Skip navigation
All Places > The Mimecaster Central Blog > Blog > Authors user.v1YcBgOpe0

Mimecast recently conducted a survey of hundreds of our customers regarding their challenges with web security in general, and their current use of cloud-based web security systems, in particular. I also just posted a blog that goes into the results of this survey in more depth. We learned a number of interesting things, one of which was that the transition of web security controls to the cloud is not as far along as it is for email security. 


Gartner estimates that 65% of organizations already consume their email security services from cloud-based systems, such as Mimecast Secure Email Gateway. Our survey results showed that only 27% of our customers have made a similar transition for their web security controls. Interesting. But it does seem that a similar transition to the cloud is underway, just not as far along.


Just as we did for email, we are planning to help this transition along with our recently released Web Security service. To us, providing web security services is a very natural extension of our email security offering, in particular, URL Protect. Of course protecting against malicious or inappropriate websites needs to cover more than just links in emails!


What is your plan to start to use or expand your use of cloud-based web security controls?

We recently conducted a survey of Mimecast customers using our Internal Email Protect (IEP) service. As a reminder, IEP is the fourth member of our Targeted Threat Protection family. It focuses on inspecting, blocking, and removing malicious or otherwise unwanted emails and attachments that are internally generated (that is, internal-to-internal or outbound emails) or are inside your users' inboxes and archive. 


When used in conjunction with URL Protect, Attachment Protect, Impersonation Protect, and DLP, IEP completes the 360-degree protection for your email traffic. With it enabled, you have your inbound, outbound, and internal email traffic well secured.


The reality is that bad things do not just come from the outside. Sometimes compromised, careless, or malicious users or malware exists on the inside of your organizations. This is often how attacks spread or sensitive data can move to a place where it shouldn't.


We have summarized the results in an infographic here. And I have also provided an overview in a recent blog.


I would be interested to hear your comments, or better yet, your internal threat war stories that you are comfortable sharing with your peers here in the community!

After many months of development and the completion of a very successful early adopter program, I am very happy to help announce the immediate availability of Mimecast Web Security


My part in the launch program this week was centered in London, from where I am currently writing this. Built-up in and around IPExpo Europe, in addition to supporting the event itself, we hosted both a customer and partner meeting where we explained and discussed this new service. Suffice it to say the interest was high and the understanding of what have done and why we have done it was also quite high.


In short, combining email and web security into a single integrated cloud service seems obvious, given the high proportion of cyber attacks that occur via email, web, or a via combination, is resonating. And given that you, our administrative customers don't have a shortage of things to do, we think the fact that it is easy to deploy, configure, and manage will be a key success factor for the service.


Interested in learning more? For starters, you can check out the documentation, the write-up and datasheet on, the Service Update, my introductory blog, and even request a 30-day free trial, which is open to all current Mimecast customers. We would also love to hear from you, questions, comments, and concerns as you have them.

Matthew Gardiner is a Director of Product Marketing at Mimecast, currently focused on email security, phishing, malware, and cloud security.


Have you noticed that we at Mimecast are increasingly talking about the need for resilience for your email? In fact, not too long ago, we added a significant amount of new content on under the heading Cyber Resilience for Email. Have you wondered why we are doing that? 


This brings me to the analogy of the iPhone. The iPhone fundamentally changed the nature of what mobile phones, computers, and cameras are -- from distinct products to integrated services provided on a single platform.


We see the same phenomenon changing email as it migrates from on-premises to the cloud. Email-supporting services such as security, archiving, backup, recovery, and business continuity, which in the on-premise email world had been delivered by separate products and deployment practices, are able to be more efficiently provided by an integrated cloud service, more like an iPhone.


Before making the transition to Cyber Resilience for Email, Mimecast previously talked about providing security, continuity, and archiving services for email. While certainly true, this description lacked the vision of providing an integrated service that combined all of those individual capabilities, and more, as an integrated service.


