This document provides an agenda for a Mimecast company introduction presentation. The presentation will cover Mimecast's email security and archiving software-as-a-service, including its unified email management platform, continuity capabilities, compliance features, and customer case studies. Mimecast's solution aims to reduce costs and complexity for email management while providing security, archiving, e-discovery and other email functions through a single cloud-based platform.
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFiDataWorks Summit
Cybersecurity requires an organization to collect data, analyze it, and alert on cyber anomalies in near real-time. This is a challenging endeavor when considering the variety of data sources which need to be collected and analyzed. Everything from application logs, network events, authentications systems, IOT devices, business events, cloud service logs, and more need to be taken into consideration. In addition, multiple data formats need to be transformed and conformed to be understood by both humans and ML/AI algorithms.
To solve this problem, the Aetna Global Security team developed the Unified Data Platform based on Apache NiFi, which allows them to remain agile and adapt to new security threats and the onboarding of new technologies in the Aetna environment. The platform currently has over 60 different data flows with 95% doing real-time ETL and handles over 20 billion events per day. In this session learn from Aetna’s experience building an edge to AI high-speed data pipeline with Apache NiFi.
This webinar describes how you can manage the risk of privileged accounts being compromised, creating a breach of sensitive data or other assets in your organization, through privileged access management, or PAM. PAM can reduce risks by hardening your environment in ways no other solution can, but is challenging to deploy. This webinar provides an unbiased perspective on PAM capabilities, lessons learned and deployment challenges, distilling the good practices you need to be successful. It covers:
- PAM definitions, core features and specific security and compliance drivers
- The PAM market landscape and major vendors
- How to integrate PAM with identity management, service ticketing and monitoring
- Avoiding availability and performance issues
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFiDataWorks Summit
Cybersecurity requires an organization to collect data, analyze it, and alert on cyber anomalies in near real-time. This is a challenging endeavor when considering the variety of data sources which need to be collected and analyzed. Everything from application logs, network events, authentications systems, IOT devices, business events, cloud service logs, and more need to be taken into consideration. In addition, multiple data formats need to be transformed and conformed to be understood by both humans and ML/AI algorithms.
To solve this problem, the Aetna Global Security team developed the Unified Data Platform based on Apache NiFi, which allows them to remain agile and adapt to new security threats and the onboarding of new technologies in the Aetna environment. The platform currently has over 60 different data flows with 95% doing real-time ETL and handles over 20 billion events per day. In this session learn from Aetna’s experience building an edge to AI high-speed data pipeline with Apache NiFi.
This webinar describes how you can manage the risk of privileged accounts being compromised, creating a breach of sensitive data or other assets in your organization, through privileged access management, or PAM. PAM can reduce risks by hardening your environment in ways no other solution can, but is challenging to deploy. This webinar provides an unbiased perspective on PAM capabilities, lessons learned and deployment challenges, distilling the good practices you need to be successful. It covers:
- PAM definitions, core features and specific security and compliance drivers
- The PAM market landscape and major vendors
- How to integrate PAM with identity management, service ticketing and monitoring
- Avoiding availability and performance issues
Despite the amazing technologies available today in cybersecurity, organizations still struggle with the most fundamental challenge that has been around for decades: understanding all the devices, users, and cloud services they’re responsible for, and whether those assets are secure.
These slides—based on the webinar hosted by leading IT research firm EMA and Axonius—explain why solving asset management for cybersecurity is becoming increasingly important, and why something so fundamental has quickly risen to the top of CISOs priority lists.
Extended Detection and Response (XDR)An Overhyped Product Category With Ulti...Raffael Marty
Extended Detection and Response, or XDR for short, is one of the acronyms that are increasingly used by cybersecurity vendors to explain their approach to solving the cyber security problem. We have been spending trillions of dollars on approaches to secure our systems and data, with what success? Cybersecurity is still one of the biggest and most challenging areas that companies, small and large, are dealing with. XDR is another approach driven by security vendors to solve this problem. The challenge is that every vendor defines XDR slightly differently and makes it fit their own “challenge du jour” for marketing and selling their products.
In this presentation we will demystify the XDR acronym and put a working model behind it. Together, we will explore why XDR is a fabulous concept, but also discover that it’s nothing revolutionarily new. With an MSP lens, we will explore what the XDR benefits are for small and medium businesses and what it means to the security strategy of both MSPs and their clients. The audience will leave with a clear understanding of what XDR is, how the technology matters to them, and how XDR will ultimately help them secure their customers and enable trusted commerce.
Cloud-Enabled: The Future of Endpoint SecurityCrowdStrike
As the cost and complexity of deploying and maintaining on-premises security continues to rise, many endpoint security providers have embraced the cloud as the ideal way to deliver their solutions. Yet, incorporating cloud services into legacy architectures limits their ability to fully engage the tremendous power the cloud offers.
