Software Releases

2LRN4 is hosted at AWS in Ireland.

2LRN4 is pronounced as "To learn for", learning for...

Our employees are continuously trained on security and privacy risks. They regularly have to do phishing simulations and use unique strong passwords and store them in a digital vault (password manager). Multi-factor authentication (MFA) is enforced and access to the systems is immediately denied upon termination of employment.

The 2LRN4 security awareness platform can serve as the knowledge part of your security awareness program. It provides employees with ongoing knowledge of privacy and security risks.

The 2LRN4 platform delivers 12 courses per year, so after two years you have had 24 courses and after three years 36 courses. This gives you the option to give employees a monthly course. This is an important strategy, because employees spend a lot of time on the subject with little effort. In the course we show the privacy and security risks in a business and private environment. As a result, employees recognize these risks much faster, and at the same time we show that they must always remain alert.

We distinguish ourselves because you can adapt our platform to your security awareness program. You can

Our online courses are risk-based and contain all common security and privacy risks, without being too technical .

With a three-year contract, we provide a platform with 36 courses on current security and privacy risks. More than 150 modules in total. You can make these courses even more relevant for employees and organization by adding your own content.

The content consists of videos, e-learning modules, documents, tests, surveys and everything you can add yourself. The courses consist of at least videos, e-learning and a test.

We can create custom content according to your wishes and budget for different target groups. In addition, you can select different courses for different departments on our platform.

It is very easy to add your own content such as videos, documents, presentations, webinars, tests and surveys. With a link to Microsoft Sharepoint or Google Drive you can also ensure that the version on 2LRN4 is always the latest version. For example, if you add the policy to the course.

On the 2LRN4 platform you get the content spoken, written and subtitled in the same language. Our goal is to make all European languages available on our platform. But at the moment it is available in Dutch, English, German, French, Spanish, Portuguese, Italian and Greek. We are working hard on the Northern European languages and then the Eastern European languages will follow. We can add other languages for your organization in consultation.

We can put together a beginners training as a kind of baseline measurement, because the level of the beginner is different in every organization, we put this together with the customer.

The tests we provide as standard are based on the content of the course. When you add content yourself, you have the option to supplement the test or to create an extra test. You can also change the existing questions and answers to make it relevant to your organization. If an answer says: "Call the helpdesk" and it is called the ICT servicedesk, you can change this.

We have different dashboards. This depends on the role you have on the platform. As a user you can see what you have done and what you still need to do. As a user, you will find on the dashboard how many courses you are registered for and how many activities you still have to do. You can go directly to the course via your dashboard. Here you will also find your points and rewards that you have earned with the keys and the badges that you have collected. This is also the place where you can download certificates. As an administrator, you have an extra dashboard that provides direct insight into the status of the awareness program. You can download the graphs for your presentation to the management.

We offer many standard reports with different data that you can also filter to meet your specific needs. Think of reports per user, course, department and, if the manager field is filled in in the Active Directory, also per manager.

Once you have purchased the Flexible package, you can schedule and send various phishing campaigns to users, departments or the entire organization. When you have purchased the Freedom package, you can also create phishing campaigns yourself.

Several e-mail templates are available on the platform where you as an organization have total control over which e-mail is sent out when and with which text. To prevent users from being inundated with e-mail, we advise you to do so on the support page that deals with this topic.

You can ask your question via the web form or email, but most users will find their answers in the support drop-down menu. If the answer is not listed, they will automatically be directed to a web form.

To stimulate and motivate employees, the 2LRN4 platform has the option to assign badges and rewards. Whether and when a user receives this depends on the organization. As an organization you decide for which parameter / trigger something is given. For example, a badge can be given if someone does a first activity or participates in a webinar, etc. A reward can be given, for example, if someone has achieved a certain number of points. These points form the basis of the leaderboard. All badges and rewards can be changed to match your own corporate identity. You can also switch off all gamification if this is not your thing.

Certificates can be awarded to encourage employees. Whether and when a user receives this depends on the organization. As an organization you determine whether the certificate is given for a single course, for a number of courses, for a category of courses or for an entire year. What the certificate looks like, what text is on it and where it is on the certificate, is of course also up to you. We have already uploaded some examples that you can use or adapt. But of course you can also use your own certificate.

When the colors and logos match the house style, this ensures a good user experience. You can of course also adjust this yourself as an administrator. House style at 2LRN4 goes further than just adding a logo and house style colours. On the 2LRN4 platform you can adjust all texts yourself, change the e-mail templates and make the password policy the same as that of the organization. By default, the platform is already delivered in the house style, so that you can get started quickly.

Every second counts when it comes to user acceptance of an online platform. Even small delays affect user motivation and have a negative impact on your security awareness program. Single Sign On (SSO) helps to reduce these negative influences. Because users are already logged in with their company account on their computer, SSO prevents them from having to log in again. Research shows that a large proportion of users drop out when they have to log in (again) and have forgotten their password. Employees don't have the time or patience to log into each platform individually. They appreciate not having to remember a different password for each system. It also improves security. Since the authentication does not take place on the platform. As an administrator, you can configure the link yourself on the 2LRN4 platform. Check the support page for the manual.

