FAQs

Here you will find some of the frequently asked  questions about some of the services and tools that Hightrees offer, please feel free to contact us with any specific questions

ownCloud (2)

Frequently Asked Questions regarding ownCloud cloud storage accounts

Log in to your ownCloud account with the Administrator details via a web browser

Make sure that the Mozilla Sync app is installed and enabled.

Logout and login with your normal ownCloud Account via a web browser.

Choose Personal (under your login name on the right hand side of the screen)

Make sure that you have a valid email address and then scroll down the page to the Mozilla Sync section and the details you need to use will be displayed :

Mozilla Sync

Emailyouremail@yourdomain.com
PasswordUse your ownCloud account password
Server addresshttp or https://yourdomain.com/remote.php/mozilla_sync/

Mozilla Sync is set up, additional devices can be added via Mozilla’s device pairing service or manually.

Next login into Mozilla Firefox on your desktop

Choose Tools > and Sync or in the browser adress bar type in about:home and choose the Sync icon disayed at the bottom of the page.

Enter the details as described in your ownCloud account (example above) and then click next when you have finished.

Your desktop Firefox should now sync its data to your ownCloud account.

To add a device, i.e Firefox running on Android mobile phone you can follow the instructions (From Part 2) at the Mozilla site here https://support.mozilla.org/en-US/kb/how-do-i-set-up-firefox-sync

 

Permalink


To sync different or multiple folders in ownCloud, please do the following :

  • Open the client software on your PC
  • Click on Account, on the left hand menu
  • Remove the default sync point which is created when you install the software
  • Add the new folder and where you would like to sync it to on your remote ownCloud storage

 

 

Permalink


VoIP (5)

Frequently Asked Questions regarding VoIP

When your VoIP account was setup, you would have been emailed a quick reference guide which includes your VoIP ID, your password, the email address that your voicemails will go to as well as your voicemail PIN code.

If you have not recieved, or misplaced this information please contact us

Permalink


In short, yes !

We support both SIP and IAX via our VoIP Accounts, so if you run an Asterisk (or asterisk based) telephone system already we can help provide you with a VoIP acount, telephone numbers, VoIP Call packages.

We can even setup a Pay as You Go tariff and account, so if you already have a VoIP Provider you have a backup VoIP Trunk in case of unforeseen  technical difficulties.

 

Permalink


Ideally for VoIP to operate, you will need an internet connection with a speed of at least 128 kbps (like ADSL) to make sure that you get good call quality and successfully use of VoIP. The reasons for this are :

  • You need at least 64 kbps download plus 64 kbps upload bandwidth to make an uncompressed VoIP call. Otherwise you will need to compress your VoIP traffic using compression codecs such as G.729 which can decrease the bandwidh to approximately 30 kbps. These ethods of compression are normally used in situations when multiple calls are going over the same connection, NOT when bandwidth is restricted to less than 128 kbps. If you have dial-up you will be very fortunate and incredible lucky to achieve decent call quality even if you are using VoIP compression.  You can test your internet speed here using Speedtest.net
  • A broadband connection is ‘always on’, thereby ensuring that you can receive and make calls with minimum interruption to your VoIP Service.
  • You want to make sure that you have enough bandwidth left over for typical Internet traffic (e.g. emails, cloud services, web browsing, file downloads, video streaming etc).  However some routers will allow you to prioritise your VoIP traffic to ensure that you always have sufficient bandwidth available for using VoIP.

Permalink


Hightrees are able to port most UK geographic numbers from many telecommunication providers as well some international numbers from certain destinations, however, some restrictions may apply. For more information, visit our number porting page.

Permalink


A softphone is the term used to describe software which is used to create a phone connection on a computer or mobile device. The computer/mobile acts as the telephone handset on the VoIP service. We would recommend using a headset is, ideally one with both a microphone and head speakers, if you are using a softphone on a PC/Laptop to reduce background noise on your calls.

Permalink


Hosted Exchange (5)

Frequently Asked Questions regarding our Hosted Exchange Email

Updating your DNS to to use our Hosted Exchange Service

In order to use your domain name with our Hosted Exchange Service, you need to make some minor changes to DNS records.

Update your MX Records :

Make sure that your MX records are set to the following :
inboundcluster1.cloudplatform1.com pref/priority 10
inboundcluster2.cloudplatform1.com pref/priority 10
inboundcluster3.cloudplatform1.com pref/priority 20
inboundcluster4.cloudplatform1.com pref/priority 20

Create an Autodiscover Record

autodiscover.yourdomainname.com CNAME autodiscover.cloudplatform1.com TTL (lowest possible)

Create a OWA DNS Record

owa.yourdomainname.com CNAME owa.cloudplatform1.com

Create an SPF DNS Record

include:cloudplatform1.com which should resolve to: v=spf1 include:spf.cloudplatform1.com -all

Permalink


Creating Email Signatures (Cloud Platform)

The instructions below detail how to create your clients Email Signatures from within your Cloud Platform. We would advise completing the below steps before installation of the Signatures add-in on your end-users machine.

The creation of Signatures involves 3 steps:

– Creating the HTML signature
– Creating the Plain Text signature
– Adding addresses to the exclusion list (optional).

Signatures will be applied to Outlook Web App and any Outlook user that has the Hosted Exchange Add-in installed.

1. Click the Exchange tab in the left sidebar and click ‘View clients’. Select the relevant organisation that you wish to add Signatures to.

2. Select the ‘Settings’ tab which can be seen in the bottom half of the screen. Now scroll down to the ‘Email Signatures’ section and click the ‘Manage Signatures’ button. This will take you to the Signature control area.

email-sig1

 

 

 

 

PLEASE NOTE: Here you can also download the Signatures Add-in if you wish. Simply select your operating system from the list displayed under the ‘Manage Signatures’ button.

3. Now you will be presented with a list of domains. Select the domain you want to create a signature for and click ‘Next’.

PLEASE NOTE: If a signature already exists for the selected domain you will be given the option to ‘Edit’.

email-sig2

 

 

 

 

 

 

 

4. Using the control panel you can now you can create a HTML signature for the selected domain.

In this editor you have 2 options:

– You can enter plain text and the editor will create the HTML mark-up in the background
– Click the ‘Source’ button to directly edit the HTML mark-up

email-sig3

 

 

 

 

 

 

 

email-sig4

 

 

 

 

 

 

 

Address Book Attributes

Both the HTML and Plain Text editors have the ability to insert placeholders for Address Book attributes.

