The new MSS offering provides comprehensive, integrated, cost-effective cybersecurity services to help clients combat the growing threat landscape and shortage of skilled cybersecurity resources.

Phoenix, Ariz. – Sep 6, 2023 – MicroAge®, The Digital Transformation Experts®, announced today the launch of MicroAge Managed Security Services (MSS) with proactive cybersecurity monitoring and support. MicroAge Managed Security Services offers round-the-clock, expert security monitoring of the client’s technology environment, helping to reduce alert fatigue and providing incident detection, response, and resolution.

With today’s rapidly evolving digital landscape, cybersecurity attacks are on the rise, and companies of every type and size struggle to keep up with the technology and resources required to adequately protect their organizations. MicroAge Managed Security Services provides clients with cost-effective, robust protection of their technology infrastructure managed by expert cybersecurity analysts who monitor and support the environment 24x7x365, including first response incident support. MicroAge Managed Security Services includes repair and maintenance of multifactor authentication, email protection, endpoint protection, server protection, comprehensive reporting, and user awareness training, as well as onboarding and offboarding users on those systems.

“The severe, global talent shortage of cybersecurity professionals has been highly publicized, leaving hundreds of thousands of cyber job vacancies in the U.S. alone. This scarcity makes it increasingly difficult to find and hire the right experts to fortify an organization’s defenses,” said MicroAge Executive Vice President Larry Gentry. “Combined with the exploding volume and cost of available solutions that have hit the market, comprehensive cybersecurity programs are becoming complicated, expensive, and difficult to achieve for many companies.”

“The growing need for a complete, integrated, cost-effective way to secure our clients’ digital infrastructures became quickly evident. So, relying on decades of experience, we worked with our clients to develop MicroAge Managed Security Services,” said MicroAge CEO Rob Zack. “This new service will help clients dramatically improve their security posture, simplify their day-to-day jobs, eliminate capital outlay, and remove the management burden of multiple-point products.”

MicroAge MSS eliminates capital expenditures with monthly contract pricing based on the number of associates, helping clients cost-effectively and efficiently meet their security, compliance, and cyber insurance needs.

For more information on MicroAge Managed Security Services, visit https://microage.com/services/managed-security-services/.

About MicroAge
MicroAge combines a powerful mix of technology services backed by vendor-certified engineers and an acclaimed panel of experts to deliver the competitive edge technology leaders need to lead in a disruptive digital environment. MicroAge is a Microsoft Solution Partner recognized annually by Computer Reseller News (CRN) in the Tech Elite 250, Solution Provider 500, and MSP 500 lists of top-performing technology integrators, strategic service providers, and IT consultants. Headquartered in Phoenix, Arizona, MicroAge has a rapidly expanding national salesforce to support growing demand. To learn more, visit MicroAge.com.

In today’s rapidly evolving digital landscape, cybersecurity has become an essential priority for businesses of all sizes. Even though it has been a challenge for many years now, and plenty of advanced solutions have emerged to help, we see many organizations still struggling to effectively manage their cybersecurity initiatives. If I were to break it down as simply as possible, here are a few points as to why we believe that’s happening.

Growing Cybersecurity Talent Gap

Securing your organization’s sensitive data and digital assets requires a team of highly skilled cybersecurity analysts. Unfortunately, the industry is currently facing a severe shortage of talent. According to a recent report in Cybercrime Magazine, there are approximately 750,000 unfilled cyber job openings in the U.S. alone. This scarcity makes it increasingly difficult for companies to find and hire the right experts to fortify their defenses.

Costly Nature of Cybersecurity Expertise

Assuming you manage to locate the right cybersecurity professionals for your company, the associated costs can often exceed your budgetary constraints. Hiring skilled cybersecurity experts as full-time staff demands substantial compensation budgets due to the high demand for their services. That means small to mid-sized companies, in particular, may find it challenging to allocate the necessary funds to recruit and retain qualified professionals. But even when we connect with clients at enterprise-sized organizations, many also struggle to find and retain the right team in order to create and maintain a well-integrated, end-to-end security solution.

Insufficient Cybersecurity Budgets

We are seeing that inadequate budget allocation is another common hurdle for organizations attempting to establish a robust defense plan. Many companies fail to recognize the magnitude of cybersecurity threats and consequently overlook the importance of investing in adequate protection, which needs to include the right skills and best-in-class tools. Interestingly, we continue to see substantial budgets allocated toward data center and cloud initiatives, yet not towards cybersecurity. Trust me when I say it’s not going away, and it’s time to rethink your budget allocation process — sooner versus later.