For the most seamless integration, we recommend providing your 2LRN4 environment with Active Directory synchronization. As a result, you have no extra management effort. Accounts are automatically created on the 2LRN4 platform if they do not already exist. And they get direct access to the courses that are linked to the department they fall under. They will be notified by e-mail for which courses they are registered. The synchronization works in one direction only from Azure AD to 2LRN4 and not the other way around. When you make a user inactive on the Active Directory, it will be inactive on the 2LRN4 platform after synchronization.

2LRN4 is designed for any size screen (computer, laptop, tablet and phone) as long as there is an internet browser available such as Chrome, Edge, Safari and Firefox.

The system is role-based and has a user, manager, communication, help desk, phishing administrator and administrator role for customers. These roles can be assigned by the customer himself.

Courses can be assigned to different departments and also to different people. This way you can create individual learning paths. Assigning to departments is preferred in large organizations because you can automate this. Assigning to individuals takes more time.

Email templates can be modified by someone with the communication role or the administrator role.

All possible answers are described on our support pages. Our partners will of course help you with the implementation and you can always rely on us. Especially if you are going to link courses to departments for the first time, then we can do that very well together. You can also let us do other (also not common) activities. You can do everything yourself (using the support pages), but you don't have to.

There are two ways to purchase a subscription to the platform: Search our partner page for a reseller and request a quote. Request a demo from us. If you then want to proceed to purchase, we will look for the right partner together, who will provide the quotation.

Both is possible, but we prefer to use your purchasing conditions. We would like to include a paragraph that we remain the owner of the content (media) that we provide. You retain ownership of the content you add.

We have three different packages: With First you get the 12 security awareness courses consisting of 50 modules with basic platform functionality. With Flexible you get the same as with the First package, plus phishing simulation. The Freedom package is the most comprehensive package, where you can do all kinds of integrations with other packages.

No, we only accept bank transfer.

If your purchasing department has a simple form with one of the following questions, we can help you: Company information (address, name, chamber of commerce number, etc.) and bank details

You can book a demonstration through our partners/resellers or directly with us at book a demo. We prefer to talk about our platform all day long, but we also manage to show the highlights in 30 minutes. If you want to see more, book 45 minutes to 60 minutes.

2LRN4 is a product of Cyber Inc. who has established a privacy policy, which specifies the scope of personal information collected, the obligations of the company, the rights of the individual to access, update or delete their personal information, and an up-to-date point of information is documented and clearly communicated to individuals. contact where individuals can direct their questions, requests or concerns.

Both are possible, but we prefer to use your processing agreement, because it has often already been approved by the DPO and lawyers.

We remove customer data containing confidential information from the application environment, in accordance with best practices, when customers leave the service. All data is automatically destroyed immediately after termination of the service. Individual user data is automatically destroyed when the users are deleted.

We have formal retention and deletion procedures in place to guide the safe retention and deletion of company and customer data.

Cyber Inc. has put in place documented processes and procedures for 2LRN4 to ensure that all privacy-related complaints are addressed, and the resolution is documented in the company's designated system and communicated to the individual.

Keeps customer data for the lifetime of a customer account. No historical data is deleted until the customer account and/or individual is deleted.

A privacy policy is available to customers who require it before and/or at the time that information from the individual is collected. Employees receive the privacy policy upon joining

The Privacy Policy will be reviewed as needed or when changes occur and updated accordingly to ensure compliance with applicable laws, regulations and applicable standards.

The data classification policy to ensure that confidential data is properly secured and restricted to authorized personnel.

The infrastructure supporting the 2LRN4 platform is regularly patched as part of routine maintenance. We have set up patch management for this and new relevant CVEs are addressed by the developers.

Backups are made of the entire platform on a daily basis to enable rapid recovery in the event of a disaster. The backup is not suitable for honoring individual requests.

The company's production systems are only remotely accessible to authorized employees. The use of multi-factor authentication (MFA) is enforced for all employees.

Privileged access to the production network is limited to a small number of authorized users. 2LRN4 uses segregation of duties. Roles are defined in the application based on tasks, responsibilities and authorities. Special attention is paid to accounts with high privileges. Access to the production environment is extra secured with a hadware token.

The data is encrypted with AWS Key Management Service (AWS KMS)

Anomalous events are identified that could potentially impact security objectives. In addition, we use infrastructure monitoring tools to monitor systems, infrastructure and performance and respond to alerts when specific predefined thresholds are reached.

Vulnerability scans are performed monthly on the platform. Critical, high and medium vulnerabilities are fixed as soon as possible. When these are fixed we will publish them with the software releases as bug fixes.

The penetration tests are performed at least annually or after major changes by an external party. When these are fixed we will publish them with the software releases as bug fixes. Customer contacts can request access to the latest penetration test.

The data is encrypted with AWS Key Management Service (AWS KMS)

Data transport is encrypted according to up-to-date encryption standards and standard transport protocols. TLS 1.3: lower versions are blocked.

The 2LRN4 platform is protected against ddos attacks by AWS Shield.