Skip navigation
All Places > The Mimecaster Central Blog > Blog

Glenn Brown is a Senior Product Manager at Mimecast and is a passionate advocate of cloud technology enabling strong data resilience strategies.

 

As we head towards the end of 2017, we are honored to be named a “Leader” in the Gartner Magic Quadrant for Enterprise Information Archiving, for the third consecutive year. 

 

Gartner provides a comprehensive evaluation of vendors and their solutions, primarily focused on the archiving of email and other content types, and where that data is used for managing retention, information governance, regulatory compliance, e-discovery, and other use cases like storage management. The evaluation positions vendors based on their completeness of vision and ability to execute, and I am proud to say that we have been positioned as a leader based on both criteria.

 

This is a fantastic achievement and one that Mimecast is very proud of. We believe our tireless innovation over the past 14 years has led us to create one of the longest-running, large-scale cloud archive operations in the world. We have taken the old, expensive, complex, and underperforming archive from being a necessary evil required to maintain compliance and e-discovery requirements, to a cost-effective and high-performing cloud archive that makes your corporate data valuable and accessible to everyone (from archaic to strategic for your organization).

 

But most importantly, none of this would be possible without the support of thousands of customers like you across the globe. So, thank you! We are very proud of our commitment to being transparent and to providing you with Legendary Customer Success, backed by responsive support, this active user community in Mimecaster Central, and industry-leading education and training services. In the words of Mark Bilbe, Mimecast’s Chief of Customer Operations, Your journey is our journey and we cherish every step.”

 

As part of that journey, we are committed to staying ahead of our customers in terms of technical innovation. We believe recent innovations to Mimecast Cloud Archive, such as Sync and Recover, Case Review, and integration with Salesforce.com are what makes us a Leader.

 

Over the next few months, I will be creating a regular blog series that focuses on highlighting these key Mimecast archiving capabilities, the problems they solve, examples of key use cases, and how we see them being used by different customers. I will also be including real customer usage scenarios – hear it straight from other customers!

 

First up: Mimecast for Salesforce.com is a free application that lets CRM users instantly access archived data, with granular search filters and a time-saving Search Widget, all without leaving the Salesforce.com console. Key capabilities and benefits include:

 

  • Role-based Access: The application is available in three versions: Admin Only, All Users, and Profile-Specific. Each version provides its users with access and privileges tailored to their needs and responsibility sets. This gives organizations virtually limitless flexibility to extend the app’s benefits across different Salesforce.com users without compromising security or control.
  • Powerful, Granular Search Tools: Supports simple keyword-based searches, contact-based searches, and account-based searches. The app also lets users filter search results by subject, date, time, and the presence of attachments. These search and filtering tools simplify the task of pinpointing specific messages or attachments irrespective of archive size. Users can easily access attachments relevant to the contact or to the account through a file download dialogue.
  • Context-Responsive Search Widget: Users can add Search Widgets to their Salesforce.com console. Mimecast for Salesforce.com offers two Search Widgets. A Contact Search Widget automatically display all messages between the user and the contact displayed in the CRM record. An Account Search Widget displays all messages between the user and all contacts with email addresses in account’s web domain. This shows the user what the Mimecast Cloud Archive knows about the customer or prospect in Salesforce.com, and improves efficiency, productivity, and decision support.

 

Going forward, I will focus on the most strategic areas including smart tags, mailbox and data recovery, end user applications, compliance and e-discovery, retention management, directory synchronization, search and investigations, and our API. 

 

Please stay tuned as we look to explore today’s biggest challenges, what our vision is to solve them, and how we can ultimately help you gain more value from your data. 

 

Note from Gartner:
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose

Ryan Arsenault is the Community Manager of Mimecaster Central.

 

I was working from the comfort of home yesterday typing an email to my colleague from my dining room when I heard my wife's voice in the other room:

 

"What? Ryan is here with me. Are you talking about Sean?....No, Ryan is here in the dining room, and he's been here all day. What are you talking about?" 