Point Technologies vs. True Solutions

Another challenge we’ve seen emerge is the overload of point cybersecurity technologies aimed at helping various pieces and parts of the problem. While many incredible point technologies address difficult cyber defense areas such as email security, endpoint protection, and user awareness training, that all leaves the internal team left to bandage together a comprehensive solution that eliminates every gap and weak point in the chain.

You can see how this cybersecurity environment is quickly becoming very complicated, expensive, and inefficient.

In 2022, after years of meeting with countless clients, honing our skills, and expanding our cybersecurity practice, we realized the rapidly growing need for a complete, integrated, cost-effective cybersecurity offering.

So that’s exactly what we created… the MicroAge Managed Security Services.

This new MSS offering is purposely designed to be fast, easy, flexible, and affordable to implement for organizations of all shapes and sizes. Our number one goal is to make an advanced cybersecurity defense solution truly attainable for anyone and help clients dramatically improve their security posture while simplifying the overall daily management of security operations, all without the need for large capital outlay or the burdens of staffing a full team of certified cyber analysts. You also don’t need to find and evaluate a full spectrum of tools since we’ve done that work already. The Managed Security Services offering is built as a simple, all-in-one monthly support service, with the flexibility to start with just a piece or two based on your unique business needs and then add on if needed or launch the full solution right out of the gate.

Here’s what’s included in the new MSS offering:

24x7x365 Monitoring with Managed Detection and Response (MDR) Services

Proactive threat detection and rapid incident response are essential components of a robust cybersecurity strategy, but managing this in-house can be daunting. Many internal cyber teams have ‘alert fatigue,’ as they chase one cyber alert after another only to find they are essentially false alarms. Setting up a robust Managed Detection and Response initiative that leverages AI and machine learning technologies means you can continuously monitor network traffic, detect anomalies, and get expert help to swiftly respond to potential threats. The offering helps ensure 24x7x365 comprehensive monitoring and protection with rapid incident resolution, significantly enhancing a company’s security posture very quickly.

Multifactor Authentication (MFA)

Implementing MFA is a crucial step in securing your organization’s digital infrastructure. Our MSS offering provides robust MFA solutions, ensuring only authorized individuals can access critical systems and sensitive data. By consolidating MFA with other cybersecurity tools, businesses can streamline their security operations, reducing costs associated with separate purchases and management.

Email Security

Email remains a prime target for cybercriminals. Our Managed Security Service solution includes comprehensive email security that protects against phishing attacks, malware, and other email-borne threats. By using advanced, proven technology, machine learning, and AI combined with highly skilled cyber professionals, organizations minimize the risk of data breaches and ensure the confidentiality of sensitive information.

Endpoint Security

Endpoint devices are often the entry point for cyber threats. The offering includes advanced endpoint protection tools like next-generation antivirus software, real-time threat detection, and proactive vulnerability management.

Server Security

Servers store and process critical data, so prioritizing them in your defense plan is critical. Our server protection includes robust intrusion detection and prevention systems, regular patch management, and log monitoring. By leveraging these comprehensive server security measures, companies can fortify their infrastructure against potential breaches.

User Awareness Training

Employees continue to be one of the most challenging components of effective cybersecurity defense, so educating them about best practices is crucial to mitigate your risks from human error. Our user awareness training program educates employees in a fun and engaging way about the latest threats, phishing scams, and safe online practices.

Final Thoughts on Managed Security Services

Part of creating success in your cybersecurity initiative means using new thinking to solve new problems. In an era where cyber threats continue to evolve and multiply, it’s clear that organizations need new solutions, tools, and comprehensive strategies that better align with their budget and resource limitations while still improving their security posture. And that’s precisely what we set out to do with MicroAge’s MSS.

If you’re struggling to find a capable partner, the right tools, and sound advice or are unsure where to start, be sure to check out Chris Reid’s recent blog, “What Kind of Cybersecurity Assessment is Right for You.”

I spend a lot of my time focused on the cybersecurity market. Many people need me to help them sort out the complicated landscape and know which things will make a great impact and which things will quietly go away. It’s challenging to keep up with new technologies and the never-ending parade of new vendors.

Sometimes, it is helpful to look backward to understand which things in our past have made a big difference in cybersecurity and which have not. That exercise can help inform the future and make sense of things to come. For me, it’s a periodic thought exercise that often provides insight into the future.

