What's New in MyCompliance

Introducing Multi-Factor Authentication (MFA) via Authenticator App. This solution enhances the security of email-based users by requiring a second form of authentication beyond just a password.

1. MFA Settings Customisation:
   • Admins can enable MFA through a dropdown setting under Company Edit.
   • Options include:
     1. MFA Disabled
     2. MFA for privileged users only (e.g., admins, non-end users)
     3. MFA for all users
2. Authenticator App for MFA:
   • Users will complete MFA by entering a unique code generated by an authenticator app after providing their username and password.
3. Seamless Registration & Login Flow:
   • Once MFA is enabled, users will be prompted to register their authenticator app during their next login.
   • Future logins will include an easy-to-follow MFA step, ensuring a secure and streamlined experience.

More info here

We’ve made it easier for global organisations to deliver a seamless, localised experience. The platform now automatically detects users’ browser language and adjusts the interface accordingly—no manual setup required.

Key Benefits:

• Streamlined Onboarding: Users see their preferred language from the start.
• Time Savings: Eliminates the need for manual language selection.
• Improved Usability: A localised interface enhances navigation and engagement.

This update ensures a smooth, consistent experience for global users, empowering organisations to better serve their international teams.

More info here

The Risk Score Calculation Time Period feature allows administrators to define the period of time considered when calculating user risk scores. This feature ensures that valuable historical user behaviour data (risk factors), previously excluded, can now be factored into employee risk scores. By extending the calculation window, organisations gain more accurate and comprehensive insights into user risk.

Key Benefits

• Gain Deeper Insights: By including historical data (up to 3 years), you can uncover long-term trends and behaviours, providing a clearer understanding of user risk.
• Improve Decision-Making: More accurate risk scores enable you to make better-informed decisions on training, compliance strategies, and risk mitigation.
• Address Unrecognised Risks: Ensure long-term non-compliant users and repeated risky behaviours are no longer overlooked.

The MetaEngage Delivery Delay feature allows administrators to control when MetaEngage content, such as Policies, Surveys, and Courses, appears on end users’ desktops after login. This helps organisations prevent interruptions during critical tasks, particularly when users first connect in the morning.

Key Benefits

• Prevent interruptions during critical work hours.
• Deliver content at a controlled time after user login.
• Ensure a smoother user experience without compromising engagement.

We have recently released Google Workspace User Provisioning which automates the onboarding and offboarding of users within the MyCompliance platform. This ensures accurate, up-to-date access control without the need for manual intervention.

Features & Benefits:

• Automated user provisioning & deactivation: Seamlessly add, update, or remove users as they join or leave.
• Reduced administrative overhead: Eliminates manual directory updates, freeing up valuable time.
• Real-time synchronisation: Immediate access control updates to minimise unauthorised access risks.
• Single sign-on integration: Secure logins using Google credentials, improving security and user experience.
• Google Groups & Departments: Ability to target Google Groups with content and report on the users assigned departments.

Why Use It?
Google Workspace User Provisioning automates user management, reducing errors and ensuring secure, up-to-date access control within MyCompliance.

We have now enabled admins to set up automated triggers that enrol new users into previously published courses based on specific conditions.

Features

1. Dynamic Course Enrollment via Triggers
   • Admins can configure rules to enroll new users in courses automatically once conditions are met.
   • Includes a dropdown that lists published (non-campaign) or new trigger courses, ensuring the content is current and applicable.

Benefits

• Maximised Utilisation of Existing Resources
  Ensures previously published courses continue to deliver value by targeting new learners.
• Improved Efficiency
  Saves time by automating user enrolment, eliminating the need for manual assignments.
• Enhanced Learning Coverage
  Guarantees that key risk management topics are consistently delivered to all relevant users.

More info here

We have introduced a new ‘Date of Last Connection’ column in the MetaEngage Clients Report. This update provides administrators with greater visibility into end users most recent connections with the metaengage client, making it easier to identify why some users have not yet received their content.

Admins can now customise the tiles displayed on the user homepage and the MyCompliance Teams App. This feature ensures users see only relevant modules, enhancing focus and engagement with key security and compliance tasks.

