South West London & St. George’s Mental Health NHS Trust (SWLSTG) is a leading provider of mental health services across south west London. It serves 1.1 million people across the London boroughs of Kingston, Merton, Richmond, Sutton and Wandsworth and employs more than 2,000 staff - who provide care and treatment to about 20,000 people from south west London and beyond.
Email plays an important role in the day to day operation of the Trust, including care delivery, being the primary means of communications and collaboration internally as well as with patients and referring bodies such as GP surgeries.
Head of IT, Mike Wilkes explained: “Email is very important. It’s used by clinicians, by everybody as a method of communication. It is also heavily used to communicate with patients and referring bodies, such as GPs, so we obviously need to keep that confidential patient information safe and secure. Having control of email is very important to us.”
“If we didn’t have Mimecast blocking such a volume of unwanted email, we would now be a lot busier reacting to issues than we are.”
Mike Wilkes - Head of IT, South West London & St. George’s Mental Health NHS Trust
A move to M365 in 2017, however, brought both benefits and challenges. The cost-efficiencies that are driving increased uptake of cloud services across the NHS coincided with a rising tide of new fraudulent email campaigns.
As experienced security professionals, Mike and the wider team were already focused on adding extra layers of security, to create a more resilient M365 environment. However, this new wave of unwanted email accelerated that process.
Mike said: “We did not feel very well protected against these campaigns. There’s a certain amount of protection within M365, but it’s quite basic. As a result, dealing with new flows of unwanted email was a pretty manual process.”
As ever in the public sector, cost efficiency was a key consideration as the Trust set out to find a solution able to provide the extra layers of protection it needed.
Mike explained: “It came down to looking at lots of different products and what they offered. We did look at Microsoft’s Advanced Threat Protection add-on for M365. It looked like the easy option at first glance, but it was just too expensive, so we looked at other solutions to able to cut down on things like phishing, spear phishing and C-Level impersonation.”
In the end, Mimecast stood out as offering the right solution at the right price, according to Mike: “Mimecast, based on our benchmarking, was the right solution for us in terms of both capability and cost. It clearly offered the best value for money with the best protections.”
SWLSTG eventually opted for Mimecast’s M3R package, which offers sophisticated protection from advanced email threats – from fraudulent attachments and URLs to impersonation attacks – and extends the same protection to internal emails, to help prevent the spread of malware within the organization.
The solution also provides email continuity to keep email flowing in the event of M365 downtime and a cloud archive to make restoring email easy and help with remediation and recovery in the event of a successful cyber-attack.
That comprehensive protection was coupled with a quick and easy deployment and excellent support, to help SWLSTG realize the benefit of its investment in Mimecast quickly.
Mike said; “The deployment was really quick and easy, much easier than I was expecting. The support was very good too. They worked through the process with us, and I think it only took a day or so to get it all set up and switched over. There is no doubt that support helped us to get the protection we needed in place more quickly and to accelerate the value we got from the investment.”
Mimecast has proven a highly effective solution, securing the Trust’s email system against a rising tide of unwanted emails. “It massively cuts down the volume of unwanted emails that get through,” Mike confirmed.
“You only have to look at the volume of unwanted email that would get through if we didn’t have it. We get excellent reporting from Mimecast, and I can see at a glance that 53% of inbound email is being rejected as fraudulent in one form or another, so it is stopping a lot of bad traffic from reaching our environment.”
Indeed, the sheer volume of unwanted emails being dealt with illustrates that Mike and the wider team were right to add additional layers of protection to SWLSTG’s M365 environment.
Summing up the impact of adding Mimecast to the Trust’s email environment, Dave Dowsett, Associate Director of IT at the Trust. said: “I can sleep easier knowing that we have a plan B for any Exchange Online outages. At the same time, we have the market’s best email security protecting us and, in the background, we have a secure, independent copy of email to restore from should we need it.”
Meanwhile, having a single solution able to provide that level of protection across the Trust’s entire email estate and 20 locations – all managed from a single administration console - has helped to save the IT support team a lot of time.
“If we didn’t have Mimecast blocking such a volume of unwanted email, we would now be a lot busier reacting to issues than we are,” Mike pointed out. “The level of threat has increased massively even since we deployed Mimecast, so without that protection, we’d probably be spending all week dealing with issues.
“Internal Email Protect is part of that. Before we had no visibility as to the internal threat and the spread of malware once inside the organization. We just had to react. Now internal email runs through the same Mimecast protection as external email.”
That same efficiency extends to email continuity, which will help Mike and the team to maintain email availability during M365 outages. “We work to an internal SLA that stipulates 48 hours as a maximum acceptable period of email downtime,” Mike said. “Mimecast continuity will help us deliver that if there is an M365 outage in future.”
Overall, Mike is confident that SWLSTG is now far more able to defend against unwanted email. “We’re a lot better equipped to cope, with Mimecast,” Mike said. “We’ve got the protection we need to massively reduce the chances of unwanted email getting through, and to remediate and recover should anything go wrong. There’s no doubt we are better protected today than we were before Mimecast.”
What’s more, Mike feels that having Mimecast in place will make it easier forthe Trust to comply with the DCB 1596 secure email standard. “Technically speaking we comply and Mimecast is part of that,” he explained.
“What’s more, as we go through the certification process we will be able to draw on help from the Mimecast community and from the customer success team, not just to deal with specific compliance issues, but to help us make full use of the features available to us, adapt to new threats and make the most of our investment.”