StepStone receives almost 10 million emails every month but the vast majority of these should be blocked, according to Serge Groven, Corporate IT Manager at the Group. “Approximately 70 to 75 percent of the e-mails should not be allowed through.”
There is the usual spam to contend with, but this was not the biggest issue for Groven: “We dealt with hundreds of phishing attempts every month. We were seeing sophisticated, well-targeted emails that seemed highly credible. For instance, emails in which someone poses as a customer manager requesting you to forward codes for gift cards, supposedly for a campaign. When they are in fact criminals that wanted to steal these codes.”
Thankfully for Groven, no real problems had occurred partly due to the fact his colleagues were aware of and could recognize the phishing attempts.
One impersonation attempt, however, which for security reasons, Groven cannot say much about made a big impression. “This email was timed with the utmost care and precision, and almost look real. Had the attempt been successful, this would have caused incalculable damage.”
This near miss made Groven think the risk has become too serious to ignore and went in search of a specialized solution. “This represented substantial challenge for an organisation like StepStone. We are a group of companies, each with its own ICT infrastructure. We work with more than 140 different email domains.” In addition to this, StepStone has tens of thousands of customers, mainly SMEs with limited means. “Although they do their best, criminals find weaknesses in their domains. So they can, for example, send emails that seem to come from our customers.”
“You are talking about cunning, well targeted E-mails that seem highly credible.”
Serge Groven, Corporate IT Manager
“With Mimecast, you have a result for a search within 1 or 2 seconds”
Serge Groven, Corporate IT Manager
Groven completed a thorough market analysis and chose to work with Mimecast on a solution that would include which includes email security, anti-phishing, anti-impersonation and anti-spam. “It was the exact mix that we were looking for. We were seeking a supplier that combines traditional methods with advanced technology.” For Groven, major advantages of this comprehensive protection include filters for IP and domain blacklisting.
Given the complex environment Groven operates in, he selected an advanced Implementation service package with Gold Support. “You are then directly connected with a highly experienced project manager and a skilled engineer from Mimecast. Mimecast furthermore demonstrated flexibility in streamlining this complicated project. It is, with so many different domains, a considerable challenge to deliver the implementation of this project.”
Although the rollout was finalized in May, the environment was already partially in use by March. The results speak for themselves. “In the period from April-May, after implementing Mimecast in 70 percent of the environments, the average number of reported spearphishing emails decreased from 10.2 per month to 2.5” notes Groven.
“We can now also solve issues much faster than before. For investigations on attacks, you need to carry out searches for eDiscovery in the archive. This previously took a very long time. With Mimecast, you have a result within 1 or 2 seconds.”
With the solution now fully implemented Groven, was conscious not to let his guard down and decide to bolster his ‘human firewall’ as he called it.
To do so, he went back to Mimecast and implement its Awareness Training solution. This platform makes users aware of cybersecurity risks and teaches them to recognize threats. “We ultimately want to set up random tests. When an employee clicks on a link, there is a 5 percent chance that he will be redirected to a web page including several questions about the link. Think, for example, of questions like ‘How do you know for sure that this link is safe?’ and ‘Are you sure you know the sender?’. Mimecast protects StepStone, not only against phishing and impersonation but also increases awareness among employees.”
Groven is now happy with the Group’s level of protection and helping his colleagues be more aware of cyber-attacks.