Internal Email Protect extends the capabilities of Targeted Threat Protection, by conducting additional security checks on both internal journaled and outbound email. Benefits include:
- Detecting malicious attachments and links.
- Applying Data Loss Prevention (DLP) policies to control information sharing.
- If unsafe / suspicious content is found, either:
- Removing malicious attachments or messages from a user's mailbox.
- Notifying another user / administrator.
- Provides protection across all devices, including smartphones and tablets, whether they're provided directly by the employer or not.
To use Internal Email Protect, perform the following tasks in the following order:
- Configure cloud synchronization.
- Create a server connection.
- Create your policies
- Configure your journaling
Configuring Cloud Synchronization
Configure cloud synchronization, by creating impersonation rights to your organization's mailbox. Impersonation rights are used where a single email account needs to access many mailboxes. With Internal Email Protect, it allows end user mailbox actions to remove messages or attachments. The configuration process differs according to your Exchange type.
- For Office 365, see the Creating an Office 365 Association page.
- For On Premise Exchanges, see the Configuring Application Impersonation page and follow the instructions for your Exchange version. You must provide Mimecast with the mailbox credentials you choose to grant this permission to.
Creating a Server Connection
Create a server connection between Mimecast and your mailbox server. This enables end users to make use of Internal Email Protect user mailbox actions (e.g. removing messages from their mailbox that are found to be unsafe). See the Managing Server Connections page for full details.
Creating Your Policies
Ensure you're protecting all incoming, outbound, and internal messages, by creating at least one of each of the following policies:
|URL Protection Definition / Policies||These provide protection from messages being sent or received, that contain URLs to targeted attacks and spear phishing attempts. They also protect you from good websites turning bad and delayed exploits. URL Protect is managed centrally, allowing rapid deployment without using any additional infrastructure, and allows administrators to monitor / report on user activity.|
|Attachment Protection Definition / Policies||These provide protection from messages being sent or received with attachments containing malware, malicious macros, and other exploits. It also detects and removes potentially malicious attachments from inbound messages (e.g. PDF, Microsoft Office files) using static file analysis and sandboxing.|
|Content Examination Definition / Policies||These analyze the content of messages, looking for matches you provide. It sets the conditions under which a message is considered safe, and what action should be taken if it isn't.|
Configuring Your Journaling
Configure your Journaling to add your organization's internal email communication to the Mimecast Archive. This is required because Internal Email Protect scans journaled emails and matches configured policies based on the journaled mail.