In order to insert an address book attribute, select one from the ‘Insert’ drop down if using the HTML editor or the ‘Select Attribute’ drop down in the plain text editor.

email-sig5

 

 

Selecting a placeholder will insert text into the editor in the format:

%%Name:[DisplayName]%%

The part of the placeholder highlighted here in blue can be changed to anything, whereas the parts highlighted in red must not be changed otherwise the placeholder will not work.

This allows you to change the title of the attribute for example:

%%Name:[DisplayName]%%

Could be changed to:

%%Employee Name – [DisplayName]%%

And in the final signature for the end user it would appear as:

Employee Name – John Smith

If a user does not have a value for the placeholder in their address book entry the whole line will be removed, for example, in the following signature template:

%%Email: [EmailAddress]%%
%%Name: [DisplayName]%%
%%Mobile: [MobileNumber]%%

If a user does not have Display Name set in their address book entry, the line with Display Name would not appear in the signature, as shown below:

Email: john.smith@domain.com
Mobile: 01234 567890

5. Once you have completed the HTML signature click ‘Next’.

6. On the next screen you can edit the plain text signature as instructed. Once you have done completed this, click ‘Next’.

email-sig6

 

 

 

 

 

 

 

7. Now you will be taken to the exclusions list.  This feature is used to add email addresses that will not be included in the domain signature. To add an address to the exclusion list type it into the top textbox and click ‘Add’.

In order to remove and address, select the address from the list and click ‘Remove’, which will be in place of the ‘Add’ button once an address is selected.

email-sig7

 

 

 

 

 

 

 

Once you have added all excluded email addresses, click ‘Submit’. The signature that you have just created will now be available in your clients Outlook and Outlook Web App (with Hosted Exchange Add-in).

Permalink


End-user Installation (Signatures Add-in)

The Hosted Exchange Add-in must be downloaded to yours clients PC’s in order for the Email Signature feature to work. We would advise following the below instructions after you have set-up the Email Signature within your Cloud Platform. However, signatures can be updated anytime, as detailed below.
1. Select the correct add-in setup file link for your clients version of Outlook. You can find the add-in links on the homepage of your clients Cloud Platform management portal (to the right hand side of the screen, under the ‘Outlook’ download links). When selected, the add-in download will begin.

PLEASE NOTE: The 32Bit/64Bit options refers to the version of Outlook that is installed and not the operating system.

sig1

 

 

 

2. Upon running the setup, depending on your Operating System, you will be presented with 1 or 2 prerequisites that require downloading before installing the Add-in.  Both of these will require Administrator privileges to install.

sig2
 

 

Prerequisites:

  • Microsoft .NET Framework 4.5 Full – This will come as standard on Windows 8 and upwards so only earlier versions of Windows will require this, if not already installed. For more information please visit https://www.microsoft.com/en-gb/download/details.aspx?id=30653 .
  • Visual Studio 2010 Tools for Office Runtime – If a full version of Microsoft Office has been installed this will not require installing. It allows Office Add-ins created with the VSTO platform to run. For more information please visit https://www.microsoft.com/en-GB/download/details.aspx?id=48217 .

Depending on your Operating System on or both of these prerequisites will require a restart. After restarting the installer will pick up from where it left off.

3. Once the prerequisites have been installed (if required) the Hosted Exchange Add-in will be begin installation. Click ‘Next’ to continue.

 

sig3

 

 

 

 

4. In order to continue installation accept the license agreement and click ‘Next’.

sig4

 

 
5. You will then be presented with an option to install the Add-in for “Anyone who uses this computer” (all users) or “Only for me”(current user). To install for all users will require Administrator privileges as indicated by the shield symbol.

sig5

 

 

 

 

 

 

Clicking ‘Next’ will install the Add-in. If ‘Only for me’ is selected you may notice a window pop-up and disappear very quickly – this is a normal part of the installation process.

6. Once the installation has finished click ‘Finish’.

sig6

 

 

 

 

 

The next time Outlook is opened the latest signatures for any Hosted Exchange mailbox in Outlook will be downloaded. If this is the first time a signature has been downloaded a prompt will show indicating that a restart of Outlook is required in order to apply the new signature.

sig7

 

If an update for the add-in is available a new group will appear on the ‘Home’ ribbon in Outlook, with a button to download the latest installer. Run this file to install the latest version of the Hosted Exchange Add-in.

sig8

 

Permalink


Generic Mobile settings for our Hosted Exchange Service

Please consult your handset user guide for specific instructions on how to configure your handset.

The mailbox needs to be applied or set-up as a “Microsoft Exchange” account.

Exchange 2010

  • E-mail:  The user’s full email address
  • Server:  cas.messageexchange.com
  • Domain:  At first leave blank, if no connection, then enter: messageexchange.com
  • Username:  The user’s full email address
  • Password:   The user’s mailbox password
  • Use SSL: “ON“

Exchange 2013

  • E-mail:  The user’s full email address
  • Server:  cas.cloudplatform1.com
  • Domain:  At first leave blank, if no connection, then enter: cloudplatform1.com
  • Username:  The user’s full email address
  • Password:  The user’s mailbox password
  • Use SSL: “ON“

Exchange 2016

  • E-mail:  The user’s full email address
  • Server:  activesync.giacomcp.com
  • Domain:  Leave this blank
  • Username:  The user’s full email address
  • Password:  The user’s mailbox password
  • Use SSL: “ON“

 

Permalink


Email Security is secure email management that works in the cloud – email threats are removed at the Internet-level, away from your business network. Maximum security, minimum investment of resources. It’s how smart businesses manage email.

Our Hosted Exchange Email Security archiving service ensures secure long-term storage of your business emails in geographically diverse datacentres – this is available as a 1 Year option or 10 year Option on our Hosted Exchange mailbox accounts.

Efficient self-search-and-recover capabilities means quick access to any emails required by you and your staff.

The online control panel lets you securely view and resend emails, even those that have been captured as spam or long-term archived.

Our Email Security anti-spam technology uses sophisticated investigation techniques, including both content and reputation-based scanning, so you get outstanding results

Permalink


BitDefender (1)

Frequently Asked Questions regarded BitDefender GravityZone

Please be aware, this version of Bitdefender does not include the Microsoft Exchange installation package

Windows Operating Systems


Desktop Operating Systems

● Windows 10 Anniversary Update “Redstone”*

● Windows 10 TH2(1)

● Windows 10(1)

● Windows 8.1

● Windows 8

● Windows 7

● Windows Vista with Service Pack 1

● Windows XP with Service Pack 2 64 bit

● Windows XP with Service Pack 3

*Only Bitdefender Endpoint Security Tools and Endpoint Security offer support for Windows 10. To check the versions from which it is available, refer to the product specific Release Notes.

