responded to within 15 minutes.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AAA
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
WCAG 2.1 AAA
Web chat accessibility testing
Utilising Teams, Skype and Slack
Onsite support
Onsite support
Support levels
Our support is available 24x7x365 with a 15 minute response time and tiered remediation and resolution times based on the priority of the incident. Full details can be seen in the SLA document. All support levels are included within the service price. A service delivery manager and technical account manager are provided for all services. A cloud support engineer can be available on request.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
All users will receive documentation on how to start using the service. Online training can be given to new starters upon request or on site training can be offered at an additional charge.
Service documentation
Yes
Documentation formats
HTML
End-of-contract data extraction
All data can be extracted at the end of the contract in a RAW format.
End-of-contract process
At the end of the contract we can assist with the decommissioning of the service or handing over to a new incoming supplier. We will also ensure all data is securely downloaded to the clients local systems if required. Any cloud stored data will be securely deleted.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
None.
Service interface
Yes
User support accessibility
WCAG 2.1 AAA
Description of service interface
Users can access the service interface through a web application portal.
Accessibility standards
WCAG 2.1 AAA
Accessibility testing
Utilising Teams, Skype and Slack
API
Yes
What users can and can't do using the API
All our system data can be accessed via a REST API.
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Users can create custom dashboards and reports for their service and integrate with their relevant security stack.

Scaling

Independence of resources
Each customer has a dedicated cloud instance for their service.

Analytics

Service usage metrics
Yes
Metrics types
Typical service metrics include monthly data consumption, event per second (EPS) & total number of licenses used.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
KnowBe4

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Data export can be requested through our ticketing system.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
  • XML
  • RAW
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
  • XML
  • RAW

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
SLAs are agreed prior to any contract commencement and are dependent on the tiered support level purchased by the user. If availability falls below the service metric defined within the SLA a refund is given as a service credit against future invoices.
Approach to resilience
Our service is purpose built to be resilient, details on this can be provided upon request.
Outage reporting
Outages are reported via an email alert or a public dashboard.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels
RBAC is implemented for all users who are able to access the system.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BSI
ISO/IEC 27001 accreditation date
30/08/2022
What the ISO/IEC 27001 doesn’t cover
None.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
Yes
Any other security certifications
  • CHECK
  • CREST

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
Cyber Essentials & Cyber Essentials+
Information security policies and processes
We have a full set of ISO27001 approved security policies and processes which can be provided upon request.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
We have clearly defined ITIL approved process in place for configuration and change management. Full details can be provided upon request.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
We run weekly vulnerability scans to assess potential threats. Patches are typically deployed within 48 hours of a low or medium vulnerability being discovered. For high or critical vulnerabilities, patches will be deployed as a matter of urgency.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
We have a 24x7 SOC team who monitor our internal and our clients services for signs of compromise. Incidents are discovered real time and responded to within 15 minutes.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
We follow ITIL defined controls for incident management and have internal policies and processes in place. Tickets can be reported via phone, email or ticketing systems.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

Mondas is committed to achieving Net Zero emissions by 2030.

In order to continue our progress to achieving Net Zero, we have adopted the following carbon reduction targets.

We project that carbon emissions will decrease over the next five years to 0 tCO2e by 2030, with our initial target to have reduced emissions by 7CO2e in the 1st financial year. We are also currently scoping initiatives to become Carbon neutral by offsetting our emissions by sponsoring verified carbon projects funding the plantation of trees.

Completed Carbon Reduction Initiatives:

The following environmental management measures and projects have been completed or implemented since the 2022 – 23 baseline.