Features & Benefits:

• Seamless Experience Across Platforms: When modules are hidden on the homepage, they will also be hidden in the MyCompliance Teams App, providing a consistent and clutter-free experience across both platforms.
• Improved User Focus: By removing irrelevant modules, users can focus on the most critical tasks.

More info here

Buttons on policies will now be grouped into a drop-up menu when they exceed the available screen width. Users can effortlessly view and access all the options in a compact, user-friendly manner, regardless of the number of buttons.

With this enhancement, we address a usability gap, ensuring our PDF viewer meets expectations for accessibility and functionality.

Introducing an automated timing setting for long-term leave user statuses. Admins will now have the ability to set specific durations for long-term leave, ensuring that user statuses are automatically updated when the leave period ends. The system also provides the flexibility to keep users on indefinite long-term leave, with manual reactivation only when needed.

Features & Benefits:

• Automated Status Update: Admins can set a reactivation date for users on long-term leave, allowing the system to automatically update their status after the specified period, eliminating the need for manual follow-up.
• Flexible Leave Duration: Admins have the option to either set a specific leave period or keep the user in ‘long-term leave’ indefinitely, providing flexibility for different types of leave scenarios.

More information here

Localising the user interface & notifications of our MyCompliance Teams App ensures employees worldwide can clearly understand and engage with compliance tasks, reducing errors, boosting completion rates, and improving security awareness across the organisation.

Admins can now rearrange entire sections simply by dragging and dropping during the template creation phase. This eliminates the need to rebuild sections from scratch, saving valuable time and reducing admin workload.

Benefits:

• Streamlined Organisation: Quickly reorder sections without the hassle of recreating content.
• Time-Saving Efficiency: Focus on enhancing course quality rather than managing content structure.

This update simplifies course deployment, helping you build and launch courses more efficiently.

We’re excited to release Risk Score Insights, a new enhancement to the Employee Risk Score feature. This addition offers greater transparency into the user behaviour that is impacting their risk scores.

Key Features:

Administrator Updates

• Detailed Risk Insights: A new ‘View Insights’ button is accessible from the organisational and departmental risk charts for each user, providing admins with clarity on why risk scores are fluctuating.
• Addition of ‘Join Date’: Allows admins to easily identify why some users engagement levels could be low (such as new joiners).

End User Updates

• User Visibility: End users can now see what risk factors and content contribute to their score, with quick access to complete outstanding content to encourage them to reduce their score & increase engagement.
• Revisit Course Option: Users can see quizzes that they have performed poorly on and can revisit the course again to improve their knowledge in that area.
• Tips to Improve Scores: End users will be provided with information on how their scores are calculated along with top tips to help reduce their score.

This update enables admins to make informed decisions to help reduce risk and empowers employees to proactively manage their risk scores. Please see the following articles for more information:

• End User Risk Insights
• Admin Risk Insights

We have made some exciting new user experience enhancements to MetaEngage. These updates are only available on the MetaEngage v2 Client. More info here.

Here’s what’s new:

• Remind Me Later Button: Allowing users quickly snooze the client if they don’t have time to complete.
• Updated Snooze Text: Clearer messaging for users to understand what happens after they snooze the client.
• Enhanced Toast Notification: Displays outstanding content for completion and deadline when the content will ‘lock out’.

To take advantage of these updates, we recommend users restarting their machines (or scheduling a force restart) to ensure they are on the latest version of the client. These updates are only available for customers who have installed MetaEngage Client v2.

We have released a minor update to our privacy module to allow the renaming of the “System” section title across all of the privacy registers.

Benefits

• Clear, accurate labelling
• Improved register management
• Consistent updates across views and exports

Problem
Some customers only use the MyCompliance Teams App for completion of content. Therefore, end users lack visibility into their risk scores and this gap leaves employees unaware of their security risk to the organisation.

Solution
We have released a dedicated area within the MyCompliance Teams to display end users’ risk scores. This ensures immediate visibility without needing to access the platform directly. Risk Score will only be available for customers that have the ‘Admin & End User Dashboard’ enabled.

