For Head of IT, Henrik Järnberg, the firm’s email system has always been central to those concerns.
“Email is the primary tool we use to communicate with our clients, and with other law firms. It’s vital to the day to day business. But the data security risks associated with email - given we commonly use it to share client privileged information - are many, varied and ever changing.”
These risks create a significant governance and compliance requirement. Email security is paramount and downtime is unthinkable, while historical emails must be retained for ten years, and easily accessible for evidential purposes.
“We are always keen to strengthen our email security, governance and compliance,” Henrik said. “And thankfully, we have in place a solution that makes it easy for us to do just that.”
Delphi first turned to Mimecast to help support its email system, which is built around an onpremises Exchange Server set up and supports around 400 mailboxes – and the Mimecast solution has evolved to stay one step ahead of the firm’s needs ever since.
“At first, we chose Mimecast for spam control, and it was immediately very effective,” Henrik explained. But over the years, we have come to rely on it more and more. In fact, it is so multifaceted and effective I find it hard to understand how anyone can do without it.”
For instance, in the months prior to Delphi’s Mimecast deployment, the firm suffered a six-day email outage.
“Once you’ve had that experience, you never want to repeat it,” Henrik said. “These days we have Mimecast Email Continuity, which steps in automatically if Exchange goes down. Email is seamlessly delivered via the Mimecast cloud if we have an outage – and we can use the same functionality to schedule service windows. It’s an incredibly powerful and useful feature for us.”
The Mimecast Cloud Archive, meanwhile, has driven huge efficiencies – making light work of that ten-year retention directive. “It gives us elastic storage in the cloud,” Henrik explained. “Without the Mimecast archive, I’d have to at least double my environment and hire more people. The hardware and support savings are huge.”
But it’s about more than storage, according to Henrik: “The archive is also very accessible. Finding any email, applying a legal hold if needs be, is really quick and easy. And, because the archive is tamper-proof, we have been able to reliably use email as evidence in the past.”
Above all, Mimecast provides Delphi with the layers of email security it needs to keep client data safe and protect its reputation – security that has always kept pace with the ever-changing threat landscape.
“As the basic level, Mimecast gateway security is really effective. It filters out traditional malware and spam in the cloud, before it gets anywhere near our on-premises environment,” Henrik said.
“But it gives us more sophisticated defences too. Mimecast’s data leak prevention services, for instance, scans outbound email at the gateway to guard against inadvertent or deliberate data leaks via email.”
New Threats. New Solution.
Email security also offers the most recent example of Mimecast’s ability to keep pace with Delphi’s changing needs – having made it easy for Henrik and his team to defend against targeted email attacks and ransomware.
“We’re always on the front foot when it comes to email security. Earlier this year, malicious links in email, often harbouring ransomware, and C-level impersonation attacks were a growing problem – very much on our radar,” Henrik said. “Once again, Mimecast had a ready-made solution, through its Targeted Threat Protection solution.”
It took a Mimecast engineer less than two hours to have two Targeted Threat Protection modules configured, up and running.
Mimecast URL Protect, inspects and rewrites every URL passing through the gateway in real time – and scans on-click – to protect against bad links and delayed exploits. “These are the bad links that were hiding ransomware and other undesirables,” Henrik explained.
“These days, they simply don’t get through. Mimecast URL Protect is rewriting more than 10,000 links every month and blocked clicks to 60 bad links over the summer. Just one of those getting through and delivering its payload could be disastrous.”
Mimecast Impersonation Protect, meanwhile, uses a scoring system to identify and hold suspicious emails for review by Henrik and his team. “We get a lot of these kinds of attacks, usually invoice based fraud attempts and, often, they stand out because of poor grammar – it looks like someone has used Google Translate,” Henrik said.
“Mimecast Impersonation Protect has proven really effective at spotting these emails and keeping them away from our partners’ inboxes. It blocks many impersonation attack emails every month without creating a significant false positives issue.
Total peace of mind. Overall, Henrik is delighted he can rely on Mimecast to streamline, secure and support Delphi’s email system:
“I would say Mimecast is crucial for us. We couldn’t do the things we do and feel the way we do about email – the sense of security we have – if we didn’t have Mimecast in place.
“It’s even changed the way we share large files, replacing insecure methods like CDs and USB sticks with Mimecast Large File Send. It’s secure and seamless for users – they just attach and send in the usual way.
“That is the kind of innovation and value I love about Mimecast – it gives me total peace of mind.”