Mimecast’s Email Security Highly Commended by SC Awards

Last week, Mimecast was thrilled to be recognized at the 2014 SC Magazine Awards Europe ceremony for our Email Security service. The judges, drawn from the senior ranks of the information security profession based on their experience and impartiality, selected Mimecast’s Email Security service to receive the status of ‘Highly Commended’ in the ‘Best Email Security Solution’ category.

Mimecast’s Email Security received the status of ‘Highly Commended’ in the ‘Best Email Security Solution’ category

Mimecast’s Email Security received the status of ‘Highly Commended’ in the ‘Best Email Security Solution’ category

Mimecast’s Email Security provides a comprehensive, cloud-based service to mitigate email risk –gaining ‘Visionary’ status in the Gartner Magic Quadrant for Secure Email Gateways 2013. It provides customers with 100 percent anti-virus protection, including zero-day threat protection SLA, and a 99 percent anti-spam protection SLA, without the need to deploy any on-premise hardware or software.

The majority of Mimecast’s competitors have acquired their security technology and bolted together point solutions to form an offering. The Mimecast Email Security platform is unique in that it’s built specifically for purpose. From the Message Transfer Agent up, Mimecast builds, owns and manages the technology to process and protect customers’ email. This means more straightforward deployment, setup and management for IT teams and a more valuable and integrated experience for users.

It’s recognition of the success we’ve enjoyed in delivering simple yet effective corporate email security, minimizing IT overheads and improving user productivity. If you’d like to find out more about Mimecast’s Email Security you can find videos and supporting documentation here.


Rogue Access Points Make Prime-time with The Doctor

Clara Oswald

Doctor Who: Series 7 Part 2, The Bells of Saint John.

There’s something in the WiFi. You know you’ve made it as an actor and as a security issue when you appear on Doctor Who. If, like me, you tuned-in to (showing my age there, who “tunes-in” anymore?) the new series of Doctor Who last weekend, you may have chuckled at the use of WiFi networks as a medium for evil. Rogue Access Points that upload the soul of their users, leaving them trapped inside a Spoonhead, sorry server, somewhere in London’s Shard building. Kudos to the script writers for the plot, and for renaming servers, spoonheads – I’ll be in the spoonhead room.

“I don’t know where I am… I don’t know where I am…” is a cry most IT managers, administrators and help desk staff have heard in their time; usually from hapless users trying to find their way onto the network or perhaps around their desktop, rather than being trapped inside an evil WiFi network. That wasn’t lost on me, nor was the uploading of souls; something we might think Facebook has in their roadmap–or at least the curating of your own soul. The evil walking WiFi base stations, hoovering up data and people, did remind me of Google Street View cars that were caught hoovering up WiFi networks, but I’m sure that’s coincidental.

Now, while not all WiFi networks are this evil there are certainly many we should avoid. I’m still amazed to see the SSID “Free Public WiFi” whenever I’m on a train or at an airport; while not necessarily unsafe, it does indicate an old an unpatched version of Windows XP is running somewhere – which in itself is terrifying. Others are certainly more dangerous; there’s often a looky-likey network at conferences or near popular coffee shops, designed to trick you into joining and routing your traffic through them. This is just plain unsafe and even on open public networks you should always use a VPN or at least HTTPS connections. Firesheep was an excellent demonstration as to how vulnerable unencrypted web traffic is on open wireless networks.

As IT professionals we’re constantly reminding our users of the security risks associated with the unknown; like free or open WiFi networks as well as clicking links in email. Hopefully now Rogue Access Points have made it to prime-time this job will be a little easier.

I’m waiting to see if there is another episode of Doctor Who dedicated to Phishing emails, or perhaps password sniffing, but in the mean time I’m trying to work out how to change my SSID to that funky font used in Doctor Who.

Remember, if you’re looking for WiFi and sometimes you see something a bit like this, don’t click it.

Stay safe!


Postini Exit: Time to Choose

If you’re a Google Postini customer, or even an observer of the market, you’ll be well aware that Google has brought the curtain down on its Postini email services. To paraphrase Google, it’s “transitioning Postini services to the Google Apps platform beginning in 2013.”

“Transitioning”, is another way of saying we’re cutting you off and you better do something about it. As an IT professional you’ve probably been cursing the day you found this out; I bet the idea of an unplanned migration of such a core service is something you wished happened more often, isn’t at all disruptive is it?