Server Operating Systems

  • Windows Server 2012
  • Windows Server 2012 R2
  • Windows Small Business Server (SBS) 2011
  • Windows Small Business Server (SBS) 2008
  • Windows Server 2008 R2
  • Windows Server 2008
  • Windows Small Business Server (SBS) 2003
  • Windows Server 2003 R2
  • Windows Server 2003 with Service Pack 1
  • Windows Home Server

Tablet and embedded operating systems

● Windows Embedded 8.1 Industry

● Windows Embedded 8 Standard

● Windows Embedded Standard 7

● Windows Embedded Compact 7

● Windows Embedded POSReady 7

● Windows Embedded Enterprise 7

● Windows Embedded POSReady 2009

● Windows Embedded Standard 2009

● Windows XP Embedded with Service Pack 2 **

● Windows XP Tablet PC Edition(2)
**These specific embedded operating system components must be installed:

● TCP/IP Networking with Client For Microsoft Networks

● Base Support Binaries

● Filter Manager

● DNS Cache Support

● Windows Installer

● WMI Windows Installer Provider

● Workstation Service

● WinHTTP

● Windows XP Service Pack 2 Resource DLL

● Windows Logon (Standard)

● Explorer shell

● NTFS format

 

Workstation Operating Systems

● 1 GHz or faster for Microsoft Windows XP SP3 and Windows XP SP2 64 bit

● 2 GHz or faster for Microsoft Windows Vista SP1 or higher (32 and 64 bit),

– Microsoft Windows 7 (32 and 64 bit), Microsoft Windows 7 SP1 (32 and 64bit),

– Windows 8, Windows 8.1, Windows 10, Windows 10 TH2, Windows 10

– Anniversary Update “Redstone”

● 800 MHZ or faster for Microsoft Windows Embedded Standard 7 SP1, Microsoft

– Windows POSReady 7, Microsoft Windows POSReady 2009, Microsoft Windows

– Embedded Standard 2009, Microsoft Windows XP Embedded with Service Pack

– 2, Microsoft Windows XP Tablet PC Edition

PLEASE NOTE: Bitdefender does not provide full protection support for Windows XP

Linux Operating Systems

● Red Hat Enterprise Linux / CentOS 5.6 or higher

● Ubuntu 10.04 LTS or higher

● SUSE Linux Enterprise Server 11 or higher

● OpenSUSE 11 or higher

● Fedora 15 or higher

● Debian 5.0 or higher

● Amazon Linux AMI

Mac OSX Operating Systems

● Mac OS X Sierra (10.12.x)

● Mac OS X El Capitan (10.11.x)

● Mac OS X Yosemite (10.10.5)

● Mac OS X Mavericks (10.9.5)

● Mac OS X Mountain Lion (10.8.5)


Supported Browsers

● Internet Explorer 8+

● Mozilla Firefox 30+

● Google Chrome 34+

● Safari 4+

● Microsoft Edge 20+

● Opera 21+

 

Ports

80 (HTTP) / 443 (HTTPS)Port used to access the Control Center web console. Bitdefender Cloud Antispam Detection Service
8080 Update Server port.
443 (HTTPS)Port used by client software to connect to the Communication Server.
7074 (HTTP)Update Server port
53 (UDP)Port used for Realtime Blackhole List (RBLs)

Permalink


Backups (2)

Frequently Asked Questions about our Acronis hosted Backup services

Why back up Office 365 mailboxes?

Even though Microsoft Office 365 is a cloud service, regular backups provide an additional layer of protection from user errors and intentional malicious actions. You can recover deleted items from a backup even after the Office 365 retention period has expired. Also, you can keep a local copy of the Office 365 mailboxes if it is required by a regulatory compliance.


What do I need to back up the mailboxes?

To back up and recover Office 365 mailboxes, you must be assigned the global administrator role in Microsoft Office 365.

Install Agent for Office 365 on a Windows machine that is connected to the Internet. There must be only one Agent for Office 365 in an organization (customer group). The agent must be registered under the customer administrator account.

What items can be recovered?

The following items can be recovered from a mailbox backup:

  • Mailboxes
  • Email folders
  • Email messages
  • Calendar events
  • Tasks
  • Contacts
  • Journal entries
  • Notes

You can use search to locate the items.
When a mailbox is recovered to an existing mailbox, the existing items with matching IDs are overwritten.
Recovery of mailbox items does not overwrite anything. The mailbox items are always recovered to the Recovered items folder of the target mailbox.

Limitations

  • Archive mailboxes (In-Place Archive) cannot be backed up.
  • Recovery to a new mailbox is not possible. You must first create a new Office 365 user manually,  and then recover items to this user’s mailbox.
  • Recovery to a different Microsoft Office 365 organization or to an on-premises Microsoft Exchange Server is not supported.

Permalink


Selecting Office 365 mailboxes to backup

1. Select the mailbox you wish to backup:

365backup image

 

 

 

 

2.Select “Backup”:

Menu 365backup image

 

 

 

 

 

 

 

 

 

From here select your required backup options and save.

3.Once complete your backup plan will appear on the right hand side of the portal:

Backup 365 Image

 

 

 

 

 

Recovering Office 365 mailboxes and mailbox items

1. Click Microsoft Office 365.

2. Select the mailbox to recover, and then click Recovery.

You can search mailboxes by name. Wildcards are not supported.
If the mailbox was deleted, select it on the Backups tab, and then click Show backups.

3. Select a recovery point. Note that recovery points are filtered by location.

4. Click Recover > Mailbox.

5. In Target mailbox view, change, or specify the target mailbox.

By default, the original mailbox is selected. If this mailbox does not exist, you must specify the target mailbox.

6. Click Start recovery.


Recovering mailbox items

1. Click Microsoft Office 365.

2. Select the mailbox that originally contained the items that you want to recover, and then click Recovery.

You can search mailboxes by name. Wildcards are not supported.

If the mailbox was deleted, select it on the Backups tab, and then click Show backups.

3. Select a recovery point. Note that recovery points are filtered by location.

4. Click Recover > Email messages.

5. Select the items that you want to recover.

The following search options are available. Wildcards are not supported.

  • For email messages: search by subject, sender, recipient, and date.
  • For events: search by title and date.
  • For tasks: search by subject and date.
  • For contacts: search by name, email address, and phone number.

When an email message is selected, you can click Show content to view its contents, including attachments.

Tip Click the name of an attached file to download it.

