Exposure Monitoring provides a comprehensive view of all data breaches affecting your organisation.  The breach data is powered by Have I Been Pwned and is regularly updated with details of new data breaches. Exposure Monitoring will get updates when your users have been involved in a new breach and a notification sent to the admins on the platform.

Enable Exposure Monitoring

1. Log into your MyCompliance account as an administrator 
2. Navigate to Company Edit > Integrations settings 
3. Locate the Exposure Monitoring feature option 
4. Enable the Exposure Monitoring toggle/checkbox and save your changes
   1. Admin - This setting means only Admins will have visibility of all data breaches
   2. Admin & End users - This setting means admins will see all data breaches and end users will see details of their own breaches.
5. Navigate to Exposure Monitoring from the main navigation menu 
6. The system will begin processing your organisation's breach data against all users on the platform

*There is a trial version, which allow Admins to select which users to run the data breaches check against.  Speak to your account team for more detail.

Understand the Breaches data

The main breach table displays detailed information about each incident:

Column Definitions:

• Name: The source platform or service where the breach occurred (e.g., LinkedIn, Twitter, Gravatar)
• Status: Indicates whether the breach is "Active" (requires attention) or "Closed" (historical/resolved)
• Breach Date: The date when the breach originally occurred
• Reported Date: The date when the breach was reported or discovered
• Exposed Accounts: The number of your organisation's employee accounts affected by this specific breach
• Actions: Click the "View" button to access detailed information about the breach

Update Status:

You can update the status of a breach if you feel its not relevant for your organisation.  That could be due to the nature of the breach, the breach date, you have already taken action on this.

The status can be updated for individual breaches or done for multiple by selecting the breach and then select 'Update Status'

Viewing Detailed Breach Information:

To investigate a specific breach:

1. Locate the breach in the table
2. Click the "View" button in the Actions column
3. You'll be taken to a detailed view showing:
   • Complete breach description
   • What data was compromised
   • Which employees were affected

New Breach Notifications

Email alerts allow you to automatically notify platform admin's when employees are identified in a new data breach.

Enable Breach Notifications

1. Navigate to Settings > Notifications > Alerts from the main menu 
2. Select Alert Settings 
3. Scroll to find 'New Breach Involvement'
4. Toggle on 'Enable Breach Notification'

Configure Breach Notification Email

To tailor the breach notification email to your organisation's needs:

1. Navigate to Settings > Notifications > Email Templates
2. Locate the "Exposure Monitoring Notification" template
3. Click to edit the template
4. The following placeholders will update dynamically on the email
   1. Admin user's name
   2. Name of breached organisation
   3. Number of user accounts involved

Create a workflow

Workflows allow you to automate breach response actions, such as enrolling affected employees in security training.  We have included a pre-built workflow template specifically designed for breach response

To create a workflow from the template:

1. Navigate to Workflows from the main menu
2. Click on the "Template Workflows" tab
3. Locate the "Breach Response Training" template
4. Click "Select Action" next to the template
5. Choose "Create From Template"

Template Overview:

The Breach Response Training template is pre-configured with best practice settings:

• Title: Breach Response Training
• Description: Automatically enrol users in remedial security training if they have been involved in a data breach incident within the last 12 months to reinforce security awareness and prevent future occurrences

Configuring the Workflow:

When creating a workflow from the template, you'll see three key sections:

1. When (Trigger):

• Set to: "As soon as"
• This means the workflow activates immediately when conditions are met

2. Check If (Conditions):

• Pre-set to: "User involved in breaches AND within the last 12 months"
• You can adjust the timeframe if your organisation has different requirements

3. Do (Actions):

• Pre-set to: "Enrol user in course"
• Important: Select the specific training course from the dropdown menu
• Choose the security awareness or breach response training course you want affected employees to complete
• We have created content specific to data breaches, which you can ad to your cost - Search for "My Details Have Leaked! What Now"

How it works with Risk Scoring

Breach involvement can be integrated into your overall user risk calculations.  Each breach will add 1 to the users risk score.

Accessing Risk Score Configuration:

1. Navigate to Settings > Company edit from the main menu
2. Select Risk Score
3. Scroll to the "Exposure Monitoring Involvement" section
   1. This will be enabled by default when Exposure Monitoring is Turned on

Understanding the Data Breach Risk Factor:

Data breach involvement is calculated outside of the standard weighting system:

• The system adds 1 point to a user's risk score for each breach they are involved in
• The maximum breach score is 10 points (even if a user is involved in more than 10 breaches)
• This score is added on top of the weighted scores from other risk factors
• This ensures breach involvement has a consistent, measurable impact on overall risk levels
• The risk score will use the 'Breached Date' field to calculate the date of the breach and check if it falls inline with your overall Risk Score Time period (1 or 2 or 3 years)