David Hood is the Director of Technical Marketing focused on Office 365, continuity, and the Mimecast API. A Mimecaster since 2015, he’s a frequent speaker and commentator on cloud
I’m pleased to announce a user group dedicated to the healthcare industry on Mimecaster Central!
The healthcare industry faces many unique challenges – from protecting sensitive patient data to complying with strict regulations – often without the financial and personnel resources available in other industries.
This user group here in the community is a place for healthcare professionals to get data, news stories, information and more that impact cyber resilience for email. It’s also a place to see what your peers in the industry are talking about and a chance to network with other Mimecast customers.
I encourage you to join today and take part in the conversation!
Mimecaster Central community rockstar (and Legend!) David Ignash is a Security Administrator, working for a financial institution that specializes in farm loans. He’s been tinkering with IT ever since he got his hands on his first Commodore 64. David has lived in Michigan (United States) all his life, and currently lives in the Lansing area. You can also check out his community Q&A here.
Have you ever wondered if you are using all of the Mimecast features available to make your organization as secure as possible? Well wonder no more! Follow this checklist to ensure that you are taking advantage of all that Mimecast has to offer.
|Checked what account is your "Super Administrator"|
|Does Help Desk have access to help external customers? (i.e. Secure Messaging)|
Do other users/administrators have the least amount of privileges to accomplish their job?
PII (Personally identifiable information)
|Checked what your organization identifies as PII|
|Have you performed a Disaster Recovery test at least once a year?|
Up to date software
|Are users running the most up to date version of "Mimecast for Outlook"?|
|Is URL Protection enabled for all emails coming into your organization?|
|Is Attachment Protection enabled for all emails coming into your organization?|
|Are TLS settings configured to ensure that email is sent securely?|
|Are Impersonation Protection settings configured to alert the user of suspicious emails?|
|Are DNS settings configured to ensure that mail is sent securely?|
|Is greylisting configured to ensure that suspicious emails are filtered out?|
|Are account settings configured to ensure the console is secured? (i.e. Admin IP Ranges)|
|Is Active Directory synchronization still pulling in the correct data?|
|Has anything changed with your authorized outbounds IP addresses?|
|Has secure messaging been enabled so users can safely submit sensitive data?|
|Have the appropriate users been trained in how to use Mimecast securely, or even Mimecast at all?|
This list provides a way to help you check major security settings within Mimecast. It is also meant to help you think of other areas within the application to ensure you are a secure as possible. You could check this once a year just to make sure things are healthy, and keep up with changes to your organization.
We’re pleased to formally announce the launch of our new Application Programming Interface (API) Developer Portal, to make it easy to get started with the tools, documentation, sample code and support needed to take advantage of the Mimecast API...and integrate with existing applications.
With the Mimecast API, you can:
There are already over 50 integrations built into a variety of solutions including security information and event management (SIEM), security orchestration and automation, advanced eDiscovery and provisioning applications.
We also encourage all of you who want to unlock the power of Mimecast in new ways to share your own integration ideas now here in the community.
Ready to get started? Learn more about the API program, browse existing integrations, and request an application key now.
While the video game series by the same title is a nice diversion from reality for many of my friends and my brother-in-law (the guy will stay up into the wee hours of the morning playing this thing), the reality is that the "Fallout" that occurs from a General Data Protection Regulation (GDPR) violation won't be quite as pretty.
Without being preachy (there's plenty of resources on the damages that could occur for non-compliance with this EU-driven initiative), we're here to remind you to check out our GDPR group on Mimecaster Central, well ahead of the regulation's enforcement on May 25, 2018.
The group is stocked with resources on not only the regulation itself, but also how to configure Mimecast to help you meet your GDPR compliance objectives...and avoid the fallout.
Additionally, you'll be able to raise discussions with fellow Mimecasters and get all your questions answered from a staff of experts including our Chief Trust Officer at Mimecast, Marc French.
To help us improve your community experience, we’ve created a quick five question survey and would love your input. The survey will take no longer than 60 seconds (or it will self-destruct, not really…but that sounded cool).
