OutThink’s Training Content can be delivered to end-users (learners) as a modern web-based experience from their browser, or within the realms of your corporate Learning Management System (LMS). The style of the content, including logos, fonts and colors can all be tailored to your corporate brand via self-service features provided to you in the application. Furthermore, using our unique and innovative Training Editor, the textual content itself of the entire training experience can be adjusted to align with your own policies and procedures.
This section details advanced optional technical customization of the platform to align system email communications and use of domains to your own corporate systems.
These steps only apply to those customers using the web-based experience for security awareness training. If training is delivered via your own corporate Learning Management System, these steps does not apply.
Email invitations and notifications
OutThink will keep end-users informed when they have training to undertake, when they are behind on their scheduled training, and for progress reports and completion notifications. This communication can be directed via email, Microsoft Teams or Slack.
Where email communication is used to communicate with your end-users, several options are provided with regard to the identity of the email sender. Consider which of these options best applies for your organisation.
Option 1: Default Setup
Emails arrive in your user’s inboxes from OutThink (notifications@cyber.outthink.io). This is the default option.
Option 2: SMTP Forwarding
To take full control of email distribution, OutThink can instead route all email through your own email server infrastructure. This means that users will receive training notifications that appear to originate from your own corporate email domain.
For this option, an SMTP Server is required, with credentials provided to allow OutThink to distribute emails on your behalf. TLS communication must be enforced, and it is highly recommended to provide SMTP credentials that grant permission to send from just a single email address or sub-domain.
To enable this option, provide your OutThink Customer Success representative with the following information. Your IT Team will be able to confirm if this is a viable option for you.
| Required Field | Example Value |
|---|---|
| SMTP Server (FQDN) | email-smtp.eu-west-1.amazonaws.com |
| SMTP Username | AXBYVDRNQAXAKYGWZV4C |
| SMTP Password | *************** |
| SMTP TLS Port | 587 |
| From Email Address | securityawareness@acme-company.com |
| From Email Name Alias | Information Security Team |
With this option, it is essential to use an enterprise-class email service, such as AWS SES, Microsoft Exchange Server SMTP or SendGrid, such that there are no heavy throttling limits imposed on email delivery. Note: OutThink do not support SMTP forwarding to Office 365 email addresses for this reason.
Option 3: Email DNS Verification
If you cannot provide access to an SMTP Server, but still wish to take advantage of controlling the sender identity of training emails, we can instead use a chosen email address or sub-domain, and grant OutThink the rights to use it on your behalf. OutThink will send all training notifications via this email address.
A DNS verification process must be undertaken in collaboration with your IT Team to successfully implement this option. Speak to your OutThink Customer Success representative for further details.
Training Delivery (Hostname)
When a user clicks their unique personal hyperlink in training emails, or via Microsoft Teams or Slack notifications, their web browser is redirected to their own personal dashboard, where they can undertake or review security awareness training.
Option 1: Default Setup
The simplest option is to deliver security awareness training to your end-users on OutThink’s own dedicated hostnames. Learners are presented with uniquely identifiable URL’s in all training notifications and in their browser address bar.
Option 2: Dedicated Hostname
In addition to setting aesthetics to match your corporate brand, it is possible to also utilise our premium offering of aliasing the training hostnames that serves training content to your end-users via the web.
If you wish to serve security awareness training on hostnames of your own choosing, you must select which hostnames to use. OutThink recommend identifying two distinct sub-domains which serve the learner dashboard and the training content respectively. For example:
learner.acme-company-domain.comsecurityawareness.acme-company-domain.com
Our partners (Microsoft & GeoTrust) will be instructed to commission the necessary server certificates and deploy them onto our Content Delivery Networks to ensure secure communications are established.
Your IT Team will be required to add two CNAME entries with your DNS Provider to alias the new hostnames to OutThink’s systems.
OutThink will notify you once all provisioning has been completed and will send you a test training campaign so that the above hostnames can be tested.
Was this helpful?
8 / 1