 

By the way, Sean is my brother. My ears perked up. Who was this calling my wife, and what in heavens is going on in there? All sorts of thoughts started racing around in my always-racing mind.

 

In turns out that it was my grandfather calling my wife, informing her that Ryan had been in a bad car accident, his face was all banged up, and that he had caused it....putting a pregnant woman in the hospital. He was in jail, and my grandfather needed to send $2500 to bail him out. 

 

When my wife mentioned that no, none of this is true at all, and that Ryan hadn't left the house all day, it was my mother who was in the background of the call on speakerphone who put two and two together and proclaimed, "You got scammed!" This response, too, was somewhat in relief after literally crying all afternoon regarding the fact that I had nearly murdered someone in my car. 

 

The saddest part of this story for me was that he actually went down to the Walmart in my hometown and wired the "bail money," all $2500 of it, to this criminal party. 

 

I ended up calling my grandfather back later on, asking all sorts of questions: Why didn't you call Sheryl first? Why did all of this time elapse before you called anyone? Why did you wire money to someone you didn't know!? I was sitting at home all day literally sipping my Starbucks at the dining room table, doing work, while all this was happening!!!!

 

The point of this story is not to make my grandfather feel bad. In fact, I felt absolutely horrific for a large chunk of yesterday knowing that my 81-year-old grandfather not only was upset for a period of time, but had lost out on $2500 of money he simply did not have (that he thankfully got back - they hadn't picked it up yet!). These questions came from a place of not wanting this to happen to him ever again.

 

I point this story out, and the questions I asked my grandfather, to highlight the fact that anyone in your organization can be an easy target. 

 

Technology is obviously a big part of the equation, and being the unbiased () guy I am, I think you've made a fine choice with Mimecast. But wrap into your organization's security strategy a well-rounded education program that's consistent and regular. This is all too real, as this actually happened to me and my family yesterday afternoon. Educate your users...the first and last line of defense against attacks...in your organization, and stress the importance of red flags. If it seems suspicious, it probably is.

 

And give your grandparents or parents a hug or a phone call to tell them to be extra vigilant, tonight, too. 

In addition to the latest updates on Mimecast products and services, by following the Service Updates section of Mimecaster Central, you'll now always be up to date anytime our Knowledge Base documentation is refreshed.

 

The Mimecast Education team has recently added Knowledge Base Updates to its roster of educational materials for Legendary Customer Success in Mimecaster Central. 

 

Check out the most recent editions of Knowledge Base updates below, and be sure to follow Service Updates for more:

 

Knowledge Base Updates: 13 October 2017 

Knowledge Base Updates: 29 September 2017 

Today, a new ransomware attack called Bad Rabbit has hit businesses in Russia and Ukraine and has been identified as an updated strain of the ExPetr/Petya ransomware identified last year.

 

This new variant is installed via drive-by download as a fake Adobe Flash update. It is then able to spread rapidly to other machines on the network using the same exploit used previously by WannaCry and Petya. 

 

We are continuing to investigate and monitor, but at present have not seen email used as a distribution mechanism.

 

Note though, that once installed, the ransomware attempts to steal and exfiltrate credentials from the infected machine.  Stolen credentials are often used to log in to corporate webmail systems like Outlook Web Access where phishing campaigns can be launched from genuine employee mailboxes.

 

At this time, it appears that customers with Mimecast Internal Email Protect are protected from internally-generated phishing campaigns which result from stolen credentials being used to gain unauthorized access to corporate webmail.  We will continue to monitor the situation.

 

We recommend customers install required operating system patches from Microsoft to mitigate the risk of infection from Bad Rabbit and other previous variants.

 

As further information becomes available, we will make you aware here or on the Mimecast blog.