Please note that this survey is always available to you in the right column of Community Forums when logged in. Mimecast’s commitment to its Customer Experience Measurement Program is ongoing and your feedback only helps drive the success of Mimecaster Central. We look forward to your continued feedback!
Check out some of Rob's other blog posts:
A key part of our job as your email security services provider is to keep adapting to the continuously changing nature of attacks being perpetrated by the cybercriminals. They shift and we shift. We shift and they shift.
The latest additional arrow to our threat protection services quiver is a new file inspection service that combines the security provided by URL Protect and Attachment Protect. This new capability enables our email security service to send a directly linked file to be deeply inspected before it is allowed to be downloaded to your employees' desktop, blocking off another route to email-borne malware delivery. It shows off the clear value of combining URL Protect's link re-writing with the static file analysis and sandboxing of Attachment Protect. You can read more about this capability in this Service Update.
All customers with URL Protect and Attachment Protect will have access to this capability as it becomes available on your particular Mimecast grid. In addition, it will also be available as part of our Internal Email Protect service at the same time.
The Mimecast user research team (working with product and design teams) needs customers like you to help improve Mimecast products, and ensure they work well for the people who use them.
You’ll have the ability to:
Once you’ve joined, we'll drop you a confirmation email, and you might be invited to:
You can always say no to any invite, and opt out at any time!
Q: What's the process?
A: Once you've joined up, and there's an upcoming research project that seems relevant to you, we'll send an email inviting you to take part (possibly asking a few more questions), and if all is well, we'll find a mutually convenient time, and schedule a session.
Q: What will I be asked to do?
A: Most of the time, we'll start off with a few questions, and then ask you to either demonstrate how you do something, or ask you to do some tasks in a prototype. Then we'll typically finish with a few more questions.
Q: What set up do I need to participate?
Q: Where do the sessions take place?
A: You don’t need to travel anywhere as we use Zoom for online meetings. If you live more than 10 timezones away from the UK, we may only be able to use you for quick online exercises. If you are in London or nearby, we could try to meet face to face, which is always nice! Or if you're at a Mimecast or other industry event, it would also be possible to meet there.
Q: What's the time commitment?
A: In terms of frequency, we will never expect you to participate more than 1 hour per every 3 months (though we may reach out more frequently, you can always say no). In terms of meeting length, sessions are kept as short as possible, typically 30-45 minutes. In some instances, we'll need to have an in-depth discussion which will be no more than an hour. All of this will be communicated up front.
Q: Will the meeting be recorded?
A: Usually just the voice and the screen containing our prototype with example data, but depends on the project. You’ll always be asked if the session can be recorded - you can say ‘no’ if you want to. And we won't record any of your company data. Recording helps us show relevant product team members what happened during a session.
Q: Who can take part?
A: You must be 18 or older and a current Mimecast customer to take part.
Q: Who do I contact for questions/comments?
A: Contact Lisa, Sophie, and Rebecca at (email@example.com) for more information or to update your details after you've signed up.
The plan is the plan, until it isn't! As you can see in the updated Services Update, Mimecast has decided to go back to "opt-in" for device enrollment versus requiring "opt-out" as the original Services Update explained. As a diligent security service provider we feel very passionately about our role in improving your organization's email security. We constantly debate internally how best to inform and enable our customers to improve their security posture. In some cases we can do it for you, for example, by making Attachment Protect smarter at detecting and blocking malware. Safe to say no one wants email-borne malware delivered! But in other cases security policy and user experience choices need to be made and ideally our customers' Mimecast admins continuously assess and make the right decision for their organizations. We still feel that for the vast majority of our customers, device enrollment is a feature that should be enabled for the reasons discussed below and in the Services Update. But clearly it isn't for everyone either as you can see in the associated discussion threads. My bottom line ask is if you have admin responsibilities for Mimecast that you look closely at device enrollment and make up your own mind. We aren't going to do it for you!
In an effort to improve the usability and security of our URL-dependent security services (Attachment Protect & URL Protect), there are important new changes coming to Device Enrollment that might change your users' experience if you aren't already using it. Check out this newly posted Services Update for details.
It is very important that the Mimecast service keeps track of who clicks Mimecast links as part of the URL Protect and Attachment Protect services. And thus, the ability to associate a device to a specific user is key.
