E-Mail-Sicherheit 2018 – ein Lagebericht
Informationen zur aktuellen Bedrohungslage, zu fehleranfälligen Schutzmechanismen und zu menschlichem Versagen – und wie eine Cyber Resilience Strategie Sie vor Cyber Angriffen schützt.
In 2017, the Kansas City Public Schools (KCPS) email system was besieged by phishing attacks, resulting in a high number of compromised staff email accounts. While no KCPS data was accessed, criminals used the hijacked email accounts to send millions of spam messages, which damaged the organization’s domain reputation and lead to legitimate KCPS email being blocked by nearly 20 major ISPs.
Craig Nulan, IT Operations Manager and Network Security Engineer at KCPS, knew that he needed to strengthen KCPS defenses against phishing and train staff to avoid the attacks. KCPS had standardized on Microsoft Forefront as its primary endpoint protection solution, but it wasn’t getting the job done.
Nulan sought a new solution that would not only block phishing attacks and other email-borne threats, but also provide real-time visibility into vulnerabilities. Nulan evaluated several options before selecting Mimecast Targeted Threat Protection. “Mimecast had the best awareness and control features, including URL protection, plus a cost-to-value that no other vendor could match,” says Nulan. Within days of going live, Mimecast identified 37 compromised KCPS email accounts – “That was an eye opener,” says Nulan.
Now, Mimecast automatically checks every URL in an email or attachment. If it finds anything suspicious, it warns the recipient and logs the incident. The KCPS IT team then review logs daily to make sure staff aren’t falling prey to attacks. (For now, KCPS has decided against quarantining or automatically blocking suspicious mail, though Mimecast does offer those options.)
Within eight weeks of implementing Mimecast, KCPS’s sender score went from the 20-40 range to 96. While its domain was previously blocked by 19 ISPs, today it is blocked by only one, and that will be resolved shortly. Plus, says Nulan, “I have no more complaints from staff about emails bouncing.”
Viele Unternehmen sind der Meinung, ihre aktuellen E-Mail-Sicherheitssysteme seien der Aufgabe gewachsen, sie zu schützen. In …
Using Microsoft Office 365™ or snapshots from backup or storage solutions for protection and recovery? You …
Ein Großteil der Kommunikation in Unternehmen findet über E-Mails statt. Leider ist diese Anwendung auch …