Features & Benefits

• Risk Score visible within MyCompliance Teams
• Seamless updates from the main platform
• Supports both light and dark modes

Global organisations often face challenges in delivering a seamless user experience and ensuring employees fully engage with compliance platforms and security tasks. Language barriers can hinder understanding of critical information, reduce engagement, and impact the effectiveness of training, policy reviews, and notifications.

To address this issue and improve engagement we have introduced the language bot on the homepage.

• Language Selection Icon: Users can now easily switch the language of the homepage and other pages, improving accessibility and engagement.
• Tailored User Experience: Employees will engage with content in their chosen language, boosting participation and adherence to compliance tasks.

These updates are available on the latest version of MyCompliance Teams App, v4.

We’ve redesigned the Company Edit page to enhance navigation and streamline the user experience, making it easier to manage settings. Key updates include:

• Improved Layout: A new side navigation panel for the Settings, Risk Score and Platform Customisation pages.
• Colour Theme Customisation: Now featuring smaller colour dots for theme selection, with an additional option to choose a theme layout.

These changes ensure smoother navigation and make configuring platform settings more intuitive.

The new Risk Score Customisation feature enables customers to adjust the weighting of key risk factors, including content completion, quiz performance, and phishing simulation interactions, to help ensure the scores better reflects the most critical risks to your organisation.

Key Benefits:

• Tailor risk scoring for a more accurate reflection of employee behaviour.
• Prioritise critical factors such as phishing simulations or training engagement.
• Make informed, data-driven decisions to mitigate insider threats and address knowledge gaps.

For more information, please view the following knowledge articles:

Guidance for customising Employee Risk Scores

Updates to Employee Risk Scores

Organisations had limited visibility into their email suppression lists within the MyCompliance platform, leading to challenges in ensuring that targeted content reaches the right audience. This lack of transparency increases the risk of non-compliant conversations.

We are introducing the Suppression List report, designed to empower security leaders and their teams by providing direct access to AWS email suppression lists within the MyCompliance application (registration and content notification emails – not phishing emails). This feature enhances transparency, streamlines processes, and enables proactive management of email deliverability issues. More info here 

We’ve extended the maximum delay between steps in a triggers campaign from 5 days to 30 days. This update allows admins to create longer campaigns, such as onboarding sequences or high-touch campaigns for users who require more guidance which are crucial for reinforcing training and improving compliance over time.

Additionally, the ‘preview’ function has been added to the first step of the campaign, allowing admins to easily review the content before it is deployed.

Admins now have the flexibility to delete fusion templates before they’ve been published. This enhancement allows for more control and reduces potential clutter from unused templates.

We’ve enhanced the user experience by giving Cyber Police a dedicated and prominent space in the ‘Not Typical eLearning’ tile on the Teams app homepage. This change not only makes the content easier to find but also encourages engagement with more dynamic, story-driven security training.

Problem – Admins were finding it difficult to manage reminder emails effectively due to the lack of flexibility over reminder frequency and timing. These limitations made it hard to align reminder systems with internal compliance standards and escalation processes, which is critical to managing human risk.

Solution – We are introducing enhanced customisation for reminder emails, providing you with full control over when and now, how often they are sent.  With this update, you can adjust reminder frequencies to weekly, bi-weekly or monthly. This flexibility allows you to align reminders with your organisation’s compliance criteria.

Value – Our admins understand the importance of timely, relevant reminders in driving compliance and reinforcing security behaviours. This update gives you the flexibility and control needed to optimise engagement with training programs that are crucial to reducing human risk.

We have introduced ISO 27001:2022 as a new category, allowing customers to assign policies and other content directly to the latest ISO standard. This ensures clear organisation and documentation of compliance efforts, which is critical during ISO audits. The ISO 27001:2013 category will remain available to support existing content. View more.

Features & Benefits:

• Up-to-date compliance: Align policies and content with latest ISO27001:2022, ensuring readiness for audits.
• Seamless integration: Easily assign, filter, and manage content like other standards (NIST, PCI DSS).
• Improved audit preparedness: Simplifies demonstrating compliance via the Category Overview Report, making audit processes faster and more effective.