by Alan Kenny
Thursday mornings don’t get more exciting than this. Yesterday I was asked to represent Mimecast at a briefing hosted at Number 10 Downing Street by the UK Prime Minister, David Cameron.
We were one of only ten UK technology companies invited to speak to an audience of leaders of some of the world biggest companies and other members of the Government – the event was called ‘Pitch 10’. The goal was to showcase the strength and talent of the UK tech scene. It was great for Mimecast to be recognized again for our work in this way and to join other inspiring companies carving their own paths as innovators and businesses.
Mimecast at a briefing hosted at Number 10 Downing Street by the UK Prime Minister, David Cameron. We were one of only ten UK technology companies invited to speak to an audience of leaders of some of the world biggest companies and other members of the Government – the event was called ‘Pitch 10’.
My brief was pretty simple. Come and tell us about the company and what you have achieved.
Firstly I’d say that this event, and others, show that the UK tech scene is something to be admired. It’s a vibrant and diverse community of innovators and business people right across the country and from around the world. London’s Tech City gets a great deal of the press and plaudits of course but it was good to see firms from other parts of the UK represented.
As those who follow us closely will know we’re a cloud email, security and archiving business. So job number one was to explain our view about the criticality and primacy of email in business.
When you take a moment to think about it you realize quickly that we all rely on email. Email is the communications and data backbone of all organizations large and small, private or public sector. It underpins our communication, collaboration and decision making. It carries our ideas, insights and knowledge. It stores and exchanges contracts, orders and business commitments.
Because of this, managing, storing and protecting email (and the valuable data it contains) is a critical consideration for IT teams. This is where we come in. We help customers move to the cloud and solve three critical challenges beyond the mailbox.
We help them:
- Protect their organization by improving email and data security from the growing volume and sophistication of security threats they face every day.
- Ensure their business carries on when the primary email service is out of action with our continuity services.
- Archive the rapidly growing volumes of email communication and associated data safely in the cloud, and off their own on-premise infrastructure.
Now traditionally organizations have put several independent systems on their IT infrastructure to address these email needs, adding considerable cost and complexity. Mimecast’s secure cloud platform enables organizations to protect their corporate email and data; move these security, continuity and archiving services off their own IT infrastructure safely to the cloud, and decommission these additional systems, freeing budget and resources for other priorities.
I’m pleased to say that the reception to our story was very warm and supportive. We’re proud of what we’ve achieved for our customers. We also see a great deal more opportunity and chance for innovation still to be grasped.
So as probably the world’s most famous front door shut behind me, it was straight back to our offices in The City in London and back down to the day job.
by Orlando Scott-Cowley
The mail you want, but just not right now. Seems like an odd way to talk about email, either you want it or you don’t. For years we’ve been talking about the unwanted types of email, like spam, that have grown to be a pest, but which have largely been dealt with by effective anti-spam services; but now there’s a less distinct line between good and bad as far as our users are concerned. The email that sits in this middle ground has become known as graymail.
Mimecast’s new Graymail Control automatically categorizes graymail and moves it to a separate folder – allowing end users to review the messages at their leisure and keeping the inbox optimized.
More specifically, graymail is email like newsletters, notifications and marketing email. The types of email marketing you are bombarded with receive when you buy something online or use your email address to sign up for something. Normally you are opted-in to these marketing emails unless you manage to spot the often well-hidden opt-out tick box. These emails are initially interesting, but grow tiresome quickly.
You’re unlikely to want them all in your inbox right now, but somewhere else that makes them easier to read later. Many consumer grade email providers offer a way of categorizing graymail, such as Gmail’s Primary Inbox and Promotions tabs.
Graymail isn’t new. The idea was first suggested by Microsoft researchers in 2007, at the now defunct CEAS conference. Graymail, or Gray Mail as it was called then, was defined as messages that could be considered either spam or good. It’s fair to say many end users consider newsletters that they opted-in to, mostly unknowingly, as spam even though they could easily unsubscribe from the sender’s distribution lists.