CrowdStrike Falcon recognized the value of cloud-delivery from the beginning, developing architecture built from the ground up to take full advantage of the cloud. CrowdStrike’s cloud-powered endpoint security not only ensures rapid deployment and infinite scalability, it increases your security posture by enabling real-time advanced threat protection across even the largest, distributed enterprises.
In this CrowdCast, Jackie Castelli, Sr. Product Manager will discuss:
•The advantages of endpoint protection purpose-built for the cloud – why it allows you to take full advantage of the cloud’s power
•The common concerns organizations face when evaluating cloud-based endpoint security - can privacy and control be assured?
•Real-world examples demonstrating the unique advantages offered by CrowdStrike Falcon’s innovative cloud-powered platform
Cloud Security is critical to Data Security and Application Resilience against CyberAttacks. This talk looks at Security Best Practices that need to be practised.
This talk was presented at AWS Community Day Bengaluru 2019 by Amar Prusty, Cloud-Data Center Consultant Architect, DXC Technology
Microsoft 365 provides holistic security across these four aspects of security.
By helping enterprise businesses secure corporate data and manage risk in today’s mobile-first, cloud-first world Microsoft 365 enables customers to digitally transform by unifying user productivity and enterprise security tools into a single suite that enables the modern workplace.
Identity & Access Mgmt
Secure identities to reach zero trust
Threat Protection
Help stop damaging attacks with integrated and automated security
Information Protection
Protect sensitive information anywhere it lives
Security Management
Strengthen your security posture with insights and guidance
Employee Awareness in Cyber Security - KloudlearnKloudLearn
The goal of employee awareness in cybersecurity is to make employees aware of the procedures, policies, guidelines, and practices for configuring, managing, and executing cybersecurity in the organization.
Data loss is considered by security experts to be one of the most serious threats that businesses currently face.
Maintaining the confidentiality of personal information and data is an essential factor in operating a successful business. People must be able to trust that their service provider takes the appropriate measures to implement security controls that will ultimately protect their privacy.
However, some of the largest and most reputable organizations have fallen victim to data loss security breaches resulting in significant legal, financial, and reputation loss, including [1]:
The Bank of America: Losing the personal employee information of over one million employees
The United States Government: Losing data related to the military
Heartland Payment Systems: Transferring credit card information and other personal records of over 130 million customers
In 2013, it was estimated that data breaches had resulted in the exploitation of over 800 million personal records [2]. This number is also expected to rise over the next several years given the advanced tools that cybercriminals use to steal information and data.
Interestingly, it is not just cybercriminals who represent a threat as:
64% of data loss is caused by well-meaning insiders.
50% of employees leave with data.
$3.5 million average cost of a security breach.
Considering these extensive data breaches, it is practical for organizations to understand where their critical data is located and understanding current security controls that can stop data loss.
Data Loss Prevention (DLP) solutions locate critical and personal data for organizations and help prevent data loss. By having a deeper understanding of efficient DLP security controls, you will help protect the reputation of your organization.
For more information contact: rkopaee@riskview.ca
https://www.threatview.ca
http://www.riskview.ca
Overview of Data Loss Prevention Policies in Office 365Dock 365
Presentation about identifying, monitoring, and automatically protect sensitive information across Office 365.
With a DLP Policy, you can:
- Identify sensitive information across many locations, such as SharePoint Online and OneDrive for Business.
- Prevent the accidental sharing of sensitive information.
- Monitor and protect sensitive information in the desktop versions of Excel 2016, PowerPoint 2016, and Word 2016.
- Help users learn how to stay compliant without interrupting their workflow.
- View DLP reports showing content that matches your organization's DLP policies.
Visit www.mydock365.com to learn more about SharePoint with Dock.
Boosting the Customer Experience: The New Admin Console for MimecastMimecast
At Mimecast, delivering the best customer experience is at the heart of everything we do. Whether before becoming a customer or when using our services, our mission is to meet and exceed customers’ needs and make the experience easy and enjoyable.
The Mimecast Administration Console allows customers to manage all aspects of their Mimecast service from a single web-based console, including security, Targeted Threat Protection, Archiving and Mailbox Continuity. It underpins the simple, fast and effective email risk management we deliver to our customers. That’s why I’m thrilled to announce the general availability of the first of a series of improvements we are making to our Administration Console.
Despite the amazing technologies available today in cybersecurity, organizations still struggle with the most fundamental challenge that has been around for decades: understanding all the devices, users, and cloud services they’re responsible for, and whether those assets are secure.