Given that IT organizations ultimately need to provide IT services in general, and email services in particular that are resilient, after much thought, we landed on the word “resilience” to best describe what we provide for organizations’ email. We Make Email Safer for Business through our Cyber Resilience for Email solution. Making what we provide clearer to the world is largely “why” we came out with Cyber Resilience for Email solution naming.


What is Mimecast Cyber Resilience for Email? It is a combination of Mimecast services, including Secure Email Gateway with Targeted Threat Protection, continuity, and the newest service member, Sync & Recover, which is an extension of our longstanding archiving service.


When used together, these services help organizations protect their email before, during, and after an attack, technical failure, or careless user or administrator action. With thousands of organizations and millions of users depending on it currently, it isn’t new for them, but it is part of a key general trend that Mimecast is leading that is sweeping through the IT marketplace.


I would be very interested to hear what Cyber Resilience for Email means to you and your organization!

Matthew Gardiner is a Senior Product Marketing Manager at Mimecast, currently focused on email security, phishing, malware, and cloud security.


A key part of our job as your email security services provider is to keep adapting to the continuously changing nature of attacks being perpetrated by the cybercriminals. They shift and we shift. We shift and they shift. 


The latest additional arrow to our threat protection services quiver is a new file inspection service that combines the security provided by URL Protect and Attachment Protect. This new capability enables our email security service to send a directly linked file to be deeply inspected before it is allowed to be downloaded to your employees' desktop, blocking off another route to email-borne malware delivery. It shows off the clear value of combining URL Protect's link re-writing with the static file analysis and sandboxing of Attachment Protect. You can read more about this capability in this Service Update


All customers with URL Protect and Attachment Protect will have access to this capability as it becomes available on your particular Mimecast grid. In addition, it will also be available as part of our Internal Email Protect service at the same time.

Matthew Gardiner is a Senior Product Marketing Manager at Mimecast, currently focused on email security, phishing, malware, and cloud security.


The plan is the plan, until it isn't!  As you can see in the updated Services Update, Mimecast has decided to go back to "opt-in" for device enrollment versus requiring "opt-out" as the original Services Update explained. As a diligent security service provider we feel very passionately about our role in improving your organization's email security.  We constantly debate internally how best to inform and enable our customers to improve their security posture. In some cases we can do it for you, for example, by making Attachment Protect smarter at detecting and blocking malware. Safe to say no one wants email-borne malware delivered! But in other cases security policy and user experience choices need to be made and ideally our customers' Mimecast admins continuously assess and make the right decision for their organizations. We still feel that for the vast majority of our customers, device enrollment is a feature that should be enabled for the reasons discussed below and in the Services Update.  But clearly it isn't for everyone either as you can see in the associated discussion threads. My bottom line ask is if you have admin responsibilities for Mimecast that you look closely at device enrollment and make up your own mind. We aren't going to do it for you!



In an effort to improve the usability and security of our URL-dependent security services (Attachment Protect & URL Protect), there are important new changes coming to Device Enrollment that might change your users' experience if you aren't already using it. Check out this newly posted Services Update for details.


It is very important that the Mimecast service keeps track of who clicks Mimecast links as part of the URL Protect and Attachment Protect services. And thus, the ability to associate a device to a specific user is key.


So this is why instead of requiring organizations to opt-in to Device Enrollment, it will instead be the default experience in the near future, unless your Mimecast administrator opts-out on behalf of your organization.


Feel free to open a dialog in the comments below if you want to discuss further.

Matthew Gardiner is a Senior Product Marketing Manager at Mimecast, currently focused on email security, phishing, malware, and cloud security.


This, of course, is a trick question, as the correct answer is "both." If security is a coin, then on one side of the coin are automated security controls and on the other side is the "human firewall."


When it comes to minimizing your cyber risk, it is not an either/or situation. Organizations should implement automated security controls (i.e. the Mimecast Targeted Threat Protection family of services), and not overburden users with determining what are or aren't cyber threats -- in many cases, this can be done efficiently and effectively by security systems.