Graymail is also described by the phrase “Bacn”, (as in bacon). The first use of the term Bacn is thought to have been coined at PodCamp Pittsburgh 2, as a way to differentiate between spam, ham and bacn in your inbox.
The unwillingness of end users to unsubscribe, or understand the problem as being somewhat self-inflicted, has led many enterprise IT teams to look for a solution. As a provider of email security services, Mimecast’s Threat Operations and Spam teams know first-hand how users are inclined to report bacn or graymail as spam email. A large percentage of the email submitted to Mimecast for analysis as spam is in fact legitimate marketing email with valid unsubscribe links.
It has become increasingly obvious that end users will continue to be frustrated by this graymail problem. The most straightforward solution is stemming the flow in such a way that keeps an enterprise inbox free of bacn so legitimate business-related emails take priority. Mimecast’s new Graymail Control provides this capability, by automatically categorizing graymail and moving it off to a separate folder – allowing your end users to review the messages at their leisure and keeping the inbox optimized.
If you’d like to find out more technical detail about how to configure Mimecast’s Graymail Control please visit our Knowledge Base article here.
by Dan Sloshberg
Bring your own device (BYOD) has redefined the way we work. It allows us to work from any device and access corporate files and networks from anywhere.
Now we also have bring your own cloud (BYOC). Workers are using the device and cloud service provider of their choice for a range of things they would traditionally have used corporate systems for, including file sharing. Without the proper policies in place, this can cause a major headache for IT.
Email remains the most prolific platform for communication and messaging in the workplace. However, certain limitations within email can lead to data security issues. Users simply want to remain productive, send and receive files of any size, and ultimately, work free of restrictions – and they want to do so in a familiar environment. Unfortunately, file size and storage limitations within commonly-used email platforms impose restrictions that force users to find workaround solutions. In most cases, the workaround solution is an unsanctioned, consumer-grade file sharing service.
With the right policies, personal devices at work don’t have to be a data security threat.
Ask yourself: Do you have policies in place to control the use of file sharing services – and ultimately protect corporate data – across your organization? Are you among the 37 percent of organizations that have no policy in place? Or, are you among the 46 percent of organizations that “restrict and say no” to file sharing services altogether, according to research from the recent report from Bloor?
We get it. You are overwhelmed, under-resourced and focused on issues flagged as “top priority.” But if the protection of your corporate data is not a priority, it will eventually catch up to you – most likely in the form of information leaking out of the organization. Whether or not you choose to acknowledge the issue, employees at your organization are finding ways to send, receive and share files of all sizes. According to Workshare, 69 percent of employees are using free file sharing applications – but only 28 percent have authorization from the organization to do so. Consequently, data from Symantec shows through the use of rogue cloud-based file sharing services, 83 percent of large enterprises and 70 percent of SMBs have had sensitive information placed in the cloud without organizational oversight.
The repercussions of consumer-grade file sharing services in the workplace can include loss of IP; sensitive data leakage; loss of visibility and control over where data resides; and compliance, regulatory and eDiscovery breaches. Many of these will not only cause you inconvenience, a significant breach could cost you business, irreparably damage your reputation and result in significant fines from regulatory bodies.
How to Take Control of File Sharing at Work
The bottom line is this: users want your support. If you give them guidance, education and a viable, frictionless solution, they are a lot more likely to comply with your policy. Here are three easy steps to keep corporate information protected by putting in place a secure, controlled file sharing service:
1. Don’t ignore the problem. There is a lot of file sharing happening at work, and file sizes will only continue to rise. Instead of ignoring data protection, make it a priority by finding a service that allows users to work within email to send and receive files – regardless of size – instead of finding workaround solutions.
2. Select an enterprise-grade platform. Consumer-grade services leave your organization susceptible to data leaks and other security threats. They also make it hard for you when it comes to eDiscovery or statements of compliance. Find an enterprise-grade service that gives you visibility and control, while allowing users to work seamlessly within a familiar environment. Use a platform that is built with access controls; content control and data leak prevention; archiving, compliance and eDiscovery; expiring access; and centralized policy management, reporting and logging.