These slides—based on the webinar hosted by leading IT research firm EMA and Axonius—explain why solving asset management for cybersecurity is becoming increasingly important, and why something so fundamental has quickly risen to the top of CISOs priority lists.
Extended Detection and Response (XDR)An Overhyped Product Category With Ulti...Raffael Marty
Extended Detection and Response, or XDR for short, is one of the acronyms that are increasingly used by cybersecurity vendors to explain their approach to solving the cyber security problem. We have been spending trillions of dollars on approaches to secure our systems and data, with what success? Cybersecurity is still one of the biggest and most challenging areas that companies, small and large, are dealing with. XDR is another approach driven by security vendors to solve this problem. The challenge is that every vendor defines XDR slightly differently and makes it fit their own “challenge du jour” for marketing and selling their products.
In this presentation we will demystify the XDR acronym and put a working model behind it. Together, we will explore why XDR is a fabulous concept, but also discover that it’s nothing revolutionarily new. With an MSP lens, we will explore what the XDR benefits are for small and medium businesses and what it means to the security strategy of both MSPs and their clients. The audience will leave with a clear understanding of what XDR is, how the technology matters to them, and how XDR will ultimately help them secure their customers and enable trusted commerce.
Cloud-Enabled: The Future of Endpoint SecurityCrowdStrike
As the cost and complexity of deploying and maintaining on-premises security continues to rise, many endpoint security providers have embraced the cloud as the ideal way to deliver their solutions. Yet, incorporating cloud services into legacy architectures limits their ability to fully engage the tremendous power the cloud offers.
CrowdStrike Falcon recognized the value of cloud-delivery from the beginning, developing architecture built from the ground up to take full advantage of the cloud. CrowdStrike’s cloud-powered endpoint security not only ensures rapid deployment and infinite scalability, it increases your security posture by enabling real-time advanced threat protection across even the largest, distributed enterprises.
In this CrowdCast, Jackie Castelli, Sr. Product Manager will discuss:
•The advantages of endpoint protection purpose-built for the cloud – why it allows you to take full advantage of the cloud’s power
•The common concerns organizations face when evaluating cloud-based endpoint security - can privacy and control be assured?
•Real-world examples demonstrating the unique advantages offered by CrowdStrike Falcon’s innovative cloud-powered platform
Cloud Security is critical to Data Security and Application Resilience against CyberAttacks. This talk looks at Security Best Practices that need to be practised.
This talk was presented at AWS Community Day Bengaluru 2019 by Amar Prusty, Cloud-Data Center Consultant Architect, DXC Technology
Microsoft 365 provides holistic security across these four aspects of security.
By helping enterprise businesses secure corporate data and manage risk in today’s mobile-first, cloud-first world Microsoft 365 enables customers to digitally transform by unifying user productivity and enterprise security tools into a single suite that enables the modern workplace.
Identity & Access Mgmt
Secure identities to reach zero trust
Threat Protection
Help stop damaging attacks with integrated and automated security
Information Protection
Protect sensitive information anywhere it lives
Security Management
Strengthen your security posture with insights and guidance
Employee Awareness in Cyber Security - KloudlearnKloudLearn
The goal of employee awareness in cybersecurity is to make employees aware of the procedures, policies, guidelines, and practices for configuring, managing, and executing cybersecurity in the organization.
Data loss is considered by security experts to be one of the most serious threats that businesses currently face.
Maintaining the confidentiality of personal information and data is an essential factor in operating a successful business. People must be able to trust that their service provider takes the appropriate measures to implement security controls that will ultimately protect their privacy.
However, some of the largest and most reputable organizations have fallen victim to data loss security breaches resulting in significant legal, financial, and reputation loss, including [1]:
The Bank of America: Losing the personal employee information of over one million employees
The United States Government: Losing data related to the military
Heartland Payment Systems: Transferring credit card information and other personal records of over 130 million customers
In 2013, it was estimated that data breaches had resulted in the exploitation of over 800 million personal records [2]. This number is also expected to rise over the next several years given the advanced tools that cybercriminals use to steal information and data.
Interestingly, it is not just cybercriminals who represent a threat as:
64% of data loss is caused by well-meaning insiders.
50% of employees leave with data.
$3.5 million average cost of a security breach.
Considering these extensive data breaches, it is practical for organizations to understand where their critical data is located and understanding current security controls that can stop data loss.
Data Loss Prevention (DLP) solutions locate critical and personal data for organizations and help prevent data loss. By having a deeper understanding of efficient DLP security controls, you will help protect the reputation of your organization.
For more information contact: rkopaee@riskview.ca
https://www.threatview.ca
http://www.riskview.ca
Overview of Data Loss Prevention Policies in Office 365Dock 365
Presentation about identifying, monitoring, and automatically protect sensitive information across Office 365.
