CHALLENGE
The Taylor Smith Group, a Mauritius-based diversified private equity group with interests in manufacturing, logistics, retail and marine services, runs a complex IT operation. With over 800 employees and 16 businesses in its stable, the IT department is responsible for the infrastructure of the entire group, including support and maintenance.
Part of this centralised IT service offering includes providing email services for group companies, each of which has its own domain name. Many of these companies depend on email to run their operations.
“We decided about two years ago to switch from a traditional in-house email server to Microsoft Office 365 because managing the in-house email server was a challenge and moving to the cloud made sense,” said Denis Mourghen, IT Manager at Taylor Smith Group.
While everything appeared to work well initially, Mourghen says they soon noticed a gradual increase in spam and the number of phishing attempts being delivered via email.
“This was becoming cumbersome on the IT department because, each time a phishing email came in, we had to find the logs, fix the problem [by blocking it], and provide feedback to the users about what happened, why it happened, and how to prevent it from happening again.
“When one of our directors fell victim to an impersonation attack and his entire contact list received a fraudulent email from his account, we realised we needed a more robust email security solution to protect our reputation.”
SOLUTION
When researching email security vendors, Mourghen says the organisation’s main requirements were for a third-party solution independent of Microsoft that was easy to use, easy to deploy, and cost-effective.
“We specifically wanted a third-party solution that could not only provide additional security on top of the Microsoft product but also provide an external view of what was happening in the threat landscape,” said Mourghen.
The group investigated three solutions and eventually chose Mimecast, based on the proposal presented by Grove, a Mimecast partner. Grove demonstrated exactly how the solution filtered and protected emails and introduced additional features that Taylor Smith may eventually want to deploy.
The Taylor Smith Group signed up for Mimecast S1 services for 350 users, including Grove 24/7 support and Mimecast’s full deployment services, for a three-year term.
Because of the complicated group infrastructure, Mourghne said it was crucial that the Mimecast technical team was able to answer any questions, that they could configure the system and policies according to the needs of each business unit, that they could explain how the tenant was structured, and that there was an experienced team on the ground that could plan and execute a smooth implementation with minimal downtime.
According to Mourghen, the Mimecast team maintained a sense of humour throughout the implementation, which took place after office hours.
“Grove was fantastic and were a big reason why we chose Mimecast,” he said.
“They handled any issues quickly, continue to check in regularly, and keep us updated with the latest security reports and service updates.”
RESULTS
Since implementing Mimecast in June 2018, Mourghen says phishing and impersonation attacks are no longer a concern for the Taylor Smith Group.
“It’s one IT system that we don’t pay as much attention to because we know that it’s being taken care of behind the scenes,” said Mourghen.
“We don’t have to worry about upgrades or updates because the solution adapts to the evolving threat landscape. That takes a lot of pressure off the IT department because we can now focus on more value-adding business functions. We just let the solution work and review the reports to make sure we’re also up-to-date with the trends in cyber threats.”
These reports, he adds, have been useful in justifying the organisation’s investment in Mimecast because they outline the number of attacks and the different types of phishing and malware that were blocked.
“That’s the win for us,” added Mourghen.
“The Mimecast Customer Service Reports show that we’ve mitigated the risk of phishing and impersonation attacks and that we’ve invested in a solution that keeps innovating in line with the evolving threat landscape.”
An added benefit, says Mourghen, has been Mimecast’s builtin user awareness functionality.
“In the past, we’d have to email individual users, explaining why they didn’t get an email or why they can’t open an attachment,” he said.
“Now, the system does that automatically and explains what the user has to do – or what they shouldn’t do – so it’s making our workforce more aware and conscious of their role in securing the business.
“Our users want more flexibility at work. The business has to adapt to these needs as well as to the changes being driven by new technology – all while protecting the different business units from cyberattacks. Mimecast has given everyone in the organisation peace of mind that they can conduct business over email freely and securely.”