So this is why instead of requiring organizations to opt-in to Device Enrollment, it will instead be the default experience in the near future, unless your Mimecast administrator opts-out on behalf of your organization.
Feel free to open a dialog in the comments below if you want to discuss further.
Jason Wright is a Junior IT Administrator at H&M Bay Inc., a refrigerated logistics provider specializing in fresh and frozen commodities transported throughout the US (i.e. seafood from the northeast and northwest, produce from the south, and even gator skins!). You may also know him as one of our oldest community members and Mimecast Legend!
Prior to getting into IT, Jason was in the automotive industry where he did a little bit of everything, from tech helper in high school, to lead technician at an independent shop, to general manager of his own auto parts store.
Jason lives on Maryland’s “Eastern Shore," and was born in Baltimore.
Could you describe your role in your company, and how Mimecast helps you with your daily work?
My role is first the helpdesk admin. I handle just about all incoming calls ranging from application issues to hardware problems. Besides managing the helpdesk, I also manage our on-premise Exchange environment, Mimecast (of course!), our Cisco wireless equipment, enterprise AV solution, and other things including computer reloads and hardware upgrades.
I have been with H&M Bay since August 2014 when I got my start in the IT industry, and have no plans on going anywhere else!
Best piece of advice/helpful pointers for one of your peers just starting off?
Take the Mimecast training, especially if you are new to Mimecast. It will allow you to get your feet on the ground and learn where to look for certain features.
After you are comfortable, join the community of course, and do the 10 Steps to Get Started with Mimecaster Central. I remember joining Mimecaster Central back in 2016. Originally, I came here looking to network and share ideas and learn some new information. From the beginning, I can say I have learned a lot from this community and its great network of individuals here.
This is a two‐part answer! For my users and some admins, it is the Archive. I cannot tell you how many sighs of relief we hear when someone is able to find an email from a customer or shipper that helps to save the day.
However, for me personally, I love Targeted Threat Protection (TTP): Attachment Protect. Sandboxing is a great feature and we have many instances where users say “I NEED THIS ATTACHMENT.” Being able to show proof of the malicious intentions of an attachment to the users is great, but it also helps these users to share that information with the customers who may have been compromised. So essentially, to an extent, we get to save ourselves and customers.
Hard to say. My favorite series, being a car person, is Gone in 60 Seconds (I mean, come on -- that Mustang is nice) followed closely by Law Abiding Citizen. This one is a little bit darker, but it really makes you think.
I love cooking and I get many recipes from Gordon Ramsey (we both speak in similar styles ). Anything with zucchini and I will eat it.
That is a hard one. I honestly listen to so many different types of music. If I had to choose, I would have to say Linkin Park. I'm a bit of a fanboy, having seen them live over eight times in three different states. Other than that, I listen to a lot of harder rock and like to be in mosh pits and at festivals like Rock on the Range and Mayhem Festival.
Right now, it is the MSCA for Server 2016 books for the certification I am studying for. I know...not exciting. I can't remember the last time I was able to read something out of fun that was not tech-related. Really want to read the Lord of the Rings series, though.
What keeps you busy off the clock?
A lot! It depends on the season. I am a huge baseball fan, so you have probably seen Ryan Arsenault and I go at it about the AL East at some point (go O’s!). So early spring / all of summer is baseball. I really want to start traveling to different stadiums, but college is holding me back from that currently.
In the fall/winter, when I am not an O’s or Ravens fan, I love to get into the outdoors and go hunting, especially waterfowl sport, one thing that the Maryland “Eastern Shore” is famous for.
Other than all of this, college keeps me busy. This is my second time in (first was for automotive). I recently got my AA and am working towards my Bachelors in Cyber Security, so I am definitely busy.
One thing someone here in the community wouldn’t know about you?
I am completely envious of everyone’s use of footnotes and I still need help with it!
Bob Adams is the Product Marketing Manager for Mimecast's Security portfolio. Bob joined Mimecast three years ago as a Sales Engineer, and was recently recruited to Marketing after developing various educational materials for Mimecast's services. He continues to help educate companies on protecting themselves against advanced cyber threats.