With a DLP Policy, you can:
- Identify sensitive information across many locations, such as SharePoint Online and OneDrive for Business.
- Prevent the accidental sharing of sensitive information.
- Monitor and protect sensitive information in the desktop versions of Excel 2016, PowerPoint 2016, and Word 2016.
- Help users learn how to stay compliant without interrupting their workflow.
- View DLP reports showing content that matches your organization's DLP policies.
Visit www.mydock365.com to learn more about SharePoint with Dock.
Boosting the Customer Experience: The New Admin Console for MimecastMimecast
At Mimecast, delivering the best customer experience is at the heart of everything we do. Whether before becoming a customer or when using our services, our mission is to meet and exceed customers’ needs and make the experience easy and enjoyable.
The Mimecast Administration Console allows customers to manage all aspects of their Mimecast service from a single web-based console, including security, Targeted Threat Protection, Archiving and Mailbox Continuity. It underpins the simple, fast and effective email risk management we deliver to our customers. That’s why I’m thrilled to announce the general availability of the first of a series of improvements we are making to our Administration Console.
To commemorate the 20th anniversary of MIME - the first standardized email attachment – one of MIME’s inventors Dr. Nathaniel Borenstein (who is also Mimecast’s Chief Scientist) presented at Applied Communication Sciences, in Piscataway, New Jersey on the 5th March.
Also make sure you visit our Facebook Page (http://www.facebook.com/Mimecast) as we will soon post the video of the Telephone Chords barbershop quartet recreating the first attachment sent!
Webinar - Which Email Archiving Strategy is Right for Your Business?Vaultastic
Regardless of what email solution you use, it is vital to have an email archiving strategy to keep this information available for Ready References (E-Discovery), meet Regulatory Compliance, Manage Mail Store, and ensure Data Security against accidental loss or malicious deletion.
But, what is the best strategy for Email Archival?
● Is subscribing to a Cloud Mail Service with Unlimited Storage enough?
● Do you need a Captive in-House archival system to ensure Privacy?
● Are there ways to ensure Greater Control and Privacy on the Cloud?
● Do you need to move your in-House email set-up to the Cloud in order to Subscribe to a Cloud Archival service?
● What are the Business Benefits of moving to the Cloud?
Mithi Software, an award-winning company, distinguishes itself in providing Cloud Email, Collaboration, and Archiving Solutions, which help substantially lower costs & improve productivity. Its software has been adopted by organizations of all sizes and spread across many enterprise segments such as healthcare, R&D establishments, financial services, education, government, BPOs, software, defense, manufacturing, banks, NGOs, Agro-industries, logistics, media, Internet Service Providers, infrastructure, retail, energy & power, transportation etc. Learn more: https://www.mithi.com/
Delivering Modern Data Protection for VMware EnvironmentsPaula Koziol
In this data-centric, always on world your data protection solutions need to keep up, especially for hybrid, multi-cloud VMware environments. Learn strategies to help you modernize your approach with solutions for data protection, copy data management and data re-use. Discover how to build in cyber resiliency, reduce storage OpEx and CapEx, leverage flexible multi-tier targets, and simplify, automate and orchestrate the copy-data life-cycle. One solution that will be highlighted is IBM Spectrum Protect Plus, a software-defined storage solution that provides near-instant recovery, replication, retention, and reuse for VMs, databases, and applications in hybrid multicloud environments. It is easily deployed as a virtual appliance and the agentless architecture is easy to maintain.
Presented at Boston VMUG UserCon on Sept. 25, 2019 by:
Steve Kenniston, Global Business Development Executive, IBM Storage
Steve.Kenniston@ibm.com
RapidScale is an industry-leading company in the delivery, design, and support of Microsoft Exchange. Our Service Level Agreement on CloudMail is 100% uptime and all support is U.S. based as we take pride in providing world-class service.
Microsoft Exchange introduces built-in integrated email archiving, retention, and discovery capabilities that save costs and simplify the process of preserving business communications. RapidScale’s Hosted Exchange solution delivers on the capabilities demanded by mobile workforces. Access your business email, calendar and contacts on your desktop, laptop, smartphone, and Web browser so it can always go where you go. With Exchange, you will remain in control of your solution by tailoring it to your specific needs and ensuring that your communications are always available.
Microsoft Exchange 2010 combines built in anti-spam and encryption technologies with an advanced anti-virus infrastructure for efficient management of a wide range of security threats. You will see a high standard of physical and digital security for your data as it receives reliable monitoring and support from our team.
We guarantee 24x7x365 uptime and provide 100% US-based support to our clients. Our Cloud Engineers and Sr. Cloud Consultants are all internal employees and are dedicated to providing you with first-class support. You will have a dedicated Sr. Cloud Consultant to oversee your account specifically and assist with the transition.
