Strategy

;

If you want to succeed in Australia you can’t just commit to a sales and support presence. Putting down technology roots is vital, especially if you aspire to grow government and financial services sectors.

Since opening in Melbourne in July 2013, Mimecast has experienced strong growth in the region and now it’s time for us to put down deeper roots.

So we’re pleased to confirm we’re in the final stages of preparing local data centers in Australia. This investment is designed to help Australian organizations protect email with security, continuity and archiving cloud services while meeting increased customer demand for local data residency.

The two new identical data centers in separate locations in New South Wales will join a global network of ten data centers in five countries around the world currently serving the email security and data needs of over 13,000 customers and millions of their employees.

Like in the rest of the world, email continues to be the most prevalent business communication tool in Australia, used to collaborate and share information around the world. It’s also used as key record of business activities, subject to increasing compliance, legal and e-discovery requirements, including the Australian Privacy Principles. Meanwhile, tolerance for email downtime is almost zero, yet it’s increasingly under constant attack from a wide range of adversaries.

In short, we believe a very high concentration of Australian businesses most valuable corporate data is held within email. Data loss, leakage or security breaches from email have been shown to have devastating effects. These new data centers will support our mission to support customers in reducing the risk, cost and complexity surrounding email and give employees a better experience too.

Cloud services are growing in their popularity with Australian businesses and Microsoft Office 365 is becoming a popular primary email service. We intend to take advantage of this trend with our suite of complementary cloud services for Office 365. Mimecast helps its customers put in place cloud-on-cloud protection that complements their security and archiving capabilities under Office 365, as well as mitigating a potential single vendor exposure they have in the event of service downtime.

If you’d like to learn more about our plans in Australia, why not come and visit us at AusCERT 1st-5th June. Mimecast is exhibiting at booth S36 and I’ll be presenting ‘Email: The New Frontier in the Defence of Corporate Data’ on Thursday, 4th June 15.25-16.05.

FILED IN

Cyber-criminals don’t discriminate by size when it comes to selecting an organization as a target of attack. In fact, recent high-profile data breaches have taught us that mid- or smaller-sized businesses are often a target of those trying to attack larger organizations, as they are seen as a soft way to infiltrate a supply chain.

This is why midmarket businesses must pay attention to their data security and deal with the same email-related risks as larger enterprises – they need to improve email security, protect data and prevent the threat of new attacks, like spear-phishing. The difference, though, is that many in the midmarket are doing so with limited budget and IT resources.

But midmarket businesses don’t have to sacrifice email and data security because of these restraints. Mimecast helps midmarket organizations get out of the business of running email on multiple point solutions, which is costly, complex and eats up IT resources. We provide best-of-breed security, archiving and continuity services for email in the cloud that allows businesses of all sizes to get the protection they need without prohibitive cost.

This is why we believe Mimecast was recognized by two leading midmarket IT organizations for providing email services in the cloud that meet the specific needs of medium-sized businesses.

Mimecast was named "Best Vendor, Service" at the spring 2015 Midmarket CIO Forum. The awards recognize powerful partnerships between technology vendors and enterprise IT teams that deliver measurable value to the IT organizations. Selected by a panel of CIOs, Mimecast was recognized as a leader in the IT Vendor Excellence category for providing an “established service that has been exemplary in specifically meeting the needs of the midmarket.” In addition, Mimecast was named “Best Midsize Enterprise Summit Newcomer” at Enterprise Summit East 2015 for a “strong market need” for its services.

Sometimes, mainstream media does not recognize fully the contribution the mid and smaller companies make to the economy. In truth, it’s often the most exciting frontier in terms of new business practice and technology adoption. However, it’s also a security battleground that needs a fundamental rethink to keep up with increasingly sophisticated threats. It’s the responsibility of technology providers like Mimecast to meet this threat in partnership with the smaller businesses and organization.

Moreover, I can honestly say, it’s a challenge we’re excited about.

If you'd like to learn more about our email archiving service, which is popular amongst our mid-sized customers, please click here.

FILED IN

In tennis, you never want to commit an unforced error. These are the worst kind of point-costing blunders a player can commit – the completely avoidable, self-inflicted ones that have nothing to do with the skill of the opponent or the excellence of their shot.

Losing to an exceptional opponent is not (really) something a tennis player can control, but losing because of an untimely, unforced error, or a series of them, is a different story.