But because there is, and never will be, 100% effective preventive security controls (attackers are just too good for that), it is important to also continuously invest in the right user awareness at the right time that leads to increased security understanding and caution of your user community.


Why do I bring this up now? Anyone here in the community using Targeted Threat Protection - URL Protect, for example, knows that this is exactly Mimecast's philosophy -- the two-sided coin. User awareness during the teachable moment of clicking a link has been a built-in feature of URL Protect since the beginning. And now I am very happy to share that we have extensively revised and refreshed this capability to make it clearer, simpler, and really, almost a game for users to play as they go "clickety-click" on links in emails. 


If you liked the User Awareness capability of URL Protect in the past, you should love the new capability. Check out the recently posted Service Update that discusses this feature in more depth and provides the current target dates for arrival on a grid near you.


We have been using it for about a month at Mimecast (yes, we drink our own Champagne!), and the response has been very strong.


Check out some of Matthew's other Mimecaster Central posts:


New Capabilities in URL Protect and Impersonation Protect 

New Threat Research from Mimecast: The ROPEMAKER Exploit 

Get Your Threat Data Here! 

Matthew Gardiner is a Senior Product Marketing Manager at Mimecast and is currently focused on email security, phishing, malware, and cloud security.


It is no secret that attackers are not stopping their innovative push in pursuit of their goals: money, politics, fame...take your pick. And if anything, email as an attack vector is becoming more popular. What other "attack platform" provides the reach, low cost, and flexibility of email


Security customers of Mimecast can rest assured that we are not resting in our drive to clamp down on email-borne attacks. I want to highlight three recent advances that you can configure and deploy right now, depending on which Mimecast grid you're hosted:


  • Impersonation Protect - Policy Changes: Provides greater flexibility (block/hold/warn/bypass) in the resulting actions, depending on the specific indicators of spoofing found in a given email.
  • Impersonation Protect - Custom Targeted Threat Dictionary: Have you ever wanted to add your own keywords to complement the Mimecast managed threat dictionary? Now you can. If you have key business processes, projects, or sensitive data that attackers seek and could potentially ask for by name, you can add those to your organization's own threat dictionary, and have Impersonation Protect hunt for them in email messages.
  • URL Protect - Links in Attachments: In the category of "attackers will try and get into your organization anyway that they can," I am happy to report that URL Protect will now inspect links in attachments in much the same way that it inspects links in the body of an email. This capability, combined with the sandboxing service in Attachment Protect, provides a world-class defense against malicious attachments.


Check out some of Matthew's other Mimecaster Central posts:


New Threat Research from Mimecast: The ROPEMAKER Exploit 

Get Your Threat Data Here! 

Using DNS Authentication to Defend Against Impersonation Attacks 

Matthew Gardiner is a Senior Product Marketing Manager at Mimecast and is currently focused on email security, phishing, malware, and cloud security.


How do you get ahead of cyber attackers? For the most part, security defenders, such as Mimecast, spend a lot of time reacting to the latest tools and techniques used by cybercriminals. In fencing terms, they lunge, and we parry on behalf of our customers. And then sometime later they lunge again...and we parry again. 


With a network of tens of thousands of customers and billions of emails a month, we see a lot of stuff. One time it is a new flavor of ransomware sent as an attachment, and the next it is a malicious URL meant to harvest your users' credentials. And 'round and 'round it goes..and goes.


However, anyone who follows hockey knows that one of the best techniques to win is to skate to where the puck is going and not to where it currently is. In the context of security, that means continuously conducting, periodically reporting on, and quickly updating defenses based on threat research that is ahead of the attackers. Now we lunge and they parry (perhaps). Today, we have done just that.


Read about the newly disclosed ROPEMAKER email exploit that Mimecast has just brought public via this blog and the associated deep-dive paper


You can also learn more about the security control we have added to TTP - URL Protect to help defend against an attack that might try and leverage this technique.


I encourage your questions and comments!