The State of Email Security 2018 Report
The latest threats, confidence killers and bad behaviors—and a cyber resilience strategy to fix them
Founded by a diverse group of community leaders in 1950, St. Francis Hospital is a non-profit, 376-bed community hospital based in Columbus, Georgia. With over 2,000 employees, St. Francis has become southwestern Georgia’s leading health care organization and the only area hospital offering open-heart surgery.
Eddie Windom, Network Administrator at St. Francis Hospital, is one of only two people managing the entire network. “We handle everything related to email and the network – creating new user accounts, closing old ones, troubleshooting connectivity issues – it’s a lot for two people to keep track of,” says Windom.
For years, St. Francis relied on a server-based AS/AV product from Antigen (now owned by Microsoft) to keep its email – and network – protected. But over time, the hospital outgrew it. The system was not very flexible, and users still received too many spam messages. “We had grown from 500 to more than 1500 mailboxes, and Antigen couldn’t handle it,” says Windom. “It was basically choking our entire network.”
The product did not include archiving features, and that had also become a big pain point, according to Windom. If an email was less than one day old, it could be retrieved from backup relatively easily. Older than that, and the procedure was more complicated. The user would have to correctly identify the date on which the email was sent or received. Then, Windom or his colleague would have to restore the entire email database for that date – which took 7-8 hours. Next, they would have to restore that person’s individual mailbox, and manually review all the messages until they found the right one. If the user picked the wrong date and the email wasn’t there, they would have to start the process over. “As you can imagine, it sometimes took us two business days to retrieve one message,” recalls Windom. “And we tended to receive a retrieval request
about once every two weeks. With just two of us on staff, it took up a lot of time.”
As a result, employees didn’t want to delete any email. The hospital’s backup databases grew enormous – larger than Microsoft recommends – which led to delivery delays, outages and downtime. When the hospital experienced several days-long email outages in a short period of time, Windom knew he had to make a change.
“We rely heavily on email for so many functions,” Windom explained. “And not just administrative staff, but also the medical staff. If email goes down, efficiency and more importantly patient care are compromised. We just had to get this right.”
Windom’s preference was to move to a cloud-based solution that would handle not only AS/AV, but also archiving and continuity. “We looked at three or four different solutions – value and usability were our main criteria,” he explains. Ultimately, Windom picked Mimecast. “Mimecast offered more features than the others – such as the ability to access your mailbox from the portal – and also had the most intuitive interface. It’s extremely easy to administer, which was important since there are only two of us. And because Mimecast is so feature-rich yet reasonably priced, it provides tremendous value.”
Users can retrieve their own email from archive within minutes “If anyone loses a message, I can find it in Mimecast in a minute or two,” says Windom. “Better yet, I’ve been able to teach users to do it themselves – it’s fast and easy.”
Eliminated email outages and delivery delays
There have not been any email delays or outages since St. Francis implemented Mimecast. “Our email service is much better, and users have definitely noticed,” says Windom. “Email is just always on, like it should be. We don’t worry about outages anymore.”
Better spam and virus blocking
Similarly, there have not been any virus incidents since the hospital implemented Mimecast, and spam coverage is much better than before. “Mimecast blocks spam at the gateway, ensuring it never reaches our network at all,” explains Windom. “That’s also decreased our overall email volume quite a bit – in fact, 70 percent of all inbound email is blocked as spam at the gateway, and never enters our network.”
Helps with HIPAA and PCI compliance
St. Francis Hospital is subject to both HIPAA and PCI regulations. Mimecast helps with compliance by automatically identifying and encrypting patient and credit card data. “It’s a great feature, and one less thing for us to worry about,” says Windom.
Doubled IT team productivity
“There are only two of us, and only so many hours in the day,” says Windom. “Outsourcing email management – including anti-spam, anti-virus, archiving and continuity – has probably doubled our overall productivity. We rarely have to deal with email-related issues now.”
Windom says that Mimecast support has been “awesome.” “Whenever there is an issue, it’s taken care of quickly,” he reports. “All in all, we’ve been really happy with Mimecast. It’s probably the best service we have.”
Integrating Mimecast data into the QRadar system through the data logging API, means it can be correlated …