If you've ever worked in information security, you can probably see the parallel.

Every day, you fight talented opponents of your own – sophisticated cyber-criminals who constantly evolve their methods to exploit any and all vulnerabilities you may have. And every day, you and your peers are losing battles to these criminals, who can exploit both your unforced errors – self-inflicted failures of your cybersecurity technology – and create clever schemes that trick your users.

These attackers have a strong track record – more than half of U.S. small businesses now say they have been victims of a cyber attack, according to the National Small Business Association (NSBA). And an overwhelming majority of these attacks – 91 percent – begin with email-based phishing and elaborate, highly targeted spear-phishing schemes.

These attacks are so effective because of the simple fact an IT department can't completely control all of its users, all the time – they're too unpredictable, and it only takes a mistake by one user for a breach to be successful. However, what an IT department can control is the technology it uses to protect its email systems from spear-phishing attacks. Failure to do so is an unforced error that could cost you.

You certainly wouldn't be alone. Secure Mentem President Ira Winkler, speaking at RSA Conference 2015 in San Francisco, said that even though users get the blame following a successful spear-phishing attack, it's usually a failure of technology that allows the socially engineered email bait to arrive in their inboxes in the first place.

Technology should be your first – and second, third and beyond – line of defense. If a malicious email is neutralized by your spear-phishing defenses long before it even reaches your employees' inboxes, they won't even have a chance to facilitate the attack unknowingly – users can't click on links or download attachments that they never see.

That's where Target Threat Protection (TTP) comes into play. With this technology in place, CIOs, CISOs and IT department heads gain the peace of mind that their users are protected against targeted spear-phishing attacks. Even if – or perhaps, when – a user clicks on the wrong link or downloads the wrong attachment, IT departments will know they have a fail-safe in place to end the attack before it spreads.

As Winkler said during his RSA session, "there is no such thing as a perfect countermeasure," and he's right. But TTP will reassure you that you have the technology you need to create a first line of defense.

To learn more, please see our new whitepaper, "The Spear-Phishing Attack Timeline" which walks through the stages before, during and after a spear-phishing attack and provides a minute-by-minute look at how these attacks can be prevented.

FILED IN

A few weeks ago, I made a trip across the pond to one of the biggest U.S. security events of the year, the RSA Conference. The 400+ exhibitors pulled out all the stops, unveiling new products, displaying elaborate booth décor and giving away all sorts of prizes.

Attendees that stopped by Mimecast’s booth had the opportunity to spin a prize wheel for any number of giveaways, ranging from an American Express gift card to a golf tee, along with learning more about our recently-launched Secure Messaging service. At RSA, the market need for Secure Messaging was validated by the positive conversations we had with booth-goers and media and analyst influencers, including this one I had with ISMG Editor Tom Field.

There were a few recurring themes I noticed during conversations at the show, including during a keynote given by Microsoft’s Corporate VP of Trustworthy Computing, Scott Charney. For one, companies continue to see the value and benefits of migrating data to a third-party cloud provider. At the same time, though, they demand a certain level of control over their data and security measures. Scott likened this feeling to some people’s tendency to drive their own car to their desired destination, as opposed to flying there. In order to help companies strike a balance, the industry calls for complete transparency and “technically enforced trust boundaries.”

This sentiment is not unlike how we’ve designed Secure Messaging. With it, companies can set certain policies, such as a date in which a message will expire or a rule against the recipient being able to print a message. Visibility is also key, so we’ve made it easy for senders to track who’s read their messages and even recall them, if required. In addition, the message never leaves the Secure Messaging portal, so the sender retains control of the data the entire time.

Further to what Scott spoke about, and as re-affirmed in our Secure Messaging service, control is not just critical for helping IT administrators sleep soundly at night. It is control that allows companies to keep tabs on who has access to their data and lessen the chances that they are a victim of a breach. The trick here, though, is to not sacrifice the user experience in the process – for example, an employee should be able to send a secure email from his or her inbox without any clunky, productivity-hindering extra steps. 

As was mentioned more than once at RSA, hackers are only becoming more advanced. It’s the industry’s job to adapt and innovate in order to mitigate the risk of malicious attacks, both for the protection of our data and our customers’ data.

If I didn’t get the chance to catch up with you this time around feel free reach out to me via LinkedIn or Twitter.

FILED IN