When an email message is selected, you can click Send as email to send the message to an email address. The message is sent from your administrator account’s email address.

To be able to select folders, click the “recover folders” icon:

6. Click Recover.

7. In Target mailbox, view, change, or specify the target mailbox.

By default, the original mailbox is selected. If this mailbox does not exist, you must specify the target mailbox.

8. Click Start recovery.

9. Confirm your decision.

The mailbox items are always recovered to the Recovered items folder of the target mailbox.

Permalink


GDPR (3)

GDPR FAQ

GDPR and Data Compliance Summary

Last updated: 25th May 2018.

On 25th May 2018, the European Union’s General Data Protection Regulation (GDPR) takes effect.

The GDPR imposes additional requirements upon companies to strengthen the security around, and enhance the protection of, personal data of EU residents that above and beyond the UK Data Protection Act.

As such, Hightrees Organisation Limited, as a micro/small business feel that it is right to outline our position on GDPR, Data and our understanding of what is required for you, our clients.

 

Due to the nature of our business where we supply services to clients, either directly or via a 3rd party this can be quite complex however we have tried to outline all of the scenarios that are applicable based on the information and guidance available, based on either our interpretation or advice received.

Preparing For GDPR

We’ve revised data protection policies and procedures to meet the requirements and standards of the GDPR and any relevant data protection laws, including but not only:

We have revised our Privacy Policy to comply with the GDPR, ensuring that all individuals whose personal information we process have been informed of why we need it, how it is used, what their rights are, who the information is disclosed to and what safeguarding measures are in place to protect their information.

We have also revised our Terms and Conditions to comply with the GDPR

Legal Basis for Processing – We have looked at our processing activities to identify the legal basis for processing and ensuring that each basis is appropriate for the activity it relates to. Where applicable, we also maintain records of our processing activities, ensuring that our GDPR obligations are met

Obtaining Consent – We have revised our consent mechanisms for obtaining personal data, ensuring that individuals understand what they are providing, why and how we use it and giving clear, defined ways to consent to us processing their information.

Data Protection Impact Assessments (DPIA) – Where we process personal information that is considered high risk, we have developed procedures for carrying out impact assessments that comply fully with the GDPR.

Our Commitment regard Data Protection/Privacy

Security of both information and privacy are one of Hightrees Organisation Limited.’s most important assets. It is vitally important that you have confidence in how we handle your personal data.

We will always try to ensure that we comply with the GDPR as a processor and controller of data as we understand it, after all you, as a client, are our important assest !

When acting the role as Data Controller.

Hightrees Organisation Limited are responsible for implementing appropriate measures to ensure and demonstrate that any data processing is performed in compliance with GDPR. The measures in place may be technical and organisational based or a combination.

When acting the Role as Data Processor

Hightrees Organisation Limited are responsible for implementing appropriate technical and organisational measures to meet the requirements of GDPR. This means ensuring a level of security appropriate to the risk, and acting in accordance with the relevant data controller’s instructions.

We are committed to safeguarding your privacy online. We will not knowingly support any use of your information which is illegal or which contravenes the laws or common practice in the country of your origin.

Hightrees Organisation Limited will try to ensure that your privacy is protected and that there is transparency with regard to the processing of your information. If we ask you to provide information by which you can be identified, then this will only be used in accordance with this statement.

Roles and 3rd Parties

Hightrees Organisation Limited is a Data Processor and as being in such role means that we process data on behalf of a Controller, I.e you, our client.

As a client of Hightrees Organisation Limited, you operate as the Data Controller when using our products and services. You have the responsibility for ensuring that the personal data you are collecting is being processed in a lawful manner and that you are using processors that are committed to handling the data in a compliant manner.

To supply the services that we offer to you, the client, we work with other sub-processors and we try to adhere to article 28 when working as a processor and/or interacting with other sub-processors.

A sub-processor includes any third party that we share personally identifiable info with.

B&P Interactive Ltd
https://www.bpweb.net/privacypolicy.pdf

TelAppliant
https://www.telappliant.com/privacy-policy/

GiaCom
Awaiting Link

UKReg
https://www.fasthosts.co.uk/terms/privacy-notice

TeamViewer

https://community.teamviewer.com/t5/Knowledge-Base/TeamViewer-and-GDPR/ta-p/33344

MailChimp

https://kb.mailchimp.com/accounts/management/about-the-general-data-protection-regulation

Our Privacy Policy

Our public Privacy Policy sets out how we handle data including how we collect, store and use personal data and sensitive personal data, our lawful bases for processing personal data, information on transfers outside the European Economic Area (EEA), as well as the rights of data subjects, including the right to withdraw consent. We also use fair collection/ processing notice at key data capture points. This notice includes information, and consents where applicable, at the relevant data capture point.

View our GDPR Privacy Policy

What We Do With Information We Collect

Hightrees Organisation Limited., as a IT company, is committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have already put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect.

We will collect and look after your data for the purpose of delivering services, passing on information to you that you have requested and to correspond with you about our the services we offer.

We will never pass your information to any external party outside of Hightrees Organisation Limited. unless required by law to do so or is required by a 3rd Party sub-processor to supply services to you.

We will never, ever, give, sell or lease your personal information to anyone outside of our organisation.

If you have subscribed to our services, signed up for the newsletter, survey or similar, we will include you on our mailing list for our regular newsletter and occasional news of our services.

You can opt out of this communication permanently at any time.

Your Data Subject Rights

Hightrees Organisation Limited. will always respect your rights that concern the protection of your personal data.

1) Right to be informed

You have the right to be informed about the collection and use of your personal data.

We are obligated to provide you with the following information:

  • the purposes for processing your personal data
  • our retention periods for that personal data

We do not need to provide you with privacy information if you already have them or if it would involve a disproportionate effort to provide it to you.

The information we provide to you will be always concise, transparent, intelligible, easily accessible, clear and easy to understand. We will, of course, be open to feedback on our documents if you feel there is scope for clarification.

We provide individuals with privacy information at the time we collect their personal data from them.

2) Right of Access

You have the right to access your personal data and supplementary information. This right allows you to be aware of and verify the lawfulness of the processing.

You have the right to obtain:

  • confirmation that your data is being processed
  • access to your personal data; and
  • other supplementary information – this largely corresponds to the information that is provided in our Privacy Policy

We are obligated to provide a copy of the information requested. We will verify the identity of the individual making the request, using “reasonable means”. If the request is made electronically, we will provide the information in a commonly used electronic format.