Sandra Cutler is the eLearning Developer Team Lead responsible for creating technical content on Mimecast products and services, as well as managing development lifecycles for the Education Team. Sandra joined Mimecast in August 2016, and is passionate about creating engaging content for all Mimecast customers, resellers, MSPs, and internal business stakeholders.

 

The Education Services Team at Mimecast is up to a lot these days, and our latest efforts are around creating content for end users.

 

If you read our previous blog, you’ll know that we are responsible for creating technical content for all Mimecast products.  Everyone can access our text-based content by navigating to our Knowledge Base (KB). In addition, we offer tutorial videos that can be accessed within Mimecaster Central and the KB using links embedded in the articles. These videos are hosted on our YouTube Mimecast Education Channel

 

Latest News: End-User Videos

 

We now offer end-user enablement videos for Mimecast for Outlook and Targeted Threat Protection. We hope you find these useful for your end users, so feel free to share them. Just remember that, when sharing, use the YouTube playlist links (not the links to the individual videos), as these are updated with new links when the product changes.

 

We are also pleased to tell you that all our new videos incorporate Closed Captioning.

 

Targeted Threat Protection: End User Enablement

 

The Targeted Threat Protection – End User Enablement videos help end users understand a variety of attack vectors and how the Targeted Threat Protection suite of products can help.

 

They cover everything from how to spot an imposter attempting to impersonate someone in your organization (Impersonation Protect), to delivering documents in a safe file format (Attachment Protect), as well as notifying end users when they have either attempted to send sensitive information or a malicious attachment (Internal Email Protect).

 

Mimecast for Outlook

 

Mimecast for Outlook videos cover all the tools (depending on the products purchased) that you can use on the Mimecast tab in the main ribbon within Outlook. This can include everything from searching your Archive to looking for items On Hold, as well as what to do during a Continuity Event. The videos also cover tools available on the Mimecast tab within a new email message such as sending an email securely, sending and requesting large files, and applying a signature.

 

Stay Tuned

 

Stay tuned for more exciting news from the Education Services Team, as we are continuously developing new content and always working to improve the material we produce. So, let us know how we’re doing. We’re here for you!

 

In fact, the main focus of our Legendary Customer Success is to always be listening to you, our customers. You are the key to our success – and your feedback is paramount to us improving our products and services.

 

Related assets on Mimecaster Central:

End-User Enablement 

Matthew Gardiner is a Senior Product Marketing Manager at Mimecast, currently focused on email security, phishing, malware, and cloud security.

 

This, of course, is a trick question, as the correct answer is "both." If security is a coin, then on one side of the coin are automated security controls and on the other side is the "human firewall."

 

When it comes to minimizing your cyber risk, it is not an either/or situation. Organizations should implement automated security controls (i.e. the Mimecast Targeted Threat Protection family of services), and not overburden users with determining what are or aren't cyber threats -- in many cases, this can be done efficiently and effectively by security systems.

 

But because there is, and never will be, 100% effective preventive security controls (attackers are just too good for that), it is important to also continuously invest in the right user awareness at the right time that leads to increased security understanding and caution of your user community.

 

Why do I bring this up now? Anyone here in the community using Targeted Threat Protection - URL Protect, for example, knows that this is exactly Mimecast's philosophy -- the two-sided coin. User awareness during the teachable moment of clicking a link has been a built-in feature of URL Protect since the beginning. And now I am very happy to share that we have extensively revised and refreshed this capability to make it clearer, simpler, and really, almost a game for users to play as they go "clickety-click" on links in emails. 

 

If you liked the User Awareness capability of URL Protect in the past, you should love the new capability. Check out the recently posted Service Update that discusses this feature in more depth and provides the current target dates for arrival on a grid near you.

 

We have been using it for about a month at Mimecast (yes, we drink our own Champagne!), and the response has been very strong.

 

Check out some of Matthew's other Mimecaster Central posts:

 

New Capabilities in URL Protect and Impersonation Protect 

New Threat Research from Mimecast: The ROPEMAKER Exploit 

Get Your Threat Data Here! 