Outlook Web App in Microsoft Exchange helps users be more efficient and productive across platforms and locations by giving them access to email, voice mail, instant messaging, SMS text messages, and more inside all popular browsers. Reduce complexity for your users and instead, offer secure access for multiple approved applications.
Our pay-as-you go plan is affordable and will help to remove the budgeting burden as well as hardware acquisition costs. Benefit from the latest version of Microsoft Exchange, and receive the latest software and security updates. With CloudMail, you will save short- and long-term costs while receiving superior support. This is how RapidScale’s CloudMail differs from its competitors.
While email is critical to your business, managing your Exchange server in-house can be expensive, time consuming, and full of hassles. Working with an external service provider can help you eliminate those headaches and take advantage of the full functionality of your Microsoft Hosted Exchange server.
Our CloudMail product set is built on our high performance fully redundant physical hardware platform just like the rest of our products sets. Uniformity between hardware and data centers ensures consistency across the board, eliminating the possibility of asymmetrical performance and simplifying diagnostics. For storage, we run NetApp controllers and storage shelves, Cisco UCS blade chassis for compute, and Cisco Nexus routers for core routing.
Mimecast were founded in 2002 and spent the first couple of years heavily investing in research and development. Mimecast’s original founders are still at the helm of the company focusing the companies efforts on the company’s original goal – to provide a comprehensive Software-as-a-Service offering to solve all customer issues to do with e-mail. Mimecast is funded by private angel funders rather than venture capitalists, this allows Mimecast to focus on long-term scalability and services for its customers rather than being run to be acquired or go public. Mimecast is headquartered in London with offices in North America, South Africa and off-shore in the Cayman Islands. Mimecast maintains local infrastructure in all its locations and provides local timezone support. Mimecast was designed with scalability and performance in mind, the aim was to provide the scalability and redundancy of a carrier network with LAN-like performance. Every single day, Mimecast removes spam, rejects malware and archives millions of e-mails for thousands of customers. Mimecast focuses on e-mail and e-mail only. The aim of Mimecast since its inception has been to provide an end-to-end solution for all customer issues relating to e-mail – no matter how difficult they are to build and implement. Many other anti-virus and anti-spam vendors moved on to easier ways to make money such as Instant Messenging and Web filtering. Mimecast, in contrast, chose to build solutions for continuity, e-mail storage management, content filtration, directory harvest protection, data leak provention, e-mail branding and compliance – all from one platform, with one price and no hardware or software. Mimecast offers a comprehensive solution ‘in-the-cloud’ with the flexibility and configurability of local software. As a result Mimecast has customers in almost all vertical market segments. Mimecast is particularly strong in professional services, with over 35% of the top 100 law firms in the UK using our service. As you can imagine, lawyers are some of the most demanding customers in terms of due diligence and scrutiny of service level agreements. Mimecast maintains the world’s largest on-line archiver of e-mail, providing our customers with 24 x 7 access to their historical e-mail via the the Web or natively within Microsoft Outlook. E-mail is a changing environment, with new legislation to comply with, new ways of access the data and ever changing usage profiles. Mimecast constantly adds new features every quarter, rolled out free of charge to Mimecast’s existing customers. By buying Mimecast you not only solve your current issues, but you future proof yourself by already having a solution to solve issues you don’t even know you have yet. Mimecast’s simple one cost pricing module allows you to take the service and roll out the various unified features as you need them, with no additional cost.
Mimecast provides organisations with every possible e-mail service apart from actually hosting the e-mail server itself. This frees an organisation from the burden of managing potentially dozens of disparate solutions, each with their own platform to update and patch, each with their own management interface to configure policy, users, groups and report from. Mimecast aims to solve all an organisation’s issues related to e-mail both now and in the future. Unlike Managed Service providers who OEM products from third parties and tie them together, Mimecast is based on custom built software components designed to work together in a cohesive manner. Due to this, Mimecast maintains strong chains-of-custody for each mail from when it is first accepted to decades later when it is purged from the archive. Mimecast uses a cryptographic algorithm and single instance storage to ensure that data is immutable and secure once stored. Comprehensive role-based access control and auditing further ensures a data’s confidentiaity. Mimecast is deployed as Software-as-a-Service, there is no hardware to continually upgrade and migrate data from and there is no software to deploy and patch. Mimecast can be deployed in a matter of hours, solving all of an organisation’s e-mail security, continuity and archiving needs. By reducing the number of platforms needed to support e-mail services – e-mail firewalls, denial of service protection, archiving software, hierarchical storage management, intrusion protection, disclaimer management, e-mail marketing, clustering, etc – Mimecast reduces the administrative burden and management costs. Mimecast is a single platform with a single interface.