3) Right to Rectification

Personal data is inaccurate if it is incorrect or misleading. You have the right to have inaccurate personal data rectified, or completed if it is incomplete.

When a request is made, Hightrees Organisation Limited will verify the identity of the individual making the request, using ‘reasonable means’. If the request is made electronically, we will provide the information in a commonly used electronic format.

If we receive a request for rectification, we will take reasonable steps to confirm that the data is accurate and to rectify the data if necessary based on the information provided by the data subject.

4) Right to Erasure

You have the right to have personal data erased, otherwise known as the “right to be forgotten”.

The right is not absolute and only applies in certain circumstances.

If you no longer want to use our services and you want your personal information to be erased, you may request it by contacting us at any time.

It should be noted that Hightrees Organisation Limited may not be able to fulfill these requests when they conflict with legal circumstances and requirements that we are obligated to adhere to.

This will be explained to you, if and when, such a conflict arises.

5) Right to Restrict Processing

You have the right to restrict the processing of your personal data in certain circumstances. This means that you can limit the way that we use your data. This is an alternative to requesting the erasure of your data (see above).

Hightrees Organisation Limited will endevour to respond to a request for restriction as soon as possible.

5) Right to data portability

The right to data portability allows you to obtain and reuse your personal data for your own purposes across different services.

It allows you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability.

The right to data portability only applies:

  • to personal data you have provided to a controller
  • where the processing is based on your consent or for the performance of a contract
  • when processing is carried out by automated means.

We are obligated to provide the personal data in a structured, commonly used and machine readable form. Open formats include CSV files. Machine readable means that the information is structured so that software can extract specific elements of the data. This enables other organisations to use the data.

The information provided is free of charge.

If you request it, we may be required to transmit the data directly to another organisation if this is technically feasible. However, we are not required to adopt or maintain processing systems that are technically compatible with other organisations. This only relates only to your personally identifiable data.

6) Right to Object

You have the right to object to:

  • processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling)
  • direct marketing (including profiling)
  • processing for purposes of scientific/historical research and statistics

You must have “grounds relating to your particular situation” in order to exercise your right to object to processing for research purposes.

We are obligated to halt processing personal data for direct marketing purposes as soon as we receive an objection.

7) Rights related to automated decision making including profiling

Automated individual decision-making is a decision made by automated means without any human involvement. It does not have to involve profiling, although it often will do.

We do not currently use your personal data to make automatic decisions about you. If this changes in the future you will be notified.

How You Can Exercise Your Rights

You are always welcome to get on touch with us about your rights concerning the protection of your personal data.

We only accept written requests since we cannot deal with verbal requests immediately without first:

  • analysing the content of the request; and
  • Adequately verifying your identity.

Your request should contain a detailed, accurate description of which right you want to exercise.

We will respond to your request without delay and at the latest within one month of receipt.

We will extend the period of compliance by a further two months where requests are complex or numerous. If this is the case, we will inform you within one month of the receipt of the request and explain why the extension is necessary.

We do not charge a fee to comply with your request.

How To Contact Us

If you have any questions about our stance on data protection matters generally or how we process personal data, please refer to our Privacy Policy.

If you have any questions regarding our implementation of GDPR requirements, please feel free to contact us by:

  • using Contact Us section of our website
  • sending email to info@hightrees.org

(more…)

Permalink


Privacy Policy

Last updated: 25th May 2018.

Hightrees Organisation Limited, has made information security and data privacy, core principles of every step we take when dealing with data.

Our Services

Our core business services include, but are not limited to:

  • Web hosting
  • Email hosting
  • Domain registration
  • WordPress support and management
  • Technical Support
  • VoIP Telephony
  • IT Consultancy
  • Backup Solutions

Our privacy policy relates to the services we offer whether they are listed here or not.

So what is Personal Data ?

Personal data is any information that relates to an identified or identifiable living individual.

When different pieces of information are collected together, this could lead to an individual being identified, which would also constitute personal data in our opinion.

Personal data is subject to the protection requirements as outlined by GDPR.

Some examples of data that are considered personal data are :

  • a name and surname
  • a home address
  • an identifiable “name based” email address such as name.surname@yourcompany.com
  • an identification card number
  • an IP address
  • a cookie ID

Examples of data not considered as personal data:

  • a company registration number as this relates to a Business/Organisation not an individual
  • a generic email address such as info@yourcompany.com

Privacy Notice

This Privacy Notice is to help you understand and explain what Personal Data we might collect, why we collect it, and what we do with it. It also describes the choices available to you with regard to the use of your Personal Data and how you can access and update this information.

To try and simplify this, Hightrees Organisation limited has broken this down as the following

  • individuals/businesses visitors to our website – “Visitor”
  • the individuals/businesses that purchase or use our services – “Customer”
  • individuals/businesses that register with our website or for our services – “User”.

We have adopted the following principles to govern use, collection, and transfering of Personal Data, (unless specifically outlined in this Policy or as required/overwritten by applicable laws/regulations.)

  • Personal data will only be processed fairly and lawfully
  • We do not collect any more personal data than is necessary to provide the services that you require.
  • We only use your personal data for the purposes we specify in this Privacy Notice, unless you agree or have notified us otherwise
  • We do not keep your personal information if it is no longer needed
  • We do not sell, distribute or share your personal information with third parties
  • You can have your data updated at any time
  • You can remove your data at any time
  • You can request a copy of the data we store on you at any time
  • Personal data is securely stored and managed

It should be noted that whilst and IP address may not be submitted by you directly, this information will be stored in logs by email servers, web servers, VoIP Servers etcs for logging, monitoring and security purposes. These logs are rotated and deleted on a regular basis. IP addresses are only stored for longer periods of time where abuse of a service has taken place and is used by security software to restrict or block access.

How We Collect Information

We collect and maintain information about our Customers and Users, which may include:

  • First and last name
  • Postal address
  • Contact telephone numbers
  • Website URL
  • E-mail address

In order to communicate with us or to use our services, you may be asked to provide certain personal data in the following ways:

  • By filling in forms (i.e. a “Contact Us” form) on our website or any similar platform where Hightrees Organisation Limited may be conducting business
  • Contacting us via “offline” methods i.e. by telephone, text/SMS, email or post.
  • By downloading or accessing our services that we provide.
  • By subscribing to our newsletters, taking part in surveys, entering any competitions or prize draws run by Hightrees Organisation Limited or similar communications.
  • Interacting with us when using social media platforms, I.e Facebook, Twitter etc.
  • By corresponding with us by phone, e-mail or otherwise using our contact details

The personal data you would typically supply to Hightrees Organisation Limited could include name and email address, and any personal details required to resolve any queires or complaints. Any information gathered from you, as previously mentioned, may be transferred to our internal systems in order to provide a service or follow up on an enquiry.