After the first and successful "test run" of our AMA (Ask Mimecast Anything), we decided to make this a regular thing!

 

When: Thursday, October 19th, 11am-12pm Eastern Time (4-5pm, UK) 

Add to Calendar

 

Where: The Mimecaster Central Community Forums (a dedicated thread will be displayed at the top of the Forums for your convenience, beginning earlier that week)

 

Who: Director of Product Management Steven Malone will be leading the answers, along with other members of the Mimecast team

 

What the heck is an AMA?: You may have seen these on such platforms as Reddit. Our AMA will give you an opportunity to speak with members of the Mimecast Product and Service Delivery teams, provide feedback, and have all your questions answered! We’ll do our best to answer all questions during the time allotted, and provide insight on product plans that have been finalized.  

 

See you October 19th in Mimecaster Central for our next Ask Mimecast Anything!

Matthew Gardiner is a Senior Product Marketing Manager at Mimecast and is currently focused on email security, phishing, malware, and cloud security.

 

It is no secret that attackers are not stopping their innovative push in pursuit of their goals: money, politics, fame...take your pick. And if anything, email as an attack vector is becoming more popular. What other "attack platform" provides the reach, low cost, and flexibility of email

 

Security customers of Mimecast can rest assured that we are not resting in our drive to clamp down on email-borne attacks. I want to highlight three recent advances that you can configure and deploy right now, depending on which Mimecast grid you're hosted:

 

  • Impersonation Protect - Policy Changes: Provides greater flexibility (block/hold/warn/bypass) in the resulting actions, depending on the specific indicators of spoofing found in a given email.
  • Impersonation Protect - Custom Targeted Threat Dictionary: Have you ever wanted to add your own keywords to complement the Mimecast managed threat dictionary? Now you can. If you have key business processes, projects, or sensitive data that attackers seek and could potentially ask for by name, you can add those to your organization's own threat dictionary, and have Impersonation Protect hunt for them in email messages.
  • URL Protect - Links in Attachments: In the category of "attackers will try and get into your organization anyway that they can," I am happy to report that URL Protect will now inspect links in attachments in much the same way that it inspects links in the body of an email. This capability, combined with the sandboxing service in Attachment Protect, provides a world-class defense against malicious attachments.

 

Check out some of Matthew's other Mimecaster Central posts:

 

New Threat Research from Mimecast: The ROPEMAKER Exploit 

Get Your Threat Data Here! 

Using DNS Authentication to Defend Against Impersonation Attacks 

Matthew Gardiner is a Senior Product Marketing Manager at Mimecast and is currently focused on email security, phishing, malware, and cloud security.

 

It is probably not news to anyone that attackers are very creative and look to fool users in an organization, any way they can, into releasing information or taking actions that they shouldn’t. 

 

Along these lines, it has come to our attention that certain email communications purported to be coming from Mimecast are being sent to select organizations.

 

As a warning, we have pushed a short communication to all Mimecast administrators via the Mimecast Administration Console (copied below). Rest assured that Mimecast security services are addressing this attack, and we will continue to monitor this threat and make any defensive changes as needed.

 

For any application, including your Mimecast services, one important security control that can help mitigate login or credential loss related risks is the use of multi-factor authentication for your admins and end-users. This blog and the associated KB article provides more information on how to configure multi-factor authentication for your Mimecast administrators and end-users.

 

Of course, the overriding lesson here, as in all situations, is to never to click a link in a suspicious-looking email. And any email which asks for information which is personal, including but not limited to a login or a password, should be considered suspicious. 

 

Notice Recently Published in the Mimecast Admin Console:

 

Please remember that Mimecast will never send an advisory that requires your staff to provide personal information or login details. Any unsolicited email message which asks you to provide this information by entering it into a purported Mimecast Administrative or User application is illegitimate. Be suspicious, and if you receive such a message or have any questions about the authenticity of such a communication, please raise a case with Mimecast Support. We also suggest that you review our Enhanced Security Options for more detail on securing your account.

