Introducing your workforce to Nudge Security can prepare your employees to receive nudges and educate them about how Nudge Security supports your organization's goals. Below, we've provided a sample onboarding letter that you can tailor to suit your organization's needs.
Use this onboarding letter template to introduce Nudge Security to your workforce, explain what it does, and guide employees through their first steps. We recommend sending this shortly after deploying Nudge, either via email or internal comms tools like Slack or Teams.
When to send the communication
Most organizations follow a phased approach:
Weeks 1–2: Set up your app inventory, approval statuses, and rules (alerts only, no nudges).
Week 2–3: Send the workforce communication.
Week 3+: Enable nudges on your rules.
There's no hard rule on timing. Some organizations move faster, others take a month or more - especially if they're aligning with an audit cycle or a compliance deadline.
The key is: don't start nudging people before they know the tool exists.
How much to share
This is a judgment call that depends on your organization's culture. Two common approaches:
Transparent approach. Explain what the tool does, why you're using it, and what people can expect. This works well in organizations with strong trust between IT/security and the rest of the workforce. People appreciate the heads-up and are less likely to be surprised by nudges.
Build trust with transparency
“It's important for me that the security team is not ‘the scary people who have all the information and who knows what they're even doing?’ Tools like Nudge Security that are designed to actually be transparent about what is being collected are really helpful. To me, that is a big piece of building and maintaining trust internally with the security team.”
— Jesse Kriss, Head of Security, Watershed (Read the customer story →)
Lighter approach. Let people know that IT/security is introducing a tool to help manage SaaS usage, and that they may receive occasional emails or Slack/Teams messages asking them to take action on certain accounts. Don't go deep on what data the tool surfaces. This works well in organizations where a detailed explanation might raise more questions than it answers.
Either way, frame the tool as helpful rather than punitive (working with your workforce not against them). Nudge Security is designed to guide people in the right direction, not surveil them.
Where to share it
Pick the channel that reaches your workforce reliably:
Company-wide email - the most common approach.
Team messaging - Slack, Teams, etc. (whichever your organization uses).
All-hands meeting - dedicate a few minutes to introduce the tool and let people ask questions.
A combination - a brief mention at an all-hands with a follow-up email that has the details.
Sample Workforce Onboarding Letter
Subject: Introducing Nudge Security — what to expect
Hi team,
We're rolling out Nudge Security to help us manage and secure the SaaS apps we use across [COMPANY NAME].
What it does. Nudge Security discovers all the cloud and SaaS apps tied to our corporate email addresses. It helps us keep track of approved tools, spot security risks, and stay on top of things like multi-factor authentication and single sign-on.
What you can do. Everyone in the org can use Nudge Security. You can log in to see a personalized inventory of every SaaS account you've created at [COMPANY NAME]—even ones you've forgotten about—so you can manage your accounts and data responsibly. (Remove this paragraph if you're not enabling end-user access.)
You can also browse the App Directory to find tools that are already approved by the organization and request access directly. (Remove if you haven't set up the App Directory yet.)
What to expect. From time to time, you'll receive "nudges" by email that ask you to take a quick action—like enabling 2FA, telling us about an app that's new to the organization, or switching to an approved alternative. Follow the instructions in the nudge. Most take less than a minute.
We want you to use the tools you need without jumping through hoops—and we want to keep company data safe while you do. If you have questions, reach out to [EMAIL / CONTACT].
Thank you,
[Your name / your team]
Tips for a smooth rollout
Delight users with self-serve access
"The app directory simplifies our access management process in a way that's just amazing. It provides an easy overview for our employees, shows them what applications are approved, and makes it easy for them to request access.”
— Marcus Södervall, Head of Security, Stravito (Read the customer story →)
Expect a few questions. People may wonder what data you can see or whether their personal accounts are being tracked.
Start with a small group if you prefer. Some organizations roll out nudges to IT and security first, then expand to the broader workforce once they've tested the experience.
Let the nudges do the talking. Once you've communicated the tool, the nudges themselves are self-explanatory. You shouldn't need to send repeated communications about Nudge Security - it becomes part of the background.
Don't forget about your onboarding process. The initial communication covers everyone who's already here, but new hires will miss it. Add a brief mention of Nudge Security to your employee onboarding - whether that's a wiki page, an onboarding checklist, or a welcome email from IT. It doesn't need to be detailed: a sentence or two explaining that the company uses Nudge Security to manage SaaS, that they may receive nudges about their accounts, and that they can find approved tools in the App Directory. This way new employees understand the system from day one instead of being confused by their first nudge email.
What's next
With your workforce informed, you're ready to turn on nudge actions in your rules.
Head back to Automations > Rules, edit your existing rules, and add nudge actions where appropriate.
If you haven't already, now is also a good time to deploy the browser extension for real-time browser nudging and richer data collection.
Promote secure, compliant SaaS use
“After introducing Nudge Security’s app directory and giving more context on what apps are approved and what are not, users started already adjusting their access and deleting unnecessary accounts.”
— Alei Salem, Team Lead Security, gridX (Read the customer story →)