Insider threat detection

Insider threat detection with Mimecast

Superior insider threat detection requires new solutions.

Insider threat detection is quickly becoming a critical priority for IT departments. While most organizations have effective defenses against malware and viruses, and some have solutions for advanced threat protection, few companies today have tools to stop an insider threat.

Superior insider threat detection technology must be able to identify and remediate three different insider threat profiles:

  • The Careless Insider. For employees who ignore security policy or don't understand the dangers of threats like malicious email attachments, insider threat detection solutions must prevent actions (like sharing intellectual property through unsecured email) that could put the organization at risk.
  • The Compromised Insider. Successful attacks like advanced persistent threats and impersonation fraud often rely on the attacker's ability to take over the email account of an unsuspecting user through malware, phishing emails or social engineering. Insider threat detection must offer tools to identify and remediate these threats before users can be compromised.
  • The Malicious Insider. In some cases, employees within an organization purposefully leak data, steal information or try damage the organization. To prevent these attacks, insider threat detection must be able to automatically monitor internal email traffic and alert administrators to suspicious activity.

Insider threat detection with Mimecast.

Mimecast provides insider threat detection as part of its comprehensive email management services for security, archiving and continuity. Built on a highly scalable cloud platform, Mimecast's insider threat program is available as part of a fully integrated subscription service that reduces the risk and complexity of keeping email safe for business.

Mimecast Internal Email Protect, part of Mimecast's Targeted Threat Protection suite of services, is a cloud-based service that monitors internally generated email to detect and remediate email-borne security threats originating from within the organization. Mimecast's insider threat detection technology covers both email sent from one internal user to another and from internal users to external email domains.

Mimecast scans all email, attachments and URLs to identify potential malware and malicious links, and content filtering helps prevent leaks and theft by comparing the content of internally generated email to Data Leak Prevention policies.

Benefits of Mimecast's insider threat detection service.

Mimecast's insider threat detection technology enables you to:

  • Protect the organization against a wide variety of insider threats.
  • Identify lateral movement of attacks through email from one internal user to another.
  • Automatically identify and remove emails that contain threats.
  • Minimize the risk of a breach or malware spreading through the organization.
  • Stop email containing sensitive information, intellectual property or privileged financial data from leaving the organization without authorization.
  • Manage insider threat detection from a single administrative console for configuration and reporting.

Learn more about insider threat detection with Mimecast, and about how recover deleted items with Mimecast archiving services.