What occurred over the next 13 minutes was a lesson that can be applied to many aspects of daily life – both as an everyday person as well as a user within a company. Whether you receive a phone call, email, text, or even knock on your door, here's some important tips to keep in mind.
Tip #1: Always be suspicious
My phone rang at 8:11 in the morning, and the Caller ID showed a local area code. I answered and was greeted by Lt. Brandon Kennedy from the Middlesex County Warrants and Citation Division. This is suspicious right away, as it’s unlikely a government office will call regarding any matter.
Tip #2: Don’t give them any additional information
Lt. Kennedy is adamant I confirm that I am Robert Adams. When I refused and asked what this was about, he stated he couldn’t tell me until I confirm my identity, or there would be repercussions.
Again, I’m suspicious and always avoid giving out any personal information. However, since they’re calling, already asking for me by name, and a reverse phone number lookup would show my name in the White Pages, I conceded: “This is him.”
Tip #3: Always question the validity of what you’re being told
I learned that a Jury Duty summons was delivered to me on Wednesday, September 25th at 2:23pm, signed for, and returned. I apparently "failed" to appear in court on my assigned day. My absence resulted in two warrants out for my arrest, and there’s a $500 post on each. Failure to resolve this today could result in my immediate imprisonment for 30-45 days. I still remained calm despite their intent to catch me off guard.
Taking notes, I realized September 25th was a Monday, and not a Wednesday. I asked him to repeat the date, year, and where it was delivered, and explain the 25th was a Monday and that his response was not my address.
Regardless of all the red flags here, my curiosity was piqued, and figured that the longer we talked, the less people he could scam (NOTE: While I’m experienced and well versed in scamming tactics, I do not recommend trying this at home!).
Tip #4: Learn from their mistakes
I explained I never received the summons and didn't recall ever having to sign for one before. He assured me the process had changed due to so many people claiming they hadn't received the notice.
To avoid arrest, I needed to “report to the Medford Sheriff’s Department at 400 Mystic Ave, 4th Floor. They cannot accept Cash, Credit, or personal information due to a high volume of transactions, and you need to get a MoneyPak voucher from Walgreens, CVS, or Rite Aid.”
My warrants are for $500 each, which coincidentally is the maximum limit per voucher. When I ask if I can call my local Police Department to confirm there's a warrant, he assured me I can. However, he of course can’t help me with any arrests along the way there if I hang up, so it’s best if we stay on the phone until I arrive.
At this point, the ruse was up, I had my fun, and tried to engage the scammer directly. To the scammer's credit, he insisted it was not a scam and was merely trying to help. Further inquiries went unmet until he eventually hung up.
The moral of the story here is to be suspicious, don’t give out any information, always question what you’re being told, and learn from the mistakes of these criminals to better arm yourself in the future.
RELATED CONTENT: My Grandfather was Scammed: Why User Education Reigns Supreme
After a trip through memory lane with Mimecaster Central in 2017, we thought it would be nice for another retrospective blog...about blogs.
No, this isn't an Inception moment: We'd like to serve you up in one convenient package the top 10 most popular blogs from withinThe Mimecaster Central Blog in 2017, ranked in order of page views.
A special shout-out goes out to our customer, and Mimecaster Central champion and Legend David Ignash who's Top 10 List for New Mimecasters was the most viewed blog created in 2017, and was a hit with both Mimecast customers and employees alike!
Without further ado, here's the list:
Ryan Arsenault is the Community Manager for Mimecaster Central.
Mimecasters across the globe: It's no small feat what you, our beloved customers, accomplished in Mimecaster Central in 2017, a banner year for our community.
Before we get into all of the individual accomplishments and milestones achieved, let's take a high-level overview by the numbers at where we stand as a community today, since our humble beta launch on October 6, 2015:
Here are some additional stats pulled from the depths of our Mimecaster Central data:
Top 5 Knowledge Base Articles (in order of page views)
(What's especially notable here is that we have had several instances, where comments on Knowledge Base articles like these and community discussions have led to the documentation being improved, sometimes substantially. We thank our community for all of this constructive feedback throughout 2017!)