Mimecast supports 5 core operational areas: Security & Policy Continuity E-mail Storage Management Compliance & E-Discovery Data Leak Prevention & Content Filtration These services are provided from Mimecast’s carrier grade infrastructure based on multiple geographically dispersed data centres – each one containing a grid of hundreds of servers. These services are accessed over a secure connection through either a Web browser or from within a user’s Microsoft Outlook client – no need to retrain users or change the way they work.
If we take a peek inside the Mimecast cloud…. Mimecast is built upon a series of modules there are designed from the ground up to work together in a cohesive manner. Incoming e-mail is run through a series of scanning engines, each of which return a confidence value to a centralised policy engine. This engine makes a decision based on the aggregate of the values from the scanners. This analysis happens ‘in protocol’ or ‘on the wire’ with the decision and rejection being made without even accepting the e-mail. An instant standards-based rejection is sent back to the send giving reasons for the rejection, this provides instant feedback as opposed to using quarantining where messages may sit in quarantine for several hours before being acted upon. This removes the burden of dealing with quarantine, provides instant feedback for time critical e-mails and reduces an organisation’s bandwidth utilisation. Some of the techniques Mimecast use to provide protection include: Local Reputation : Mimecast maintains a reputation index for each party you communicate with. Known good parties with good reputation can avoid future spam analysis (but will always be virus scanned). Each Local Reputation database is unique to each customer, allowing Mimecast to adapt to each individual customer’s e-mail profile. Global Reputation : Mimecast takes feeds about known bad communicating parties from the Local Reputation service and shares this information among Mimecast subscribers. This allows Mimecast to reject e-mails from these parties immediately, providing pre-emptive protection from attacks such as those from botnets. Firewall and Intrusion Prevention : Mimecast offers firewall and intrusion prevention capabilities to ensure malicious content is not propagated via e-mail. Mimecast intrusion prevention does deep application level analysis of all e-mail traffic. Directory Harvest Protection : Due to Mimecast’s tight integration with Active Directory, Mimecast is able to protect against directory harvest attacks. All e-mail to accounts that do not exist are immediately rejected. Sandbox : E-mails may contain malicious scripting or may attempt to take advantage of e-mail protocols, by using sandboxing Mimecast separates e-mails into its constituent parts. Each component is then examined in a ‘sandbox’ that is designed to identify malicious content. The e-mail is then reassembled to compare it against its original form to detect protocol anomalies. Anti-virus : Mimecast puts each external e-mail through multiple different commercial, open source and custom developed anti-virus engines. Once a policy engine accepts an e-mail, it is forwarded simultaneously to the organisation’s e-mail server and three separate geographically dispersed storage grids. E-mail between internal users on Microsoft Exchange servers are forwarded to the and three separate geographically dispersed storage grids using Exchange journaling.
The Mimecast storage grid is spread across three geographically disparate data centres. Within each data centre commodity servers, each containing up to 4 processors and up to 8 750 Gb drives, work together in a similar way to RAID disks but contain both a storage and processing capability. Within Mimecast’s current data centres there are 63 rows of these stripes. An algorithm is used to distribute customer’s e-mail across as many different stripes to optimise the later retrieval of their data. Every e-mail entering Mimecast is stored striped across 9 different machines within 3 different data centres – ensuring optimum performance and multiple levels of resilience. The cost of maintaining the Mimecast storage grid is reduced by using commodity servers in a stripe, instead of using monolithic SAN-based storage, Mimecast is able to bring a new stripe on-line and migrate portions of the data within an impact on service quality. The Mimecast grid can be expanded horizontally by adding more servers to each stripe, or vertically by adding more stripes. All data within the Mimecast grid is cryptographically hashed and encrypted using AES 256 bit encryption. Each customer has a unique key known only to them, Mimecast maintains no interface to gain access to data stored on the grid. All transactions, including searches are recorded in a immutable audit log.
As I mentioned earlier when explaining the processing grid, Mimecast security is provided ‘in protocol’ without the need for quarantine. Mimecast’s Local Reputation database ensures that legitimate e-mail from known good parties flow freely into your organisation. Mimecast offers a 100% virus protection SLA and no claim has ever been made under it. Due to Mimecast’s tight integration with Active Directory, Mimecast is able to protect against directory harvest attacks. All e-mail to accounts that do not exist are immediately rejected. Because Mimecast’s processing grid is based on a grid architecture designed to process dozens of millions of e-mails a day and reject malicious attacks in protocol, Mimecast protects organisations from e-mail borne denial of service attacks.
