Skip navigation
All Places > The Mimecaster Central Blog > Blog > 2017 > January
2017

We're pleased to kick off a brand-new series, Legends of Mimecast, where we get to know the faces behind our global community of over 24,000 Mimecast users, and some of the internal faces behind the magic at Mimecast. First up: Les Bessant -- a familiar face in the  Community Forums (and on our homepage!).

 

Les Bessant is an IT Manager, working for a national professional services company. He’s been “doing IT” since DOS 3 (he still shudders at the memory of wrangling CONFIG.SYS and AUTOEXEC.BAT), has persuaded email to flow since Exchange 5.0 (please don’t ask about GroupWise) and has somehow kept his sense of humor.

 

Originally from Cardiff in South Wales (where Doctor Who is made), he now resides in Northeast England. He’s not sure if being the Les Bessant who comes up in Google searches is a good or a bad thing.

 

Could you describe the role in your company, and how Mimecast helps you with your daily work?

 

It says “IT Manager” on my job description, which is one of those titles that can mean many things. In my case, it covers everything from first- and second-line support, managing Active Directory and email, desktop images, telephones (landline and mobile), office relocations, and pretty much anything else computer-related.

 

I’m part of a small team – two of us here in Newcastle and two in Leeds. Between us, we look after around 220 staff spread over nine offices.


Which business-critical security issues was your company most looking to mitigate when it decided upon Mimecast?


We’d been using separate solutions for email filtering, continuity, and archiving. None were ideal – we’d been through several filtering providers (including one who helpfully let a virus through), the continuity solution needed to be manually invoked rather than kicking in automatically, and archiving was turning into a money pit, as we were charged by the ever-increasing volume stored.

 

We needed a robust solution that would cover all these functions with a single management console. Mimecast offered what we needed, at a significant cost savings, making both IT and senior management happy.

 

Best piece of advice/helpful pointers for one of your peers just starting off with our services?

 

Have a good look around the Policies section – Mimecast has some very handy functions that would otherwise need some additional software on your email gateway, tricky Outlook rules, or scripting. Autoresponders? No problem. Forwarding inbound messages to multiple internal and external recipients? That, too.

 

Favorite feature of Mimecast products that’s been a lifesaver for you and/or your organization?

 

It has to be the security filtering – as malware has grown from an annoyance to a major, and often directly targeted, threat, having a system in place to stop the messages before they reach our network helps IT sleep at night.

 

What keeps you busy off the clock?

 

My main off-duty activity is photography – I’ve got a small portfolio on show at my personal site. There’s also a blog, but it’s not all that interesting. One day, I hope to find the time and motivation to learn to play the guitar I bought a couple of years ago.

 

Star Wars or Star Trek?

 

Doctor Who, of course.

 

If you'd like to be interviewed in a future edition of 'Legends of Mimecast,' email Community Manager Ryan Arsenault at rarsenault@mimecast.com.

 

Check out more Legends of Mimecast interviews in the series. 

Peter Bauer is the CEO and co-founder of Mimecast, which he launched in 2003. In this next installment of Legends of Mimecast, we sat down with Peter to talk about the common themes learned from our global customer base, how the threat landscape has changed over the years, and the Mimecast solutions he now can’t live without.

 

Be sure to also check out our recent -- and first -- Legends of Mimecast interview with customer and community champion Les Bessant.

 

Together with CTO Neil Murray, you founded Mimecast in 2003, and this original team is still in place. 14 years is an eternity in the tech world – what keeps you coming into Mimecast every day?

 

There's three things here. Firstly, knowing how important our work is. We are responsible for protecting critical communication and data for so many organizations across the world. This is such a huge and important responsibility: It’s a very good reason to get up in the morning.

 

Secondly, the enjoyment of being a part of innovating and building something uniquely useful is another reason. Software and the challenges of understanding how it can positively impact users is engaging work. We have a constant stream of ideas that often leave us with a sense of unfinished business.

 

Lastly, it's about the people that make up Mimecast: We get to work with such cool and inspired people internally on the employee side, and also within our customer and partner base. Between all of these groups, Mimecast is a really fun place to be.

 

What do you think has changed the most in terms of the scope of business threats, from the earlier years of Mimecast, to Mimecast in 2017?

 

I think it's the shift from general email pollution to more directed and targeted email attacks. We moved from seeing significant nuisances to significant threats. For example, it’s easy to gain access to pretty deep social and organizational data on LinkedIn, and there’s a growing cyber underworld that is increasingly well-connected and resourced. This is shaping the threat landscape. Email remains the number one attack delivery tool for these adversaries.

 

You grew up in South Africa, started Mimecast in London, and moved with your family to the United States to help spearhead the US operations. What have you learned the most from our customers in your travels, with our customer base dispersed globally?

 

I've learned that everyone is pretty much in the same boat. IT teams are largely all under-resourced, dealing with an accelerated rate of change, and are forced to be responsive to so many things.

 

Managing email remains a complex undertaking, with so many important computing workloads beyond the fundamental delivery of a mailbox. Your email infrastructure needs to meet your gateway delivery and routing needs, security needs (and that spans multiple issues from DLP and encryption, to spear phishing protection, and so on), data management and compliance needs, and, of course, disaster recovery and high availability needs.

 

These diverse and often infrastructure-intensive workloads are important, but frequently underappreciated or underestimated by the business. Those responsible for managing technology to ensure email works for an organization do understand the challenge, though. So we are thrilled to be able to help so many IT teams globally make this hard stuff easy with our platform.

 

What’s the one feature of Mimecast’s products that you as an everyday user couldn’t live without? 

 

There are two, actually.