- Continuation of virtual meetings using Google Meet
- Energy reduction program – switch off policy, what runs, runs when needed only
- Employees given options for flexible working model to reduce accommodation requirements

Covid-19 recovery

We are committed to building back from the COVID-19 pandemic in a way that prioritizes the well-being of our community and fosters a more just and resilient society. We recognize the social and economic hardships caused by the pandemic, and we believe recovery efforts must address these challenges head-on.
Our core social values in COVID-19 recovery are:
- Inclusive Growth: We will create opportunities for everyone to participate in the economic recovery, with a focus on supporting those disproportionately affected by the pandemic, such as unemployed individuals, minority groups, and small businesses.
- Mental & Physical Health: We will prioritise the mental and physical health of our community by promoting healthy workplaces, providing access to mental health resources, and supporting initiatives that reduce the burden on healthcare systems.
- Building Resilience: We will invest in programs and infrastructure that strengthen our community's ability to withstand future crises. This includes fostering social cohesion, promoting sustainable practices, and creating a skilled workforce prepared for a changing world.
We will achieve these goals by:
- Employment and Training: Offering job training programs, creating new employment opportunities, and prioritising hiring from underrepresented communities.
- Community Support: Providing resources and assistance to vulnerable populations, including mental health services, food banks, and childcare support.
- Adapting Work Practices: Encouraging flexible work arrangements, promoting safe workplaces, and adopting sustainable commuting options.
- Investing in Innovation: Supporting research and development initiatives that address public health needs and build a more resilient future.
We believe that a socially responsible approach to COVID-19 recovery is not only ethical but also good business. By prioritising social value, we can build a stronger, more equitable, and more prosperous community for all.

Tackling economic inequality

Mondas are registered national living wage employers. Mondas recognises that recompense for work should allow those working for or with Mondas to a decent standard of living without dependence on outside subsidies.

Mondas recognises that payment of the living wage gives a variety of benefits which may include:

- Staff retention and reduced turnover;
- Increased employee engagement;
- Reduced absenteeism;
- Increased commitment to the organisation;
- Ethical employment practices; and
- A contribution to reduction in poverty affording people the opportunity to provide for themselves and their families.

Equal opportunity

Mondas is an equal opportunities employer. We treat our people fairly and equally and are committed to promoting equal opportunities in employment. We want you to work in an environment which embraces diversity and is free from discrimination and harassment.

We believe that all our employees have something to contribute to the overall success of the business and that this can be achieved through our encouragement and support. In partnership with employees and our leaders, we will continue our journey to develop a culture that upholds the benefits of diversity and inclusion so that in years to come our business will physically reflect and represent a more diverse and inclusive workforce from the top down. Our strategy includes some amazing initiatives in respect of disability, ethnic minorities, gender, LGBT+ and mental health.

Wellbeing

Mondas is committed to promoting and supporting the wellbeing of all of its employees, to create an inclusive culture which focuses on prevention, and where issues are identified, minimized and managed before they have a detrimental impact on employees.
Mondas recognises that around approach to employee wellbeing can:
- Raise awareness and provide guidance on issues relating to health and wellbeing in recognition of Mondas’ role in improving employees health
- Encourage the adoption of a proactive approach to prevent and minimize the risks associated with poor health and wellbeing within the workforce
- Create a supportive environment that enables employees to be proactive in supporting their own health and wellbeing;
- Support an improvement in the engagement score for Health and wellbeing in the Staff Survey.
- Foster a thriving workforce, which can deliver on its objectives;
- Achieve increased employee engagement, productivity, retention and recruitment;
- Reduce stigma against wellbeing issues, and overall reduced sickness absence, presenteeism and leavism.
All matters relating to an employee’s wellbeing will be treated in confidence, except where it may be necessary to break confidentiality to preserve the wellbeing of employees.
Mondas recognises that the diversity of its workforce may give rise to different wellbeing needs.
Mondas is committed to ensuring that employees have access to a variety of support services and will signpost to appropriate professional help.
Mondas recognises that the environmental conditions in which employees work may have an impact on their wellbeing.
Where employee wellbeing issues remain unresolved, employees are encouraged to contact HR.
Mondas recognises that wellbeing issues may lead to time off from work, however it will endeavor to support employees staying in work, if it is agreed that it is in their best interests to do so.

Pricing

Price
£500 a licence a month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
A full featured proof of concept can be run over a 4 week period.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at george@mondas.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.