Skip navigation
All Places > The Mimecaster Central Blog > Blog > 2017 > September
2017

Matthew Gardiner is a Senior Product Marketing Manager at Mimecast and is currently focused on email security, phishing, malware, and cloud security.

 

It is no secret that attackers are not stopping their innovative push in pursuit of their goals: money, politics, fame...take your pick. And if anything, email as an attack vector is becoming more popular. What other "attack platform" provides the reach, low cost, and flexibility of email

 

Security customers of Mimecast can rest assured that we are not resting in our drive to clamp down on email-borne attacks. I want to highlight three recent advances that you can configure and deploy right now, depending on which Mimecast grid you're hosted:

 

  • Impersonation Protect - Policy Changes: Provides greater flexibility (block/hold/warn/bypass) in the resulting actions, depending on the specific indicators of spoofing found in a given email.
  • Impersonation Protect - Custom Targeted Threat Dictionary: Have you ever wanted to add your own keywords to complement the Mimecast managed threat dictionary? Now you can. If you have key business processes, projects, or sensitive data that attackers seek and could potentially ask for by name, you can add those to your organization's own threat dictionary, and have Impersonation Protect hunt for them in email messages.
  • URL Protect - Links in Attachments: In the category of "attackers will try and get into your organization anyway that they can," I am happy to report that URL Protect will now inspect links in attachments in much the same way that it inspects links in the body of an email. This capability, combined with the sandboxing service in Attachment Protect, provides a world-class defense against malicious attachments.

 

Check out some of Matthew's other Mimecaster Central posts:

 

New Threat Research from Mimecast: The ROPEMAKER Exploit 

Get Your Threat Data Here! 

Using DNS Authentication to Defend Against Impersonation Attacks 

Matthew Gardiner is a Senior Product Marketing Manager at Mimecast and is currently focused on email security, phishing, malware, and cloud security.

 

It is probably not news to anyone that attackers are very creative and look to fool users in an organization, any way they can, into releasing information or taking actions that they shouldn’t. 

 

Along these lines, it has come to our attention that certain email communications purported to be coming from Mimecast are being sent to select organizations.

 

As a warning, we have pushed a short communication to all Mimecast administrators via the Mimecast Administration Console (copied below). Rest assured that Mimecast security services are addressing this attack, and we will continue to monitor this threat and make any defensive changes as needed.

 

For any application, including your Mimecast services, one important security control that can help mitigate login or credential loss related risks is the use of multi-factor authentication for your admins and end-users. This blog and the associated KB article provides more information on how to configure multi-factor authentication for your Mimecast administrators and end-users.

 

Of course, the overriding lesson here, as in all situations, is to never to click a link in a suspicious-looking email. And any email which asks for information which is personal, including but not limited to a login or a password, should be considered suspicious. 

 

Notice Recently Published in the Mimecast Admin Console:

 

Please remember that Mimecast will never send an advisory that requires your staff to provide personal information or login details. Any unsolicited email message which asks you to provide this information by entering it into a purported Mimecast Administrative or User application is illegitimate. Be suspicious, and if you receive such a message or have any questions about the authenticity of such a communication, please raise a case with Mimecast Support. We also suggest that you review our Enhanced Security Options for more detail on securing your account.

David Hood is the Director of Technical Marketing focused on Office 365, continuity, and the Mimecast API. A Mimecaster since 2015, he’s a frequent speaker and commentator on cloud collaboration.

 

Mimecast is pleased to announce new data loss prevention (DLP) capabilities to help US healthcare organizations meet HIPAA guidelines.

 

The Mimecast US Healthcare Pack is managed DLP content to scan, identify, and take action on emails containing protected health information (PHI). Let’s look more in depth at the US Healthcare Pack and how it can help your organization:

 

  • Requires a customer to use Mimecast for gateway services. This includes any of the M, S or D product bundles, as well as legacy UEM products.
  • Managed DLP content is available out-of-the-box and can be enabled for all email addresses quickly and easily. If necessary, the managed content can be extended with additional policies to address organizational-specific requirements.
  • To identify PHI, Mimecast will scan attachments and the email body for the presence of:
    • Names
    • Social security numbers
    • ICD-10 codes
    • FDA drug name
    • Driver’s license numbers
    • Claim numbers
    • ...and more
  • Mimecast will update the managed DLP content to remain current with underlying sources. Some sources will be updated on a weekly basis, while others less frequently. Importantly, as a cloud service, these updates are available immediately to the organization, without administrative actions.

 

If PHI is found in email, there are a number of actions that the organization can take. Administrators can:

 

  • Reject the message
  • Encrypt (this can be done with TLS or be used in tandem with Mimecast Secure Messaging)
  • Hold the message for review
  • Convert the file
  • Remove emails with PHI content from internal mailboxes (if the organization uses Mimecast Internal Email Protect and the US Healthcare Pack)

 

According to the 2017 Verizon Data Breach Report, healthcare is the second most breached industry behind financial services. A big difference is that in healthcare, employees are the predominant reason for a breach. Unfortunately, with highly sensitive PHI data, any employee mistake can have far-reaching consequences. For example, a busy, well-intentioned staff member can carelessly attach a file with PHI to an email.

 

While less frequent, malicious employees with access to PHI have emailed thousands of patient records to a personal email address. In both cases, the Mimecast US Healthcare Pack will help identify and stop this mail before it leaves the organization.

 

Interested in learning more? Visit the Mimecast Knowledge Base for more information on the US Healthcare Pack.