David Hood is the Director of Technical Marketing focused on Office 365, continuity, and the Mimecast API. A Mimecaster since 2015, he’s a frequent speaker and commentator on cloud collaboration.

 

Mimecast is pleased to announce new data loss prevention (DLP) capabilities to help US healthcare organizations meet HIPAA guidelines.

 

The Mimecast US Healthcare Pack is managed DLP content to scan, identify, and take action on emails containing protected health information (PHI). Let’s look more in depth at the US Healthcare Pack and how it can help your organization:

 

  • Requires a customer to use Mimecast for gateway services. This includes any of the M, S or D product bundles, as well as legacy UEM products.
  • Managed DLP content is available out-of-the-box and can be enabled for all email addresses quickly and easily. If necessary, the managed content can be extended with additional policies to address organizational-specific requirements.
  • To identify PHI, Mimecast will scan attachments and the email body for the presence of:
    • Names
    • Social security numbers
    • ICD-10 codes
    • FDA drug name
    • Driver’s license numbers
    • Claim numbers
    • ...and more
  • Mimecast will update the managed DLP content to remain current with underlying sources. Some sources will be updated on a weekly basis, while others less frequently. Importantly, as a cloud service, these updates are available immediately to the organization, without administrative actions.

 

If PHI is found in email, there are a number of actions that the organization can take. Administrators can:

 

  • Reject the message
  • Encrypt (this can be done with TLS or be used in tandem with Mimecast Secure Messaging)
  • Hold the message for review
  • Convert the file
  • Remove emails with PHI content from internal mailboxes (if the organization uses Mimecast Internal Email Protect and the US Healthcare Pack)

 

According to the 2017 Verizon Data Breach Report, healthcare is the second most breached industry behind financial services. A big difference is that in healthcare, employees are the predominant reason for a breach. Unfortunately, with highly sensitive PHI data, any employee mistake can have far-reaching consequences. For example, a busy, well-intentioned staff member can carelessly attach a file with PHI to an email.

 

While less frequent, malicious employees with access to PHI have emailed thousands of patient records to a personal email address. In both cases, the Mimecast US Healthcare Pack will help identify and stop this mail before it leaves the organization.

 

Interested in learning more? Visit the Mimecast Knowledge Base for more information on the US Healthcare Pack.

You may notice a refreshed look to Mimecaster Central upon your latest visit:

 

 

Search

 

We've eliminated the search bar in the center of the page to streamline the search experience with the existing "magnifying glass" at top-right. A note indicating "community search has moved" will be displayed for the next couple of weeks pointing to the updated search experience here.

 

Alternatively, community members who want to just search Knowledge Base (KB) resources only can do so by navigating to the KB first.

 

New Community Members

 

We've heard a lot of feedback that our community is a big, useful site...once you figure out how to use it.

 

We didn't think that "figuring out how to use the site" should even be a "thing," so we've added four new "actions" to take from the homepage, featuring some of the most important functionality you can use from within the community, from Asking a Question in our Community Forums to Searching our Knowledge Base for the article you need to get your job done.

 

As part of these four "actions" is a brand-new guide for all New Users, highlighting 10 steps to take to ensure Legendary Customer Success within Mimecaster Central. Get to know these important pieces of the site!

 

Returning Community Members

 

And we know that everyone returning to the site needs a reason to sometime visit the homepage, the "Hub" of everything trending community-wide.

 

So, with some added real estate, upon logging in, the same dynamic "top and trending" latest community discussions you've already enjoyed will now be moved even further up on our homepage. Additionally, a rotating carousel on the right-hand side displays must-know information and featured highlights from around the community, along with a list of must-follow profiles of "Legends"!

 

 

 

We have previously enhanced our navigation in Mimecaster Central, and we'll continue to make enhancements as our community grows. In other words, our work in delivering Legendary Customer Success is never over! 