3. Train and educate users. Programs should be in place to help your users understand the sensitivities of different classes of information and the risks associated with mishandling sensitive data. Users should have a clear understanding of what cannot be shared outside the organization and secure ways of sharing appropriate information with external parties.
By following these three steps – and finding the right solution – you can take back control of file sharing in your organization. Interested in learning more? Download this report by Bloor Research: “Take Control of File Sharing Services … Best Practices for the Safe and Secure Use of File Sharing for Organizations.”
by Nathaniel Borenstein
A bit less than four years ago, Facebook decided to get into the email business. I wrote a blog entry at the time, warning it a bit about what it was getting into.
Facebook announced the closure of its email service earlier this year. Facebook emails will automatically be forwarded to whatever email address Facebook users have listed as their primary one.
I warned it about the technical complexities of email, and the pitfalls that required email veterans on the team to avoid repeating. I really thought the biggest problem it faced might be technical. I figured that with its brand, it certainly had ‘market permission’ to enter the email space.
But we never got a chance, really, to find out how good Facebook mail was, because almost nobody used it. I didn’t see that coming, because I thought that there was potential value in integrating Facebook messaging with email. I should have known better, though, because I made a similar mistake back around 1982.
In 1982, I was developing and maintaining email clients for a couple of timesharing systems of the day, when I discovered that two future friends were developing a bulletin board system and a calendaring system for the same environment. We decided that what was really needed was to integrate all three into a single user interface that streamlined everyone’s communication.
We called the system BAGS, after our last names – the Borenstein Anderson Garlan System. It was modestly successful, and was maintained for many years after I moved on. But people didn’t use it as a single user interface. Some used it for both email and bulletin boards, but separately, as if the fact that they were all one program was something they needed to work around. Like Facebook, we found that users just weren’t drawn to the kind of ‘universal interface’ that draws computer scientists like moths to a flame.
It turns out there are good reasons why people have always had multiple communication mechanisms. The characteristics of a communication technology, coupled with the community rules, standards, and customs that develop around that technology, inevitably result in a mechanism that’s better for some things than others.
If you need to send me a message, what’s the difference between email and instant messaging? It’s not just a matter of whether you’re using a laptop or a phone, because either can be used either way. But when you’re using a laptop, you’re likely to be in a more relaxed or serious environment, so it’s natural to compose an email, which is likely to be longer, more nuanced, funnier, or otherwise more complicated than seems right for an instant message. On the other hand, if you’re running across an airport, dashing off an instant message will be rather more appealing. And if you’re like me, you’ll sometimes dash off an instant message to yourself, reminding you about a more complex email you need to send.
Facebook was one of the pioneers of social networking, which as a communication medium is radically different than email. People use it to communicate with whole groups of friends or relatives at once, and they think of themselves, generally, as operating in a semi-public forum. Email feels (rightly or wrongly) more closely controlled and limited in distribution. Combining two media that differ in important aspects is a recipe for confusion, and users intuitively resist it.
The email world and the Facebook world often leak into each other, but that doesn’t mean users want them to merge. The best email programs have user interfaces that are highly evolved to what users expect from an email medium – features that make it well suited to complex threads of discussion, but less well suited to ad hoc group discussions with your friends’ friends. Merging the two doesn’t necessarily make things simpler – the features of one can actually get in the way of the other.
The bottom line is simple: email is very, very important to a lot of people, and they are wary of anything that might weaken its usefulness. If Facebook had set up its email service to be entirely independent of the social networking system, it might have been able to attract users, and then gradually introduce carefully selected features that connect the two in useful ways. Perhaps that’s how it’s planning to approach its acquisition of WhatsApp; if it’s sufficiently cautious in how it integrates the two services, it might well succeed.
So, while we are saying goodbye to Facebook mail, perhaps it’s not forever. There’s still plenty of room for innovation in email, in social networking and in the spaces in between. But it’ll take a more open, incremental and modest design to succeed.