The State of Email Security 2018 Report
The latest threats, confidence killers and bad behaviors—and a cyber resilience strategy to fix them
For more than 35 years, Tonkon Torp - one of the Pacific Northwest’s leading law firms - has thrived thanks to a powerful combination of in-depth legal expertise and a strong entrepreneurial spirit.
At Tonkon Torp, email is the second most-used application after the organization’s phone system, and according to CIO Danny Enroth, if either application goes down, it can appear as if the firm is out of business. This is not an option for an organization whose solid reputation is an important element of its success, and where users rely on frequent, consistent communication to meet client needs.
The firm had a Postini AS/AV tool in place, but the volume of spam, spoofing and viruses on its network seemed to be growing nonetheless. When Tonkon Torp experienced a major episode of network downtime as the result of the malicious “Anti-Virus” virus, Enroth knew that it was time to upgrade from Postini to a new AS/AV vendor. “We require 100 percent uptime, and Postini just wasn’t effective for us,” he says. “Our IT team was responding to more than 25 calls each week from users complaining about spam or viruses. We have a small staff, and at times these issues monopolized our workload. The Anti-Virus virus episode was the last straw.”
At the same time, Enroth had heard from many of his peers in the International Legal Technology Association (ILTA) about the downtime they had experienced with their own networks during both natural and man-made disasters. “It got me thinking, because we didn’t have a disaster recovery solution in place to help us ensure continuity in the event we went through a similar crisis,” Enroth comments. “Even though our connections and servers don’t go down very often or for any length of time, and we hadn’t experienced any serious issues to date, a comprehensive solution to help us ensure continuity was something we needed to consider.”
Enroth was familiar with Mimecast through his involvement in ILTA, so he included Mimecast among the vendors whose AS/AV solutions he evaluated. In the end, the high praise Mimecast received from Enroth’s ILTA peers was a factor that helped cement his decision to choose the email management solution. “Mimecast is cloud-based and provides AS/ AV and disaster recovery protection in a single package,” he notes. “As I considered several options, it was clear that Mimecast offered broader features than many competitive solutions, including the option to receive quarantine notices on the timeline I set, superior metadata filtering capabilities, and a large file attachment feature. Plus, Mimecast was available at a cost that was roughly equal to our existing solution and slightly lower than other offerings. Mimecast was a much better value overall.”
Cancelling Tonkon Torp’s existing AS/AV agreement was much more complicated than Enroth had anticipated - he ultimately had to escalate his request through the ILTA - but thankfully, implementing Mimecast was simple. Working with Mimecast, which helped ensure its customer was well prepared, Enroth and his team took a systematic approach, completing inbound then outbound migration, linking to Active Directory, and ultimately transitioning from Exchange 2003 to 2010.
Reliable business continuity
Since implementing Mimecast, Tonkon Torp hasn’t experienced a major email outage, but Enroth points out that even during minor outages - when a connection is lost briefly, for example - email service failed over seamlessly to Mimecast. “With Mimecast, email continues to queue, so the transition from our server to Mimecast is completely invisible to our users,” he says. “In fact, when the service has failed over, we haven’t received any user feedback; our users never even noticed the change. There were no disruptions to our operations, and we had a chance to see how well Mimecast would work in the event of a more critical outage.”
Proactive email security
Mimecast is a cloud-based solution, one of Tonkon Torp’s requirements, so questionable mail is held in the cloud, reducing risk and ensuring that any email-borne threats are blocked before they enter the Tonkon Torp network. “We have had no viruses and no spoofing attacks since we implemented Mimecast,” Enroth says. “This is a significant improvement over Postini.”
Lower IT costs
With a team of just six responsible for all IT functions at Tonkon Torp, the Mimecast implementation has helped the firm’s IT team improve their own efficiency. “The number of users calling the help desk to complain about spam or viruses has declined by about 90 percent,” Enroth notes. “Plus, since Mimecast allows us to control the way questionable email is quarantined and retrieved, when we need to determine if an email is in the spam filter, we can do so every two hours - a frequency we set - rather than once a day, the frequency established by our previous vendor.
Many organizations think their current email security systems are up to the task of protecting them. In …
Using Microsoft Office 365™ or snapshots from backup or storage solutions for protection and recovery? You …
Email is the number-one application that organizations depend on for communications. Unfortunately, it is also …