E-Mail-Sicherheit 2018 – ein Lagebericht
Informationen zur aktuellen Bedrohungslage, zu fehleranfälligen Schutzmechanismen und zu menschlichem Versagen – und wie eine Cyber Resilience Strategie Sie vor Cyber Angriffen schützt.
Located in Tampa, Fla., Moffitt Cancer Center is one of only 41 National Cancer Institute-designated Comprehensive Cancer Centers, a distinction that recognizes the facility’s excellence in research and its contributions to clinical trials and to cancer prevention and control. Moffitt has the southeast’s largest blood and marrow transplant program and treatment programs that support more than 325,000 patient visits each year.
Moffitt’s mission is to contribute to the prevention and cure of cancer, and its vision is to transform cancer care through service, science, and partnership. These ideals, an environment that fosters innovation and leadership, and a commitment to ensuring superior patient care extend across the facility—including into the IT organization.
Doug Blankenship and George Steward, network systems analysts at Moffitt, explain that with patient needs at the forefront, the organization is always seeking a more efficient way of doing business. A little more than a year ago, Blankenship and Steward began the search for a comprehensive solution for email management that would consolidate three existing point products and a homegrown PST archive process. “We were using a number of products for document archiving, AS/AV, and security, and while they each worked well on their own, we wanted a single solution that could provide all the features we needed and be managed from a single location,” Blankenship explains. “We were looking for complete email management, including the ability to compile message statistics and reporting, effective AS/AV control, and archiving capability to meet growing ediscovery requirements.”
Effective ediscovery was critical, Steward notes, especially given the increasing number of requests to meet compliance and audit needs, many linked to federal and state regulations. “We relied on a PST archiving process instead of a dedicated email archiving solution. PST files were enormous, and some employees even had multiple files,” he adds. “We frequently had problems with corrupt PSTs and missing data, which required significant time for the team to resolve, and when we received an ediscovery request, we often had to pull information from tapes. There are just three people on our team and managing all the retrieval requests was becoming a challenge.”
Business continuity capabilities were also on Moffitt’s wish list. With a location on Florida’s gulf coast, ensuring continuity in the event of a natural disaster like a hurricane is a top-of-mind concern, particularly given the Cancer Center’s 24x7 environment and focus on patient care. The facility had never experienced a significant email outage thanks to an effective failover solution, but there was no formal disaster-recovery solution in place. Plus, a different department managed the appliances that controlled failover, and the IT team sought a solution that would enable them to address any email outages from the gateway.
Before the team at Moffitt began their search for a comprehensive email management solution, they evaluated the annual expense of their three existing appliances and related renewal costs. Cost effectiveness was important, but definitely not their number-one concern. First and foremost, they considered the feature set, recognizing an ideal opportunity to address the institution’s unmet needs, including for disaster recovery and more formalized email archiving for greater security and compliance. Blankenship had used Mimecast with a previous employer, and the team evaluated several other vendors. In the end, Moffitt selected Mimecast. “Mimecast provided all the features we wanted in a centralized tool: archiving, AS/AV, ediscovery, disaster recovery, compliance, and ten-year retention,” Blankenship says. “We had to carefully evaluate how Mimecast uses cloud data storage rather than on-premise servers, but we felt confident that the level of redundancy and SLAs Mimecast offered aligned with our security and compliance requirements.” The cost difference certainly helped Moffitt in its decision making: the hardware tab for the amount of storage Moffitt would need on premise exceeded $1million, plus warranties and maintenance. “Mimecast was substantially less than that,” notes Blankenship, “and offered the same SLA guarantees.”
After a brief pilot, Moffitt began the implementation of Mimecast earlier this year. “Implementation went smoothly,” Blankenship reports, “We used a seven-step process and didn’t experience any adverse affects in any of our systems. In fact, our user community didn’t even know the transition was taking place.”
End users did notice an immediate reduction in the number of spam messages they received, however, and Steward adds that the team got positive feedback from the institution’s executives who indicated that they appreciated the difference. Like the AS/AV capabilities, the archiving of new email messages has been live since day one, but Moffitt is still transitioning data from PSTs with the goal of having all information moved to the cloud by year end.
What if your employees were more informed about security threats, more skeptical about what they receive in …
More than ever, insider threats are wreaking havoc on IT security systems, leading to loss of valuable …
LEXINGTON, MASS – October 10, 2018 – Mimecast Limited (NASDAQ:MIME), a leading email and data security …