A short while ago, Mimecast announced some cool new enhancements to the Email Security product set.
I am very excited about this because for the first time in a long time there are some truly new features becoming available to end users of an Internet-based email gateway security service.
The main thrust of these centres around some unique developments in the end user space, new features that directly integrate the Mimecast cloud-based service with client side software in the form of Microsoft Outlook.
But that’s not what I want to write about.
Sure, it is really cool that users can report spam directly in Outlook. Yes, it is amazing that they can manage their personal quarantines from directly within Outlook. I know users will love having control over how their messages look or are treated by the gateway…
It is this last thing I want to talk about. User’s being given control over how messages are handled? Saying it like that makes it sound like a security threat! Surely we shouldn’t be giving users the ability to bypass policies we have set in stone for them at the gateway?
Well that’s exactly it you see, this is the thing that has me excited. I know that a “one size fits all” approach doesn’t work but that shouldn’t mean we hide useful things away from everybody.
What if we just do that for users we don’t want to access specific features?
Well that’s what we have done. Mimecast knows that granularity of control is something you expect when deploying applications to your user-base so we decided to ensure that that same level of control and granularity remained available to you even though you were deploying client side software that connects to the cloud!
What does this mean? Well in terms of the new features it means that you can create roles, or profiles for types of Outlook users, can they specify what type of encryption to use for secure delivery? Can they over ride the company branding and use a different template? These roles or profiles can then be applied to groups or individuals so that you only expose features you would trust in the hands of that set of users.
As many people will wonder “what happens in the event of a conflict?” I thought I would quickly answer that here too.
If a company policy states that word documents must have meta data stripped and a user selects “no policy”, the automatic policy will be applied and the document will have its meta data stripped. If a user chooses to deliver a message via TLS but there is a policy that states it has to be delivered via Closed Circuit Messaging (CCM), then the automatic policy will apply.
In other words, the safer, securer option is the one that will apply. This works in reverse too. If a user chooses to deliver via CCM and the company policy is to secure messages in transit using TLS, then CCM will be applied because it is a more secure method of content delivery!
Couple this with Windows Integrated Authentication for the cloud service and you can see why I am excited!
This really is a new level of cloud to LAN integration that will definitely help to make everybody’s lives easier.