This data is only used byHightrees Organisation Limited to provide our services efficiently as per your request/query.

This information is not sold or distributed, in any way, to third party providers.

Support and Service

When Customers or Users contact us for support or other “service” requests, we will keep records related to the requests, including any information provided by Customers or Users related to such support or service requests.

How does Hightrees Organisation Limited use your personal data ?

We use personal data provided by you to provide the services and for business purposes such as processing and fulfilling orders, marketing, and for other general business purposes.

Your personal data, will never be made available to any third parties for the purposes of marketing or targeting you, only for provisioning any services that you have requested Hightrees Organisation Limited supply to you.

We will not sell, rent, or exchange your personal data with any third-parties. If this changes in the future, Hightrees Organisation Limited would never do so without your express and explicit permission.

We will use your personal data to :

  • Conduct and develop our business with you
  • Operate, maintain, improve and develop the websites and services (including by monitoring and analyzing trends, access to, and use of the websites for advertising and marketing)
  • Carry out statistical analysis and benchmarking (i.e. Google Analytics for sites pages tracking), provided that in such circumstances it is on an aggregated basis which will not be linked back to you or anyone else
  • Engage and help keep you informed bout our services we offer
  • Provide documentation or communications which you have requested or are applicable to services you have
  • Assist/resolve your queries or complaints that you have submitted to Hightrees Organisation Limited
  • Supply you with the services you have requested/purchased.
  • Send you marketing communications ort technical updates, where it is lawful for us to do so

 

Protecting Your Personal Data

Your Personal Data is private and confidential and as such should be stored securely – this applies to both Hightrees Organisation Limited and you, the client.

Hightrees Organisation Limited recommend that you use a strong and unique password for the accounts or services that you have with us and recommend that any passwords used are not associated with other online services.. You should check your account(s) on a regular basis to ensure that your Personal Data has not been tampered with or altered.

Any suspicious activity regarding your account, including automated messages from parties you cannot identify, should be reported to Hightrees Organisation Limited as soon as possible, using the contact methods below.

We follow generally accepted standards to protect personal data submitted to us, both during transmission and once we receive it.

However it should be noted that no method of transmission over the Internet, or method of electronic storage is 100% secure and as such, Hightrees Organisation Limited cannot 100% guarantee absolute security.

However, we have implemented,or are adopting,measures to help ensure that your personal data is protected. These measures include the prevention of alterating data, ,damage or loss, unauthorised access, and the risks to which data is exposed when it is held by us.

 

Our use of 3rd Services.

Hightrees Organisation Limited use various 3rd party services for the collection, management and processing of our data.

Our commitment to data protection and information privacy demands the use of 3rd party services that are also committed to the same end.

All our 3rd party services are GDPR compliant and will themselves have their own applicable privacy policies.

All such 3rd parties in use currently are listed, and will be updated as and when circumstances change.

Marketing and Newsletters

Where lawful to do so, and subject to your consent, Hightrees Organisation Limited may communicate with you about the services we offer. If you wish to unsubscribe from receiving these kind of communications, you may do so at any time. At the current time, we only use newsletter style marketing on an irregulary basisi.

We do make use of MailChimp to contact all clients regarding business related events. Examples of this style of communication include: downtime, legal requirements, security issues etc.

Although these can be unsubscribed to, these communications may contain important account or service information. Where possible we try to publish this information on our website and via our Social Media channels.

External Links to websites

Our websites, system documentation and or emails may include links to other websites whose privacy practices may differ from ours.. If you submit information to any of those sites, your information is governed by their respective privacy policies. We encourage you to carefully read the Privacy Policy of any website you visit before engaging with them in any way.

Hightrees Organisation can not take responsibility for any interaction you have with 3rd parties or services that are not directly our own/or under our control.

Cookies

Cookies and how we use them

What is a cookie?

A cookie is a small file placed on your computer’s hard drive. It enables our website to identify your computer as you view different pages on our website.

Please see our Cookies Policy Page

Your Rights Under the Personal Data Protection Laws

As our Customer or User, you have the right to:

  • Be informed about the processing of your personal data
  • Object or restrict to processing of your personal data
  • Ask for a copy of the information about the data we store on you at any time.
  • Correct, update, amend, or remove personal data. If you no longer want to use our services, you may request it to be deactivated at any time.
  • Rights in relation to automated decision making which has a legal effect or otherwise significantly affects you
  • The right to complain to the Information Commissioner’s Office which enforces data protection laws: https://ico.org.uk/. You can also contact us using the details below.

Your Responsibilities Under the Personal Data Protection Laws

It is important to note that you also have responsibilities when it comes to Data Protection.

One such important case is where you may request from us a copy of the information about the data we store. We are obliged to ensure that the request is legitimate and does in-fact originate from you.

In this regard, we will undertake steps in an attempt to verify the legitimacy of the request, before releasing such information. If you do not cooperate in this, or we cannot verify your identity, we may not release such information in a timely manner. To act otherwise could represent a significant breach of privacy. As such, we request your full cooperation in this regard – any requests on our part to verify your request will be undertaken solely to protect against breach of your personal information.

Consent Withdrawal

Your consent to process personal data by Hightrees Organisation Limited can be withdrawn at any time by contacting us using the details below. Please note this may have an effect on any services we supply to you.

Automated Decision Making

Hightrees Organisation does not undertake any auomtated decision making processes at this point in time.

Data Retention Period

Data Retention Period is the period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period.

Hightrees Organisation will hold your personal information based on the following guidelines:

  • for as long as we have reasonable business needs, such as managing our relationship with you and managing our operations
  • for as long as we provide services to you
  • retention periods in line with legal and regulatory requirements or best practise style guidance

If none of these criteria apply, we commit to purging any Personal Data no later than 24 months following your latest interaction/exchange with our services.

We are required by law to be able to report financial information for up to 7 years. As such, Hightrees Organisation Limted must retain any pertinent information of these transaction. We do not have any choice to but to refuse any requests to remove this type of information from our records as they are required by law.

Changes to this Privacy Notice

We may change this Privacy Notice from time to time by updating this page in order to reflect changes in the law and/or our privacy practices. We encourage you to check this Privacy Notice for changes whenever you visit our websites.

Our Data Protection Officer

We have Data Protection Officer you can reach any time by using the details below.