Top 5 Search Terms in 2017 (in order of search inquiries)
1) Secure Messaging
2) Large File Send
3) Content Examination
4) Mimecast for Outlook
Top 10 in the 2017 Mimecaster Central Points Leaderboards
Most Popular Product Idea in 2017
This distinction goes to Joel Olivio's Apply URL protect within Attachments idea, which garnered a score of a whopping 1175 from upvotes within Mimecaster Central. The idea was implemented into our URL Protect service this year!
Noisiest/Most Polarizing Product Idea in 2017
Amazingly enough, the product idea of 2017 that generated a flurry of comments and very heated discussion had little to do with Mimecast products at all.
Adam Fasl's Update the Mimecast Support Hold Music thread generated 63 comments on what should be playing in the background while waiting on the phone for our Support team. Ideas ranged from Jazz all the way to 80's "Hair" bands (I personally think Metal should have still won out...)
Most Popular Mimecaster Central Discussion in 2017
Started at the very tail end of 2016 and picking up a lot more steam as 2017 chugged along, Deleted User's The specified item was not found. generated nearly 7500 views and 48 comments, giving it top honors for collective popularity within our Community Forums.
There actually could not be a better textbook use case of community, either, as our customers came together in this thread in droves to share their own custom regex entries.
Launching our User Research Panel
Moving on from hard statistics to programs within the community, Mimecaster Central saw the launch of our User Research Panel, where our UX Research team, led by Lisa Rex and Sophie Rochette, set out to work with Mimecaster Central community members on their feedback to help shape Mimecast products, and to give them a sneak peek at what's ahead!
We thank everyone that provided their engaged feedback on designs of Mimecast Connect Application v2, The Administration Console, a brand-new search experience in Mimecast end-user apps, and for their participation in Targeted Threat Protection research sessions!
While 2017 may be the first year of our User Research Panel, in the year ahead, you can expect many more research sessions with the goal of bettering our products and ensuring they work well for the people who use them.
Getting to Know You...Getting to Know All About You
This year we kicked off a Q&A series that got to know the faces behind the community, both from Mimecast and within our customer base: Legends of Mimecast.
...and Speaking of Legends...
This core group of super-engaged Mimecaster Central champions, Mimecast Legends, saw eight new members join its ranks within 2017 (beyond our awesome technical moderator from the Mimecast side in Corey Monteiro, chances are, you've probably seen the "L" icon pop up a lot on many of the answers to your questions).
A community is only as good as its members, and this group of Legends is one of the biggest reasons Mimecaster Central is such a vibrant and active place for our customers! A big thank you to all of our Legends that helped out fellow community members throughout the year, and participated in exclusive calls with our Product Management team to help improve our products.
A Focus on Improving the "Newbie" Experience
After much feedback from our customers on enhancing the onboarding experience, one of these Legends in David Ignash put together a Top 10 List for New Mimecasters...and it has been a tremendous hit, to the tune of nearly 6,000 customer views in only half of the year!
A cousin to this list, we launched 10 Steps for Success with Mimecaster Central as part of the welcome package to help new customers get acclimated with the most important and useful functionality within the community.
Looking to 2018...and Beyond
All of this, of course, was a mere glimpse into what happened in 2017 at Mimecast, since this was all from the lens of community. After all, you may recall the launch of products from Sync & Recover Overview to Targeted Threat Protection: Internal Email Protect throughout the year.
But from a pure community perspective, there's even more to come in 2018. So what exactly is next, you say? Put simply, it's the next generation of Mimecaster Central: We look to the future of the community as we totally reimagine the structure, layout, and content within our ecosystem later on in the year. And the wheels have already been turning here with wonderful feedback from our Legends on what they'd like to see next.
Beyond this future vision, you'll see a continued dedication to Legendary Customer Success™ and even more of the useful content from Knowledge Base, the Forums, Blog, and Service Updates you've come to expect (oh, and not to mention some swag and other goodies thrown in there, because we know you love it).
Here's to a great 2017 and onto the next chapter of Mimecast's customer community! Whether you asked a question, viewed a Knowledge Base article, or shared a product idea, on behalf of the entire Community team, thanks to everyone who made this our best and most active year yet.