 

One, our graymail management feature saves me a lot of time and mental energy. All ‘newsletter’ or ‘store card promotional’ types of emails are automatically held for me. So I don’t have to sift those out of my inbox myself. I’ve used that feature for a while now and I don’t know how I lived without it before. I used to spend a lot of time sifting through, and being distracted by, low priority bulk email.

 

The second thing I love is our iOS app, which allows me to find emails going back over 10 years in a matter of seconds on my phone. I might be looking for a particular document or trying to recall the name of a contact at a certain company. Inevitably, it is in my email archive somewhere, and being able to just dip in and find it in this vast bank of corporate memory is very useful.

 

What keeps you busy off the clock?

 

I love spending time with my wife and kids, doing outdoors activities. On this outdoors side, running and snowmobiling are both things I enjoy.

 

Be sure to also check out some of the other Legends of Mimecast Q&As in the series:

 

Legends of Mimecast: A Q&A with Dawn Cronin 

Legends of Mimecast: A Q&A with Les Bessant 

Legends of Mimecast: A Q&A with Onyi Ejiasa 

Legends of Mimecast: A Q&A with David Ignash 

Legends of Mimecast: A Q&A with Johan Dreyer

Rob Otoka is a Senior Program Manager in the Customer Transformation and Innovation Team at Mimecast. Since joining in June 2012, he has worked on Legendary Customer Success™ initiatives including the Customer Experience Measurement Program and rollout of Mimecaster Central.

 

While in London recently, our Customer Operations Leadership Team had the opportunity to meet with insurance underwriter Markerstudy, one of our UK customers.

 

We’d like to thank the Markerstudy Team for their feedback on our Legendary Customer Success™ efforts, current and planned. We look forward to reaching new heights with great customer collaboration programs!

 

Rob Otoka is a Senior Program Manager in the Customer Transformation and Innovation Team at Mimecast. Since joining in June 2012, he has worked on Legendary Customer Success™ initiatives including the Customer Experience Measurement Program and rollout of Mimecaster Central.

 

The creation of Mimecaster Central is an example of the power of your feedback. The community was designed with you in mind as a hub to provide feedback and ideas, gain support from peers, and stay up-to-date with the latest product information. 
 
To help us improve your experience, we’ve created a short survey on Mimecaster Central and would love your input. The survey will take no longer than 5 minutes.

 

As a thank you for your time and commitment to improving the community for your peers, you'll be awarded 100 points upon completion, that can be traded in toward cool Mimecaster Central rewards including apparel, mugs, pens and more!

 

Take the survey now.

 

Mimecast understands that its commitment to customer experience measurement is essential to our valued customers and our own success. We look forward to your feedback!

 

For more information on our Points and Rewards programMimecaster Central: How Points/Rewards Work

Dave Hood is the Director of Technical Marketing focused on Office 365, continuity and the Mimecast API. A Mimecaster since 2015, he’s a frequent speaker and commentator on cloud collaboration.

 

Recently, a new attack came to light that shows the importance of using a layered security approach to protect against malicious URLs in emails.

 

We all know email is the preferred vector by many cybercriminals, particularly during the holiday season, as it seems like almost everyone is shopping online and getting bombarded by offers for sales, shipping instructions, and purchase confirmation emails. Attackers take advantage of the flood of this legitimate email as cover, and to catch unsuspecting users when their defenses are down. The particular attack referenced in this blog is, however, new.

 

Security Week reports the attack was directed at Office 365 business users, and exploits a vulnerability in how anti-phishing and Microsoft Safe Links determine if a URL is safe to visit or not. The goal of the attackers was simple – divert Office 365 users to a fake login page to harvest their usernames and passwords. With their login credentials, attackers would have unfettered access to all Office 365 workloads of that user.

 

The steps of the attack are to:

  • Create a fake Office 365 login page.
  • Alter the proper URL of the page using a tool named Punycode. Punycode makes it possible to represent International Domain Names (IDNs) with a limited character set. For those who have used the URL shortener bit.ly, it’s similar in concept.
  • Distribute URLs to Office 365 users using a fake email. In this case, fake FedEx emails were used to maximize opens during this season of giving.
  • Harvest Office 365 credentials as users hit the fake Office 365 page.

 

The key for this attack was the use of the Punycode to get the URLs past Microsoft’s phishing protection (the attacker no doubt tested this method in advance to make sure it worked, in his own instance of O365).

 

These types of URLs are usually blocked, but in this case, the malicious links were left accessible because of the failure of the defenses to interpret the links correctly. You can find more details at Security Week.

 

It’s worth considering these takeaways from this attack:

  1. Defense-in-depth remains a best practice in the cloud, just as it was in an on-premise world. A single code base to protect the over 85M corporate users on Office 365 opens the door to these types of attacks.
  2. It shows what attackers can do when they have easy admin access to Office 365 tenants. In this case, the attackers crafted an email using Punycode that they could test against EOP and ATP, until they were absolutely sure it would work. When they were confident it would get past the defenses, they launched a broader attack.
  3. Armed with malicious URLs hidden from the Office 365 defenses, it’s relatively simple to use MX lookup tools to identify organizations using EOP and Office 365.  Attackers could quickly build a list of organizations to phish.
  4. Attackers are increasingly targeting Office 365 because of its popularity. The article states: “With the growth in Office 365 for corporate email, hackers are shifting their focus. The characteristics of this particular attack disclose the hacker’s intention to deceive Office 365 users into providing their login credentials.”
  5. It’s always worth having defense in place that includes security against email threats such as malicious links (including the type used in this attack), weaponized attachments, and malware-less impersonation attacks.

 

More posts from Dave Hood:

The specified item was not found. 

The specified item was not found. 

The specified item was not found.