How To Contact Us

If you have any questions about this Privacy Notice or complaints about how we process your Personal Data and you want to contact our Data Protection Officer, you can do that by going to the Contact Us section of our websites or call 01264 532024.

We will try to resolve your query soon as reasonably possible.

Permalink


Hightrees Organisation Limited’s website uses cookies which allow websites and applications to store your preferences in order to present content, options or functions that are specific to you. They also enable us to see information like how many people use the website and what pages they tend to visit.

Controlling cookies

You can check your Cookie setting in relation to our website here

My settings

You can use your web browser’s cookie settings to determine how our website uses cookies. If you do not want our website to store cookies on your computer or device, you should set your web browser to refuse cookies.

However, please note that doing this may affect how our website functions. Some pages and services may become unavailable to you.

Unless you have changed your browser to refuse cookies, or have used the toolbar  to restrict which cookies you receive when you visit our website, we will issue cookies when you visit it.

To learn more about cookies and how they are used, visit All About Cookies.

Permalink


Security Awareness Training (1)

FAQ on our Security Awareness Training Software

Our Security Awareness Training Software comprises multiple products that contribute to this goal of driving security awareness:

  • uLearn, our cloud-based security awareness training courses for end users
  • uPhish, our simulated phishing solution
  • uBreach, our email exposure checking tool
  • uPolicy, our policy management solution

These solutions are all brought together by Risk Score, which provides an overall evaluation of your organisation’s current and past human cyber risk.

Permalink


uLearn is a user-focused security awareness training solution that helps organisations drive secure employee behaviour.

Packed with an extensive library of interactive, video and blog-style content, uLearn offers engaging and continuous computer-based training – easily managed through intelligent automation.

With uLearn, you can:

  • Quickly deploy a continuous security awareness training programme
  • Reduce the likelihood of human-caused data breaches
  • Develop a security-minded culture that can combat modern-day threats
  • Cut remediation time and cost caused by internal cyber incidents
  • Aid your efforts in achieving regulatory compliance

Some of uLearn’s key features:

  • Intelligent automation that eliminates repetitive admin tasks and ensures continuous user training
  • Extensive library of infosec, compliance and custom-built courses – with new additions each month
  • Individually-tailored programmes that identify and strengthen the user’s largest knowledge gaps first
  • Bite-sized courses – including video, interactive and blog-style content
  • Easily view user progress from your data-driven dashboard

Permalink


uBreach enables you to quickly identify exposed employee email accounts and identities that have been publicly disclosed online via third-party data breaches.

With billions of credentials present in data dumps, paste sites and hacking forums, employees that sign up to third-party services with their work email address could be leaving your organisation at huge risk of social engineering, business email compromise (BEC) and other damaging attacks.

With uBreach, you can:

  • Identify exposed employee accounts: uBreach identifies accounts that are exposed on paste sites, data dumps and hacking forums
  • Locate what employee data is exposed: Common data includes email addresses, passwords, usernames etc.
  • Help prevent data loss: Locating these at-risk accounts enables you to safeguard users from social engineering and BEC attacks
  • Obtain actionable steps: By using the security awareness software, uLearn, enables follow-up user training on security best practice

How uBreach works

  • Step One: Conducts a deep web search through data dumps, paste sites and hacking forums
  • Step Two: Identifies users that have had account information exposed online
  • Step Three: Collates your users’ results into an easy-to-digest format, accessible from your usecure dashboard

uBreach key features

  • Quick web search enables you to rapidly identity exposed accounts
  • Gathers high-level data (i.e., number of exposed accounts & source of breach) neatly into your usecure dashboard
  • View each user’s exposed data breakdown from their usecure profile
  • 100% free with your subscription

Permalink


uPolicy allows you to easily create and manage your company’s policies.

Having the right policies is essential for protecting your company. Policies help you set out your expectations for your employees in terms of security and their conduct in the workplace, as well as meeting compliance requirements and reducing risks.

With uPolicy, you can:

  • Establish rules, standards and best practices for your employees and workplace
  • Ensure policies have been read and signed by all end-users
  • Contribute to a security culture and build a safe environment at your workplace
  • Aid your efforts in achieving regulatory compliance

uPolicy’s key features:

  • Pick ready-to-go policies for your company: With our library of security policies that meet industry standards you won’t have to waste time writing policies from scratch.
  • Customise policies or create your own: You can customise our policy templates as you wish, or upload entirely new ones to meet your needs.
  • Upload your existing policies: Upload PDF files to transfer your existing policy set to the uPolicy library.
  • Easily send out policies to your end-users: Choose whether to send out policies to all users, individual users, or just to certain groups or departments, and ensure smooth roll out in just a couple of clicks.
  • Manage signing of policies: Once you have sent out your policies for signing, you can see how many users have signed the policy straight from the uPolicy dashboard.

Permalink


uPhish is an intuitive cloud-based phishing software that enables you to quickly assess user vulnerability towards real-world phishing attacks.

With uPhish, you’re able to identify which users are susceptible to both common forms of phishing and highly-targeted forms of ‘spear phishing’.

With uPhish, you can:

  • Accurately determine user vulnerability towards phishing
  • Identify users that need urgent phishing awareness training
  • Reduce the likelihood of users falling victim to future phishing attacks
  • Develop a security-minded culture in your organisation

Key features of uPhish:

  • Automated phishing (AutoPhish): uPhish can deploy regular phishing simulations with our new ‘AutoPhish’ feature – allowing you to assess user performance over time.
  • Realistic template library: Discover a library of phishing emails and landing pages impersonating trusted organisations, banks and more.
  • Create custom emails and landing pages: Craft your own simulated phishing campaigns, impersonate internal communications and more.
  • Inline training: Automatically send out additional training content to users who become compromised in phishing simulations.
  • Real-time tracking: See how your users interact with your simulations in real-time, giving you a key insight in how users will perform during a real attack.
  • In-depth reporting: View the individual performance of your users or assess your organisation in departments or as a whole – with custom reporting.

Permalink


Risk Score is a way to visualise the human threat to your organisation. It includes both an individual Risk Score for each of your users, and an overall Risk Score for your company.

What is the benefit of Risk Score?

Risk score allows you to assess the level of human error that your end-users are likely to commit. It allows you to gain an understanding of the general level of security awareness present in the organisation, as well as providing you a breakdown by group or department. This helps you assess whether training has been effective, and prioritise the most imminent gaps in awareness.

How is Risk Score calculated?

Currently (as of November 2019) Risk Score is calculated using uLearn performance. Course performance data is calculated to display an individual Risk Score for each user, as well as being aggregated together in the overall Risk Score to show a holistic overview of your organisation’s level of human risk.

