Whilst not mandatory, we strongly recommend that you deploy OutThink’s Phishing Reporting Add-In to your employees, rather than using Microsoft’s Add-In or that of an alternative vendor. By using OutThink’s reporting add-in, you close the entire cycle of training, simulation and instant feedback.
- When users spot a phishing simulation and report it, they get instant feedback and score points.
- When users spot another email which is potentially malicious, but not part of your simulations, they again receive instant feedback. They also receive guidance, and are optionally asked to answer a question related to the reasons why they believe the email is malicious. Later, this data is sent to OutThink and influences your overall company risk score and that of the individual employee who reported it.
- It is highly recommended to supplement the analytics collected with this phishing reporting data, so that:
- Resiliency Rate can be properly calculated.
- All of the objective behaviours regarding “emails” are captured, such that the Risk Score of the employee is as accurate as it can be.
There is no reason not to use OutThink’s reporting add-in. It also seamlessly integrates with multiple systems like IronScales, Microsoft Phishing Reporting Add-In (and Microsoft Defender), so that you will not lose any of your current threat analysis and triage capabilities.