E-mail is a mission critical application but is often not treated as such by the organisation. It is only when there is an outage that people realise how critical it has become. Employees, partners and customers like the asynchronous nature of e-mail, as well as the record of the communication and it remains the preferred method of communication for many people. Bounced messages increase the sender’s workload and increase their frustration. Bounced e-mails to partners and customers damages the reputation of your organisation – if you can’t keep an email server up can you build a good product/run a good service. In some industries, records must be kept of transactions. Often these are submitted via some form of e-mail workflow. Not being able to record these e-mails would breach this legislation. E-mail is often an intrinsic part of ordering workflow, orders that come in during downtime remain unfulfilled and the customer unsatisfied. Even worse they may be lost forever, pushing business to your competitors. With the rise of handheld e-mail devices and 3G data cards, downtime of a mail server is now more visible than ever. Even worse, now users can call you to complain from the very device they can no longer receive e-mail on. Even a short outage may generate dozens of calls to deal with at the time where IT departments should be concentrating on solving the issue. E-mail system are some of the most utilised servers within any organisation and require upgrading and patching. Continuity is important not just to handle unforeseen events, but also to continue to provide e-mail services while enabling IT departments to undertake serving of the mail platform without the need to do this at weekends or have to rushed to complete upgrades. Mimecast can provide service while you maintain your email service, automatically resyncing email to your server once it is back online – senders while not even notice the outage and your users need only click a different folder in Outlook. So how does Mimecast work in continuity scenarios?
Mimecast provides several flexible ways to access your e-mail in continuity environments. Mimecast provides access to both incoming new and historical e-mail via a secure Web-based interface, users can read, forward and reply to incoming e-mail using nothing more than their Webbrowser. In fact, if you only use Microsoft Outlook Web Access for e-mail, Mimecast provides a more secure platform for remote Web-based e-mail as you remove the need to run an Internet Information Server with API connections back to your Exchange server from within your DMZ. What really separates Mimecast from all other continuity vendors is that we offer Mimecast + Services for Outlook – a plug-in for Microsoft Outlook 2003 and 2007, using Microsoft proprietary Exchange protocols (rather than other solutions that just render a Webpage within Outlook). This allows users to access incoming e-mail in continuity scenarios simply from within Outlook, users also have the ability to see and search all of their historical e-mail directly within Outlook – providing a bottomless mailbox with no hardware or software to manage. Users do not need to retrain users, or constantly retrain users, as they forget how to use complex multiple in-house software solutions – Mimecast provides access to your e-mail, old and new, in a way you know from within an application you know. If you ingest your existing PST files, you now have the ability to search any of your e-mail from within Outlook. Our experience is once you provide users with easy to use access to all of their historical e-mail their efficiency goes up as they can reuse their parts of previous work in their day-to-day work. Mimecast’s POP3 service always provides access to a rolling window of 110 days worth of e-mail from any standards-based e-mail client, from desktop to mobilee device. Mimecast continuity does not need to be invoked, it is always working 24 x 7, always on.
So why pick Software-as-a-Service to provide e-mail storage management compared with doing this in-house? In house archiving is complex and involves multiple tiers of storage hardware (Fibre Channel Host Bus Adapters to connect servers to the Storage Area Network, Fibre Channel fabric switches, fibre interconnections between all of the components, disk arrays along with the disks inside, tape backup as well if the customer is implementing some form of hierarchical storage management), if redundancy is required for high-availability purposes this needs to be duplicated and interconnected in at least two sites. On top of the hardware, multiple tiers of software needs to be installed, managed and patched (Host Bus Adapter drivers, archiving software, Fibre Shortest Path First routing protocol on the Fibre Channel fabric, storage array management and reporting and hierarchical storage management software). It is very hard to plan what the required volume is for future e-mail storage, how many users will you have in two years, how large will e-mail attachments be in 2009, with this unpredictable growth what is the total volume of your e-mail store containing each aggregate year’s worth of e-mail in 2015? This normally results in businesses overspending on unutilised storage capacity or constantly having to add additional storage when space becomes tight. If the SAN is provided by a different business unit, you may have to go cap-in-hand continually to the SAN administrator to request additional space. The SAN may be shared with mission critical applications such as ERP and CRM, e-mail archiving needs to compete with these services for both space and utilisation of the SAN. Mimecast removes all of the tiers involved in archiving in house, every single e-mail coming into your organisation is archived automatically ‘in-the-cloud’, internal e-mails are automatically archived from Microsoft Exchange servers. The Mimecast storage grid provides unlimited high-performance storage on a massively redundant infrastructure. The biggest issue of all is caused by using an in-house solution to maintain a long term store of data….