What do the scores mean?

The Risk Score algorithm sorts all users into three categories: Low, Medium and High.

  • A user with a Low Risk Score has performed well in their training and has a good level of security awareness.
  • A user with a Medium Risk Score has had moderate success in their training and may be more likely to make security mistakes.
  • A user with a High Risk Score has a lower level of security awareness and is likely to need extra training and guidance to reduce the possibility of human error in situations where security is at stake.

Permalink


uLearn (1)

FAQ on uLearn – user-focused security awareness training

uLearn is a user-focused security awareness training solution that helps organisations drive secure employee behaviour.

Packed with an extensive library of interactive, video and blog-style content, uLearn offers engaging and continuous computer-based training – easily managed through intelligent automation.

With uLearn, you can:

  • Quickly deploy a continuous security awareness training programme
  • Reduce the likelihood of human-caused data breaches
  • Develop a security-minded culture that can combat modern-day threats
  • Cut remediation time and cost caused by internal cyber incidents
  • Aid your efforts in achieving regulatory compliance

Some of uLearn’s key features:

  • Intelligent automation that eliminates repetitive admin tasks and ensures continuous user training
  • Extensive library of infosec, compliance and custom-built courses – with new additions each month
  • Individually-tailored programmes that identify and strengthen the user’s largest knowledge gaps first
  • Bite-sized courses – including video, interactive and blog-style content
  • Easily view user progress from your data-driven dashboard

Permalink


uBreach (1)

FAQ on uBreach – Identify data exposed by data breaches

uBreach enables you to quickly identify exposed employee email accounts and identities that have been publicly disclosed online via third-party data breaches.

With billions of credentials present in data dumps, paste sites and hacking forums, employees that sign up to third-party services with their work email address could be leaving your organisation at huge risk of social engineering, business email compromise (BEC) and other damaging attacks.

With uBreach, you can:

  • Identify exposed employee accounts: uBreach identifies accounts that are exposed on paste sites, data dumps and hacking forums
  • Locate what employee data is exposed: Common data includes email addresses, passwords, usernames etc.
  • Help prevent data loss: Locating these at-risk accounts enables you to safeguard users from social engineering and BEC attacks
  • Obtain actionable steps: By using the security awareness software, uLearn, enables follow-up user training on security best practice

How uBreach works

  • Step One: Conducts a deep web search through data dumps, paste sites and hacking forums
  • Step Two: Identifies users that have had account information exposed online
  • Step Three: Collates your users’ results into an easy-to-digest format, accessible from your usecure dashboard

uBreach key features

  • Quick web search enables you to rapidly identity exposed accounts
  • Gathers high-level data (i.e., number of exposed accounts & source of breach) neatly into your usecure dashboard
  • View each user’s exposed data breakdown from their usecure profile
  • 100% free with your subscription

Permalink


uPolicy (1)

FAQ on uPolicy – easily create and manage your company’s policies

uPolicy allows you to easily create and manage your company’s policies.

Having the right policies is essential for protecting your company. Policies help you set out your expectations for your employees in terms of security and their conduct in the workplace, as well as meeting compliance requirements and reducing risks.

With uPolicy, you can:

  • Establish rules, standards and best practices for your employees and workplace
  • Ensure policies have been read and signed by all end-users
  • Contribute to a security culture and build a safe environment at your workplace
  • Aid your efforts in achieving regulatory compliance

uPolicy’s key features:

  • Pick ready-to-go policies for your company: With our library of security policies that meet industry standards you won’t have to waste time writing policies from scratch.
  • Customise policies or create your own: You can customise our policy templates as you wish, or upload entirely new ones to meet your needs.
  • Upload your existing policies: Upload PDF files to transfer your existing policy set to the uPolicy library.
  • Easily send out policies to your end-users: Choose whether to send out policies to all users, individual users, or just to certain groups or departments, and ensure smooth roll out in just a couple of clicks.
  • Manage signing of policies: Once you have sent out your policies for signing, you can see how many users have signed the policy straight from the uPolicy dashboard.

Permalink


uPhish (1)

FAQ on uPhish – enables you to quickly assess user vulnerability towards real-world phishing attacks

uPhish is an intuitive cloud-based phishing software that enables you to quickly assess user vulnerability towards real-world phishing attacks.

With uPhish, you’re able to identify which users are susceptible to both common forms of phishing and highly-targeted forms of ‘spear phishing’.

With uPhish, you can:

  • Accurately determine user vulnerability towards phishing
  • Identify users that need urgent phishing awareness training
  • Reduce the likelihood of users falling victim to future phishing attacks
  • Develop a security-minded culture in your organisation

Key features of uPhish:

  • Automated phishing (AutoPhish): uPhish can deploy regular phishing simulations with our new ‘AutoPhish’ feature – allowing you to assess user performance over time.
  • Realistic template library: Discover a library of phishing emails and landing pages impersonating trusted organisations, banks and more.
  • Create custom emails and landing pages: Craft your own simulated phishing campaigns, impersonate internal communications and more.
  • Inline training: Automatically send out additional training content to users who become compromised in phishing simulations.
  • Real-time tracking: See how your users interact with your simulations in real-time, giving you a key insight in how users will perform during a real attack.
  • In-depth reporting: View the individual performance of your users or assess your organisation in departments or as a whole – with custom reporting.

Permalink


Risk Score (1)

FAQ on Risk Score – a way to visualise the human threat to your organisation

Risk Score is a way to visualise the human threat to your organisation. It includes both an individual Risk Score for each of your users, and an overall Risk Score for your company.

What is the benefit of Risk Score?

Risk score allows you to assess the level of human error that your end-users are likely to commit. It allows you to gain an understanding of the general level of security awareness present in the organisation, as well as providing you a breakdown by group or department. This helps you assess whether training has been effective, and prioritise the most imminent gaps in awareness.

How is Risk Score calculated?

Currently (as of November 2019) Risk Score is calculated using uLearn performance. Course performance data is calculated to display an individual Risk Score for each user, as well as being aggregated together in the overall Risk Score to show a holistic overview of your organisation’s level of human risk.

What do the scores mean?

The Risk Score algorithm sorts all users into three categories: Low, Medium and High.

  • A user with a Low Risk Score has performed well in their training and has a good level of security awareness.
  • A user with a Medium Risk Score has had moderate success in their training and may be more likely to make security mistakes.
  • A user with a High Risk Score has a lower level of security awareness and is likely to need extra training and guidance to reduce the possibility of human error in situations where security is at stake.

Permalink