 

Happy Navigating across the community

Bill Holmberg is an IT Director who first got involved in computing when he created an Altair from a kit, shortly after making his first digital multimeter while attending an electronics institute. As a musician then, he co‐created a lot of artwork for printing companies for venues, bands, and agencies, as well as helped with studio recording installations and fine-tuning.

 

Being already addled by the rock and roll scene of the 80s, it was an easy transition to IT consulting, as he knew 1% more than anyone around him in business environments!

 

From IT consultant to employee, in various industries and roles, the journey would take Bill from being a SCO UNIX administrator to an Apple Evangelist under Guy Kawasaki. He started AlphaBetas to test Macintosh games for MacSoft, and was involved in hundreds of applications, even playing music and doing voiceovers. Bill installed and configured the first SAN for C.H. Robinson, and has been a director at several companies since.

 

Could you describe your role in your company, and how Mimecast helps you with your daily work?

 

As the IT Director of an SMB in the transportation world, I wear many hats. I create and manage servers in a VMWare environment, backups with VEEAM, and hosted exchange email with a Mimecast filtering service.

 

I oversee development of a mostly SQL environment to automate the fleet and digitally transform the company, while creating training and security awareness for our users. I try to help shape the technology future by sharing my corporate vision with management and teasing the business requirements from them.

 

Mimecast plays a crucial role in my success. I have used it to not only drastically reduce my incoming spam and malware (which let’s face it, makes me look heroic!), but also to end a vicious cycle of blacklisting due to past configuration errors and the unfortunate spam filtering choice my predecessors had in place. I have also had to use it for litigation hold reasons and termination investigations.

 

Best piece of advice/helpful pointers for one of your peers just starting off with our services?

 

Take the training: It’s free, comprehensive, and great. You will configure your own setup while going through it, and Peter, the instructor, is very knowledgeable and approachable, and wants you to be successful.

 

Also, use the reports! You will be pleasantly surprised at how well upper management receives the new data from these, and they look great! Easy-to-understand graphs that appeal to c‐levels.

 

Favorite feature of Mimecast products you couldn’t live without, or that’s been a lifesaver for you and your organization?

 

While I am still on my journey to fully utilizing the vast suite of products available, the obvious spam filtering advantage is huge. My users get thousands of fewer emails each month, and it’s freed up tremendous amounts of hours.

 

The ability to search the archives for recent legal issues has been huge, as has the ability to show customers that their supposedly sent emails never reached us, or that we did in fact send to them, but they were refused by their servers.

 

Favorite movie?

 

I’ve been a huge comics fan since childhood. Any Batman movie I will watch at any time, as well as the Marvel and DC universe stuff. I also love many classics: The African Queen comes to mind, as well as The Scarlet Pimpernel.

 

Food?


Sushi, steak, brisket, eggs with biscuits and gravy, cheese fondue, various Asian, pizza…if it’s edible, I probably like it. 

 

Musician?

 

As a musician myself, I am influenced by so many that I don’t have one favorite there, either: Paul Simon, Norah Jones, Sugarloaf; Blackmore, Bolin, and Knopfler; Steely Dan, Bob Marley…I’m all over the place. Love that 80s stuff, though.

 

What keeps you busy off the clock?


I still play and am recording some. Additionally, my wife and I enjoy dining out and in.

 

Favorite “geek”‐out thing?


My oldest son has a TeamSpeak server that we meet on regularly to talk and play video games with each other (mostly Steam games), and his two brothers and sister. I’m still a video game addict at heart.

 

Others in the series:

 

Legends of Mimecast: A Q&A with David Ignash

Legends of Mimecast: A Q&A with Dawn Cronin 

Legends of Mimecast: A Q&A with Les Bessant 

Legends of Mimecast: A Q&A with CEO Peter Bauer 

Legends of Mimecast: A Q&A with Onyi Ejiasa

Legends of Mimecast: A Q&A with Johan Dreyer

Mother Nature has a tendency to render anything and anyone powerless in its wrath -- even our businesses aren't immune. And there's no bigger manifestation of this than the hurricane, where heavy, swirling winds and flooding can wreak havoc on entire communities in its path.