As we saw in the previous slide, in-house archiving involves lots of software and hardware. Archiving is a long-term issue, you may have the internal resources to manage all of this complexity now – but what about in 3, 6 years as we enter an economic downturn? Decisions made now will need to be justified over the entire lifecycle of the archiving project – we is typically endless and continually rolling. A typical life of storage hardware is 3 or 4 years, so in a 7 year retention scenario the data will need to be initially migrated onto the archiving solution, then migrated every 3 years – 3, 6, 9, 12, 15 ….. eternally. As well as migrating the physical bits from one storage platform to another, the format of the data needs to be converted to support the latest version of the messaging platform, the archiving product, the storage management software, etc. So a 7 year retention period has a continual management over head which massively increases every 3 – 4 years with a large capital expenditure to renew the storage hardware, add to this the significant impact of having to migrate the data from one platform to another. There has to be a better way…
With Mimecast your data is archived automatically, no hardware and no software to renew, no data to migrate, with one fixed cost. Mimecast is designed to perform and offer the same granular configuration as an in-house solution. The Mimecast archiving solution is designed to work as a part of the Mimecast Unified E-mail Management portfolio – providing strong chains-of-custody on immutable storage. Mimecast is able to ingest e-mail from your existing e-mail server or existing .PST files, providing an instant centralised searchable store. By reducing the size of inboxes stored on e-mail servers increases their performance and responsiveness. Users continue to use their Outlook clients, with their historical e-mail appearing as a folder. Users can search across decades of e-mails, including inside attachments, at speeds rivaling or exceeding those of data stored on a local SAN.
Mimecast provides instant compliance for a whole host of legislative compliance and internal governance requirements. The ability to maintain proper records of e-mails is critical not just for compliance, but also for mounting prosecutions or organising a defence from a prosecution. Often, in our continually increasingly litigious society it is often the party that has the strongest evidence that wins a legal action. Having evidence with better chains-of-custody than the opposing side can curtain months of costly and disruptive legal action. Mimecast looks after every e-mail during its entire life – from the moment a connection is negotiated with the sending server to the moment you choose to purge the data from the archive. Each part of the Mimecast platform is designed to tightly integrate with the other components, this combined with rule-based access control, forensic level auditing and the use of an immutable storage platform ensure the integrity of any e-mail stored within Mimecast is rock-solid.
The reality of trying to deploy email retention solutions for compliance or other means usually differs wildly from the ideal. Retention is just one aspect of running a successful messaging platform – throughput, availability, usability, blocking of inappropriate or dangerous content all have their part to play. In typical environments these functions are achieved by the use of several independent point solutions, often manufactured by different vendors. All of these point solutions can act on the incoming and outgoing messages independently of one another. Most of these point solutions are not designed with retention in mind and no provision is made within them to retain both the original message acted on and the result of the action. So often within email archives we have a message retained that bears no resemblance to the one originally sent, making its use as evidence limited. Another issue of using several point solutions is it is very hard to integrate the requirements of security, continuity and retention. Almost certainly organisations will incorporate e-mail systems into business continuity plans, but will fail to provision comprehensive security and retention solutions in the event of invocation. Thus when an organisation invokes, the organisation’s threat profile increases and they breach compliance regulations. The cost of ongoing management of several different point solutions, each with different user interfaces and platforms, can be significant. The typical three or four year lifecycle for appliances and hardware requires a constant migration of data onto the new platforms while trying to maintain the availability and integrity of the data retained.
Mimecast is committed to continually pushing the boundaries of what a Software-as-a-Service company can offer with regards e-mail solutions. Mimecast is the first vendor to offer any kind of true data leak prevention in the cloud. Mimecast content filtration policies can filter inappropriate from both entering and leaving your organisation. Mimecast data leak prevention aims to stop internal content leaving the organisation, or restricting the transmission to approved partners or via encrypted links. Mimecast doesn’t like to tout features that it does not have in the market, but Mimecast’s commitment to data leak prevention means we don’t mind talking about some of the features you’d see as a Mimecast customer over the next couple of quarters. Remember this additional functionality is rolled out free of charge to existing Mimecast customers. Weighted dictionaries allow organisations to allocate specific values to words or phrases, each e-mail are then through rules that check whether thresholds for the aggregate value of each dictionary have been met. The ability to search phrases, as well as individual words, massively increases the context of the content. Intelligent Identifiers put known patterns through several layers of analysis to distinguish known types of content – such credit card numbers for PCI compliance, Social Security numbers for HIPAA compliance and UK National Insurance numbers. The multiple levels of analysis including length, pattern, proximity, known starting values and checksuming aim to eliminate false positives. Moving forward, Mimecast will launch a plugin that can be installed on fileservers that will crytographically hash each document stored and take note of the directory structure. Policy can then be set within Mimecast to prevent the leakage of documents from particular directories, ensure documents for other directories are only sent to specific parties or ensure that documents from another directory are always sent in an encrypted format.