In recent years SMBC has seen an increasing number of attack attempts using email as the attack vector.
They included malicious URL and attachment exploits and impersonation style attacks as well as more traditional spam and malware. Whilst our existing system coped with the situation, it was proving inefficient.
Network Manager, John Lees, explained: “Our email security solution was simply no longer up to scratch. It was not moving with the times or giving us the protection we needed, particularly against URL and attachment based attacks.
The main issue for John’s team and users was the sheer scale of the manual intervention required to plug the gaps left by their existing email security solution.
“We were spending a lot of time administering the product, putting by pass rules in and manually protecting the email environment, ” he said. “Managing email security manually had become at least a full-time job, which was ludicrous.
Managing block lists, looking after spam false positives and email quarantine was a daily task. That burden was only going to increase over time as new threats emerged, so we had to act.”
That manual approach was also creating issues for users, according to John: “The reactive approach allows a lot of malicious emails to get through. Users were very good and we were able to avoid serious incident but it would have only been a matter of time. It only takes a few users to open the wrong email and you’ve got a world of trouble.”
False positives were also a big issue; one that attracted user complaints and added to the email admin burden.
John approached the task of identifying a new email security provider with four core objectives in mind.
“Obviously we wanted to radically improve our email security and lower the admin overhead. But they weren’t the only considerations,” he explained.
“The new solution also needed to vastly improve the user experience. We were getting complaints that too much email was being blocked. False positives did slow down the usual workflow and affect productivity– but we wanted to fix that without asking users to learn a new system or change their behaviour. It has to be a low-friction solution.”
In addition, John had one eye on the future: “At some stage, it seems likely we will move over to a cloud email environment, so the solution we chose needed to support the current on-premises environment and cloud email equally well. It also needed to offer us a simple, user-friendly secure messaging service, to help us prepare for GCSX retirement.”
Mater also needed a flexible training solution – given the wide variety of different users across the business. “A cookie cutter approach wouldn’t work. Our users have a wide range of roles and computer literacy levels.”
Given John’s exacting requirements and the need to be mindful of cost, finding the right solution proved surprisingly easy. John had been aware of Mimecast for some time and embarked on a benchmarking study that pitted the existing supplier against Mimecast and two other options.
“We could clearly see it was going to be a big improvement on what we had, so it was the right solution technically and in terms of price.”
The decision was made and the benefits of Mimecast Targeted Threat Protection, including advanced protection against attachment, URL and impersonation attacks were immediately clear.
Mimecast blocked more than 400 attacks of either malicious links or attachment in six month period.
“Our security footing has been considerably improved,” John said. “Mimecast adds a crucial layer without impacting on users or email flow. As a result, we have seen a significant reduction in the number of malicious emails getting through”
“I’d estimate that the admin burden was at least halved within a couple of months of implementing Mimecast. Service desk calls are down considerably – which also points to a better user experience - and I expect that to drop away further still as users get used to a lower friction solution."
“The days of logging into the spam filter and hold queue daily to check for false positives are gone too. Now we’re confident enough in Mimecast to leave it for users to pick up in the main. We don’t have to keep adding phrases to block malicious email either.”
“It gives me absolutepeace of mind toknow that, thanksto Mimecast, wehave improved ouremail security.”
John Lees,Network Manager, Solihull
In addition to all that, Mimecast Secure Messaging offers users a simple, hassle free alternative to GCSX.
John explained: “When we retire GCSX, Mimecast should ease the transition. To send sensitive email via an encrypted, secure channel, users will have the option to add the [SECURE] tag to any email and send in the usual way. Mimecast will do the rest.”
Equally, the Mimecast solution is at home defending an on premise or a cloud email environment – while tougher email security can only help strengthen the council’s information security resilience, especially considering GDPR.
“Mimecast is a cost-effective defence against advanced email threats with almost no impact on users and at an affordable price. But it is also a solution that will grow and move with us as our needs change.