 

As of this morning, residents in Texas in the United States are bracing for this potential worst, as Hurricane Harvey, a strong Category 2 storm with maximum sustained winds of 105 MPH, inches closer to the coast. When it makes landfall late this evening and into the early hours of Saturday morning, it is expected to be Category 3. 

 

As a result, many companies in the storm's path are already bracing their employees and organizations for the worst with business continuity plans being rolled into place. 

 

Mimecast too offers continuity guidelines for administrators to plan and provide end users with continuity of email services -- and peace of mind -- during an infrastructure outage or disaster recovery event such as Hurricane Harvey. With our Continuity Best Practice and Mimecast Continuity Planning Manual documents, you'll be able to plan for any outage before it even takes place, reducing the amount of administration required when the hurricane is in full swing. 

 

So remember to get you and your loved ones to safety first and foremost, but at the same time, plan ahead for your business and your end users. 

 

Weather the storm now with our business continuity planning materials (and be sure to print out physical copies to keep handy):

Continuity Best Practice 

Mimecast Continuity Planning Manual 

Matthew Gardiner is a Senior Product Marketing Manager at Mimecast and is currently focused on email security, phishing, malware, and cloud security.

 

How do you get ahead of cyber attackers? For the most part, security defenders, such as Mimecast, spend a lot of time reacting to the latest tools and techniques used by cybercriminals. In fencing terms, they lunge, and we parry on behalf of our customers. And then sometime later they lunge again...and we parry again. 

 

With a network of tens of thousands of customers and billions of emails a month, we see a lot of stuff. One time it is a new flavor of ransomware sent as an attachment, and the next it is a malicious URL meant to harvest your users' credentials. And 'round and 'round it goes..and goes.

 

However, anyone who follows hockey knows that one of the best techniques to win is to skate to where the puck is going and not to where it currently is. In the context of security, that means continuously conducting, periodically reporting on, and quickly updating defenses based on threat research that is ahead of the attackers. Now we lunge and they parry (perhaps). Today, we have done just that.

 

Read about the newly disclosed ROPEMAKER email exploit that Mimecast has just brought public via this blog and the associated deep-dive paper

 

You can also learn more about the security control we have added to TTP - URL Protect to help defend against an attack that might try and leverage this technique.

 

I encourage your questions and comments!

We've just added (and renamed) a couple of new point 'levels' as part of Mimecaster Central's gamification/points program! 

 

The background here: We thought it was a big jump to go from 15,000 points to the next level of 200,000, so the 50,000 and 100,000 levels were added to reflect this gap. Additionally, seeing that Mimecaster was a lofty goal of 500,000, that threshold has been reduced to 400,000.

 

Here's a preview of these new point levels (old on the left -> new on the right):

 

 

As always, you can see your missions earned, level status, and more in the Reputation tab of your community profile. Remember, too, that these points can be used toward cool rewards

 

We anticipate some special rewards (hint, hint) outside of the Points and Rewards store as folks get into the upper echelons of our Points program, too.

 

But keep in mind that these special rewards won't go to just anyone: As part of our efforts to raise the bar (and competition!) of quality contributions to fellow Mimecast community members, we'll always take into account the individual users' contributions if they reach our highest levels.

 

For example, if a user's contributions are just "following" every user's profile and "liking" each piece of content, that won't hold as much weight as, say, combining "liking" content with valuable activities like providing a solution in the Forums to a fellow community member. To that point, too, we have daily caps in place for "liking" content and other easier-to-reach activities. 

 

Enjoy these new point levels...and the healthy competition. Who knows? You may just be next on our Monthly Leaderboards in the Community Forums