 Part of the worry about moving to a new platform will be the completeness of said platform. The Google transition FAQ tells us there is some core functionality missing. For example; you won’t have a quarantine summary until Q1, 2013. Users won’t be able to manage their quarantines online, like they do now, until Q2, 2013, along with reporting. Outbound filtering won’t be with you until Q3, 2013. And, if you want any sort of admin quarantine the best estimate you’ll get from Google is 2013.

Sadly, the list of missing or unsupported features goes on, ultimately ending in a couple of shockers that leave you worse-off in terms of SLA too.

Frustrated? Worried? Considering your options?

By now you’ll have noticed the veritable feeding frenzy that email security vendors have got into. Some offering 6 months of service free, others touting free migrations to their platforms. Ultimately betting the farm on a gimmick in a hope they can attract you. They’re not really considering the financial impact on their business-model of ‘free’ stuff in this, already cut-throat, market. Race to zero anyone?

The problem I have with this race to the bottom, is it undermines the value of email security and the gateway and is a dis-service to you, the customer. The last thing you need is a vendor who’s sold themselves to dirt cheap technology in a mad dash to gain market share. In a year or two it’s likely you’ll be migrating away from that vendor too as they run out of money and innovation.

The knock on effect of this market behaviour is also a lack of investment in R&D, which you’ll notice when you start to conduct your own due diligence on these vendors. Offering a free migration to a service could well be covering up weaknesses in technology that are likely to be a show stopper if you dig deeper. If you’re in this situation as the vendor about their ‘cloud infrastructure, and whether it’s really cloud or not; chances are it’ll be a hosted version of their on-premise gateway technology. I don’t need to point out that’s not cloud, nor is it scalable, and it’s bound to hurt sometime down the line.

Faced with the choice between incomplete and imperfect it makes sense to take some time out from worrying about this unplanned migration, put aside the hysterical marketing from the ‘look at me’ vendors and consider your options.  We’ve put together a short video that makes this point and might help you decide what steps to take next.

Yours in email.



Mimecast's Visionary Secure Email Gateway

Mimecast Email Security

Mimecast has just been positioned in the Visionaries Quadrant of the “Magic Quadrant” for Secure Email Gateways. Gartner release this report annually to evaluate the leading providers in the Secure Email Gateway Market. Mimecast has been placed in the Visionaries quadrant as a validation of our determination to bring innovation and progress to the Secure Email Gateway market. At Mimecast we recognise there is much more value and ability built into the Secure Email Gateway than is currently offered, we recognise that the Secure Email Gateway could do a whole lot more than anti-spam and anti-virus.

Secure Email Gateways have been an essential part of an email management infrastructure since the mid-nineties. Email servers used to plug straight into the Internet without any threat of malicious or meat related email (Spam, Ham or Bacn, if you didn’t get that). To be fair email servers “dialled-up” to the Internet and did their scheduled send and receive of queued email over a normal telephone line. Then we added ISDN, ADSL, Leased Lines, Broadband, and today the types of always-on connection that mean our email servers have almost become instantaneous forms of essential communication.

Coinciding with the rise in demand for email has been a simultaneous boom in the market for selling things by email too. Our email administrators had to quickly add gateways that “filter out” this junk and rubbish as the chorus of complaints from end-users grew louder.

Today, Secure Email Gateways are a must-have part of network security methodology, we can’t live without them – unless of course you buy your shares, watches, herbal enhancements and little blue pills on the Internet; if that is the case, our spam is your news.

Some would have us believe that the Secure Email Gateway has become a commoditised part of the network. I would argue this commoditisation is only true if you choose to spend your IT budget with a vendor who is not offering any innovation, or product vision in return. You get what you pay for, and there are quite a few vendors offering well marketed, but technically-limited, budget solutions that will protect you, but nothing more.

As email evolves and adapts to the more collaborative work-flows emerging in businesses today, the email gateways will play in important role in controlling and securing the corporate intellectual property embedded within email. End users are already demanding increased flexibility and control of their conversations and relationships on a per-message basis, and from directly within their inbox. They yearn for the tools to solve the pain caused by their budget, unintelligent, email gateway.

Mimecast Email Security is designed to combine this increased flexibility with industry-leading security, delivering industry-first capabilities directly to the end-users, as well as centralized controls for the IT department to. Mimecast Email Security brings the value of the Secure Email Gateway back and delivers a vision of the future that enables email use in your business.

The latest version of Mimecast Email Security will be available this Autumn. The Gartner Magic Quadrant for Secure Email Gateways, 2012, is available on our website.