Stuart Handley
by

Information on the POODLE vulnerability

Mimecast is aware of, and acting on the Poodle vulnerability affecting SSL version 3.0 (SSLv3). While SSLv3 is over 18 years old, support for it still remains very widespread. The Poodle attack is a client side attack (targeting the browser rather than the web server), using the “insecure fallback” behavior of browsers to negotiate the encryption down to SSLv3. The most effective way to prevent the Poodle attack is to disable SSLv3 support on the server side.  That way a client cannot negotiate down to SSLv3. More information on Poodle can be found here on Google’s security blog.

Mimecast’s web services do currently support SSLv3, in order to offer maximum compatibility with customer systems, and this unfortunately makes our services potentially vulnerable to Poodle.

While we are working on disabling SSLv3 support on our public services, and expect to complete this soon, customers can immediately act against this vulnerability by disabling SSLv3 support in the browsers in use in their organizations.

This is highly recommended for employees who have Mimecast Administrators accounts on the Mimecast platform. You can find information on how to do this for the most common browsers on the vendor’s blogs or you might find this article helpful.

The Mimecast Security and Development Teams have prioritized the outstanding work required to eliminate SSLv3 support on all of our web applications and expect this to be completed in the short term.

by

Inbox Zero: Plotting a Route to Less Stress

I was intrigued to see that someone named the fourth week in January, ‘Clean Out Your Inbox Week’. This was an initiative aimed at helping employees take control of their inbox and reduce email overload. Ever expanding inboxes are something we all have to deal with at work and home, and many people struggle to manage their inbox effectively…often cited as a major cause of workplace stress.

With Mimecast’s cloud archive service, the archive is bottomless and sits securely in the cloud, and off the corporate network.

With Mimecast’s cloud archive service, the archive is bottomless and sits securely in the cloud, and off the corporate network.

From our point of view, this is not just an issue for individuals but also a situation impacting corporates and their IT departments. As email inboxes get bigger and data storage costs rise, more and more management resources become sucked into looking after this growing email infrastructure and its mass of unstructured data.

But happily there are solutions to these problems.

Even the most hardened hoarder of emails can be helped. Firstly, if your organization uses a cloud email security service like Mimecast you can significantly cut the spam cluttering inboxes and clogging up costly data storage on the network. The vast majority of email that hits your network is unwanted spam (estimates vary in excess of 70%) and our service stops this even reaching your organization. If you don’t do this, checking and filtering this email wastes valuable IT time and resources unnecessarily.

Once you’re sure what’s in the inbox is ‘real’, next stop is effective filing and archiving.  The problem is that for many people storing their emails into an archive is a concern – they are sending the email and its attachments off to a dusty, never to be seen again archive out of their control. Once it’s there, it’s simply too difficult to recover– so these emails stay languishing in the inbox and squatting on the enterprise’s network just in case they need them.

With a cloud archive service like Mimecast’s, we help you get round that problem. The archive is bottomless and sits securely in the cloud, and off the corporate network. So IT managers can reduce their storage burden. For the user, the archive is interactive – they can search, access and re-use all their archived emails forever safe in the knowledge it’s being securely and safely stored indefinitely if they want. When we show IT managers and their users this, we see a major shift in attitude about the archive. The concern about using them proactively to help manage the burden on their inbox goes away. If this archive is then paired with end user productivity tools like our mobile apps, the archive can become invaluable – available to users where and when they want, on their device of choice.

So you can have the best of both worlds. A zero mail inbox and easy, searchable access to every mail you ever received or sent if that is what you want or need. This will be good news to those emailers who made a New Year resolution to finally get off their IT manager’s naughty list.

by

Recent Press Articles on Mimecast Globally

Please excuse the sound of us blowing our own trumpet but I thought we should highlight a few press articles from around the world we’ve received in the last few months that we thought our blog readers might find interesting. Hope you enjoy.

We talked about this on the blog but we recently launched Mimecast Large File Send for Outlook and our support for Office 365. Here are just a few of the press articles on these products – CBR; V3; IT Online and Comms Business; MSP Mentor and IT Online.

Neil Murray, foresees a future in which businesses will move their unstructured data to the cloud to make it safer and more useful – Computer Weekly, July 2013

Neil Murray, foresees a future in which businesses will move their unstructured data to the cloud to make it safer and more useful – Computer Weekly, July 2013

We were delighted too when Harvard Business Review covered our research into how we all use email.

In July, Neil Murray, our CTO spoke with the UK’s Computer Weekly about our vision for information banking. In addition, Matt Ravden, our CSO talked about the risks of Shadow IT and data fragmentation with Computer Business Review and IT Pro portal. This came after we released our research into this issue with FreeForm Dynamics covered in IDG Connect and IT Web. Nathaniel Borenstein, our Chief Scientist has also been sharing his views on the future of technology and email with AllThingsD.

Our CEO has been out and about too of course. Peter Bauer has been talking about our plans with Real Business, The Guardian and Director; commenting on entrepreneurship in Redmond Channel Partner and the potential of London as a market for tech IPOs in City A.M.

The news that we’re expanding in the U.S. with a bigger HQ in Boston and office in San Francisco as well as new offices in Chicago and Dallas also grabbed attention in: Watertown Patch; Boston.com; Boston Business Journal and Texas TechPulse.

Also we opened our first office in APJ in Melbourne, Australia and aside from getting some good support from the local government, the press were welcoming too: ARN; CSO and Herald Sun (subscription only sadly).

Finally, it was great to appear for the fourth consecutive year in The Sunday Times Tech Track 100 – its ranking of the UK’s fastest growing firms. This year we secured 79th place. You can find the article here and a blog post on the subject from our CEO here.

by

Drivers Start Your Engines

Last Wednesday night the Mimecast team joined customers, jumped into stretch Hummers and headed over to the local go-kart racing track here in Vegas.

A great evening was had by all. In my case, I was challenging for first place and was cynically taken out of the race by my colleagues, just as I was about to claim victory. But I took it with good sporting grace of course. Congratulations to Peter Smith who won our Mimecast team race.

Stuart Handley, Group Communications Director, Mimecast, seconds before glory was cruelly plucked from his grasp

Stuart Handley, Group Communications Director, Mimecast, seconds before glory was cruelly plucked from his grasp

Anyway – I feel better getting that off my chest. Now to honor our customer winners.

After a hard fought race, Ken Orgeron from Gardere Wynne Sewell was the evening’s winner. Second place went to Damian Burdette from Taylor, Porter, Brooks & Phillips and third place to Jason Russo from HDP.

It was great to get a chance to spend time with some of our valued customers at ILTA 2013. After a busy show, everyone seemed happy to get out of the conference center for a while and let loose their inner F1/NASCAR driver.

We’re already thinking about our next challenge when ILTA moves to Nashville, Tennessee in 2014. Perhaps I’ll get a clear track and a chance to get my deserved place on the winner’s rostrum next year.