MetaPhish is a great platform for IT security work in user awareness

A great product, pleased we selected it.

Pros

Really easy to launch quality Phishing tests to the business. Wide range of templates available. The platform makes it easy to set mandatory user training for any user that clicks on the Phishing email.

Cons

There is nothing in the application that we do not like or find difficult to use.

Generally good - cost effective, with a responsive support team.

It's pretty good but there seem to be a lot of missed tricks. Some of the reporting functions are clunky.

Pros

The policies feature is pretty good and the more recent developments. Fusion courses which allows mix and matching of the better out of the box content with our own.

Cons

Older out of the box courses are dull and feature computerised narration that often emphasises the wrong word or pauses in the wrong places - and this undermines the ability for users to get the main point. Out of the box quizes - some of the wrong/right answers are arbitrary and seem designed to catch people out rather than educate. It would be useful if the answers to the questions could be amended. Policy/Course Adoption Reporting functions: data exports don't include the name of the course or policy the report relates to. Can only target courses/policies at OU level or manually-created circulation lists that must be manually maintained. Our OUs are based on physical location rather than department. but the software clearly pulls through the department name from our AD. But it doesn't allow targetting based on department name. Seems to be a missed trick. Automated reminders should be possible to an individual's manager, not just the targetted individual AD sync always seems to be cuasing problems resulting in account issues, policies not being targetted at new users etc. Overall compliance pie charts include all policies/training including the optional ones. Not useful if you have a number of information-only policies in the system. Would be better to have an overall status on mandatory policies as these are the ones that need to be reported on for compliance. Uncompliant user reports only contain people that have recieved all of the reminders.

A useful tool, though has it's limitations

It's a useful tool but if you are not using the admin console on a regular basis then it becomes time consuming as you need to refamiliarize yourself each time - it is not intuitive or obvious how to upload a document or course.

Pros

I like being able to categorize the content making it easier for end user experience and also from a reporting perspective.

Cons

When it comes to uploading a SCORM course, the user has to select "EXIT" (and not just close the screen) in order for the reporting / status of completion to update - this is regularly not done right by user resulting in inaccurate audits, and a lot of manual review drilling into "Adoption".

Policy Compliance made easy!

We* have been using Metacompliance for 3 years now to raise awareness of the organisation's key policies. Before this time we were reliant on staff searching for and reading policies on our intranet site without really knowing whether they had done so. Metacompliance has been hugely important for us to be able to be able to ensure that staff are aware of policies and also to also produce assurances for our regulators and in line with assurance frameworks such as CQC, Information Commissioners Office and Information Governance Toolkit. The team at Metacompliance have been very responsive with regards to any problems or issues we have encountered along the way, resolving them quickly. There is always a friendly and calm voice at the end of the phone when contacting for help, advice and to raise any issues. Any issues are dealt with promptly and efficiently and the team always help us to identify solutions to any problems discovered. The main issue we have encountered in the past is around our Active directory integration and targeting policies to new starters. We are now in the process of implementing the MyCompliance portal alongside Metacompliance to publish our full suite of Policies and are experiencing the same helpful and prompt service from the team that we have been used to. * Provide are a Community Interest Company (CIC) that delivers NHS & local Authority Community services across East Anglia

Pros

Ease of use, excellent customer service, fast results in gaining compliance

Cons

The admin console is a little dated and could do with updating.

Modern, intuitive security product

Great company that has been very willing to engage with us and strives for excellent customer service. The product is flexible and simple to manage via the browser based interface.

Pros

The product allows us to easily create and deploy phish tests to our global user base. Each phish can be highly customised and delivered from numerous domains to provide very realistic attacks. Tracking and tracing which users have been phished is simple and delivery of educational material possible straight from the clicked site.

Cons

Wold like to see more advanced reporting available within the tool but it is easy to extract the base data and build reports outside the system.