You may notice a refreshed look to Mimecaster Central upon your latest visit:

 

 

Search

 

We've eliminated the search bar in the center of the page to streamline the search experience with the existing "magnifying glass" at top-right. A note indicating "community search has moved" will be displayed for the next couple of weeks pointing to the updated search experience here.

 

Alternatively, community members who want to just search Knowledge Base (KB) resources only can do so by navigating to the KB first.

 

New Community Members

 

We've heard a lot of feedback that our community is a big, useful site...once you figure out how to use it.

 

We didn't think that "figuring out how to use the site" should even be a "thing," so we've added four new "actions" to take from the homepage, featuring some of the most important functionality you can use from within the community, from Asking a Question in our Community Forums to Searching our Knowledge Base for the article you need to get your job done.

 

As part of these four "actions" is a brand-new guide for all New Users, highlighting 10 steps to take to ensure Legendary Customer Success within Mimecaster Central. Get to know these important pieces of the site!

 

Returning Community Members

 

And we know that everyone returning to the site needs a reason to sometime visit the homepage, the "Hub" of everything trending community-wide.

 

So, with some added real estate, upon logging in, the same dynamic "top and trending" latest community discussions you've already enjoyed will now be moved even further up on our homepage. Additionally, a rotating carousel on the right-hand side displays must-know information and featured highlights from around the community, along with a list of must-follow profiles of "Legends"!

 

 

 

We have previously enhanced our navigation in Mimecaster Central, and we'll continue to make enhancements as our community grows. In other words, our work in delivering Legendary Customer Success is never over! 

 

Happy Navigating across the community

Bill Holmberg is an IT Director who first got involved in computing when he created an Altair from a kit, shortly after making his first digital multimeter while attending an electronics institute. As a musician then, he co‐created a lot of artwork for printing companies for venues, bands, and agencies, as well as helped with studio recording installations and fine-tuning.

 

Being already addled by the rock and roll scene of the 80s, it was an easy transition to IT consulting, as he knew 1% more than anyone around him in business environments!

 

From IT consultant to employee, in various industries and roles, the journey would take Bill from being a SCO UNIX administrator to an Apple Evangelist under Guy Kawasaki. He started AlphaBetas to test Macintosh games for MacSoft, and was involved in hundreds of applications, even playing music and doing voiceovers. Bill installed and configured the first SAN for C.H. Robinson, and has been a director at several companies since.

 

Could you describe your role in your company, and how Mimecast helps you with your daily work?

 

As the IT Director of an SMB in the transportation world, I wear many hats. I create and manage servers in a VMWare environment, backups with VEEAM, and hosted exchange email with a Mimecast filtering service.

 

I oversee development of a mostly SQL environment to automate the fleet and digitally transform the company, while creating training and security awareness for our users. I try to help shape the technology future by sharing my corporate vision with management and teasing the business requirements from them.

 

Mimecast plays a crucial role in my success. I have used it to not only drastically reduce my incoming spam and malware (which let’s face it, makes me look heroic!), but also to end a vicious cycle of blacklisting due to past configuration errors and the unfortunate spam filtering choice my predecessors had in place. I have also had to use it for litigation hold reasons and termination investigations.

 

Best piece of advice/helpful pointers for one of your peers just starting off with our services?

 

Take the training: It’s free, comprehensive, and great. You will configure your own setup while going through it, and Peter, the instructor, is very knowledgeable and approachable, and wants you to be successful.

 

Also, use the reports! You will be pleasantly surprised at how well upper management receives the new data from these, and they look great! Easy-to-understand graphs that appeal to c‐levels.

 

Favorite feature of Mimecast products you couldn’t live without, or that’s been a lifesaver for you and your organization?

 

While I am still on my journey to fully utilizing the vast suite of products available, the obvious spam filtering advantage is huge. My users get thousands of fewer emails each month, and it’s freed up tremendous amounts of hours.

 

The ability to search the archives for recent legal issues has been huge, as has the ability to show customers that their supposedly sent emails never reached us, or that we did in fact send to them, but they were refused by their servers.

 

Favorite movie?

 

I’ve been a huge comics fan since childhood. Any Batman movie I will watch at any time, as well as the Marvel and DC universe stuff. I also love many classics: The African Queen comes to mind, as well as The Scarlet Pimpernel.

 

Food?


Sushi, steak, brisket, eggs with biscuits and gravy, cheese fondue, various Asian, pizza…if it’s edible, I probably like it. 

 

Musician?

 

As a musician myself, I am influenced by so many that I don’t have one favorite there, either: Paul Simon, Norah Jones, Sugarloaf; Blackmore, Bolin, and Knopfler; Steely Dan, Bob Marley…I’m all over the place. Love that 80s stuff, though.

 

What keeps you busy off the clock?


I still play and am recording some. Additionally, my wife and I enjoy dining out and in.

 

Favorite “geek”‐out thing?


My oldest son has a TeamSpeak server that we meet on regularly to talk and play video games with each other (mostly Steam games), and his two brothers and sister. I’m still a video game addict at heart.

 

Others in the series:

 

Legends of Mimecast: A Q&A with David Ignash

Legends of Mimecast: A Q&A with Dawn Cronin 

Legends of Mimecast: A Q&A with Les Bessant 

Legends of Mimecast: A Q&A with CEO Peter Bauer 

Legends of Mimecast: A Q&A with Onyi Ejiasa

Legends of Mimecast: A Q&A with Johan Dreyer