As I have been reflecting on the past, evaluating the outcomes of the hundreds of things that have changed in the cybersecurity world, I have also been keeping a list on my whiteboard. I believe this list contains the key catalysts that have truly made systemic, earth-shattering changes to the way cybersecurity is done. So far, that list is only four items long – and three of them might surprise you.

The Internet

I admit, this one’s a no-brainer. If it wasn’t for the Internet, computers would not have an always-on continuous connection to every other computer on the Internet. Cybersecurity would be easy. I’d be doing something else with my time. Amazon would not be able to deliver anything to me today. Google would not be searching for anything. Elon Musk would not be Tweeting or ‘X’ing or anything. I’m glad we have the Internet, but it created the need for cybersecurity as we know it.

The iPhone

Before the iPhone, we all had very strong “castle and moat” cybersecurity. We built strong walls (firewalls, actually) to protect our IT infrastructure. Nothing from the outside was allowed in. It was very easy to control who and what had access to our systems. Your computer was always company-owned because IT administrators did not trust personal devices, ever. If you wanted emails on your phone, it was a company-owned BlackBerry that connected to the company-owned BlackBerry Enterprise Server (or BES, pronounced /bɛz/ for those who remember those days). “Bring Your Own” was not even considered.

I remember when the iPhone came out; it changed everything. People in the C-suite bought them and insisted that they have access to the network and email. Within a couple of years, the BES was gone, and BYOD was born. Smart organizations embraced the change and adapted their cybersecurity posture. Some organizations tried to fight it. They bought iPhones for the execs and shunned everyone else. They lost and adapted their cybersecurity posture. Either way, everyone changed in the end.

Cryptocurrency

Some people ask me if ransomware is on my list. SPOILER ALERT: It’s not. Ransomware did not drive the changes to cybersecurity that we have seen. They are a symptom of what really brought about the change: cryptocurrency. Crypto made ransomware possible. Before that, there was no way for cybercriminals to (semi) anonymously get paid for their efforts. What were they going to do? Encrypt data and ask for a check? Of course not. There was no scalable way to get paid, so they focused their efforts elsewhere. There was no ransomware.

Cryptocurrency changed that forever, and there’s no going back.

COVID-19

In December 2019, if the CIO was thinking about enabling a remote workforce at all, it was a five- to ten-year plan. Six months later, it was done. Everyone was working from home. The perimeter, which was weakened by the iPhone, disappeared completely. Cybersecurity, once again, has changed forever.

Now, years after the pandemic, we’re starting to think we’ve got the problem solved. For most of us, that’s not true. We’ve got more to do before we have our cybersecurity posture adjusted to this new reality. We’ll get there, but it will take some more work.

What didn’t make the list?

There are a lot of other things that we have heard about throughout the years, from machine learning to EDR/XDR/MDR, to SASE, to CASB, to Zero Trust, and more. Many are little more than buzzwords. None of them made fundamental changes to the way we do cybersecurity. They have not changed cybersecurity forever. They have not earned their place.

Artificial Intelligence is not there either – yet. The jury is still out on that one.

The world of cybersecurity is complicated. We have experts who truly understand the complexities of today’s cybersecurity market and challenges. Don’t try to do it alone.

As the adoption of cloud-based applications continues to surge, organizations are immersed in an ever-expanding landscape of cloud services and data, making the need for a security and policy intermediary more pressing than ever.

“Office applications accounted for more than 70 percent of exploited applications worldwide.”

Enter the Cloud Access Security Brokers (CASB), which serves as a pivotal security enforcement point between cloud service consumers and providers on-premise or in the cloud. CASBs assume the role of integrating and enforcing enterprise security policies as users access cloud-based resources.

Diverse Security Enforcement Across Various Applications, Including the Microsoft Suite of Products

According to Gartner, CASBs consolidate multiple types of security enforcement, including policies such as authentication, single sign-on, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting, malware detection/prevention, and more. In a nutshell, CASBs are critical to controlling how SaaS apps are used and how information is shared through those apps within your organization.

Microsoft has fully embraced digital transformation and now has more than 90 percent of its IT infrastructure in the cloud. What’s more, over one-third of organizations worldwide use Microsoft Azure for their cloud services. Given the prevalence of cloud-based Microsoft products in businesses, it’s understandable that the volume of apps migrating to the cloud will only continue to climb. Given this, Microsoft has even developed its own CASB service to identify and combat cyber threats across multiple clouds, Microsoft Defender for Cloud Apps.

Closing Security Gaps While Paving the Way for Further Improvement

Though the security landscape has seen advancements, a considerable gap remains, exposing organizations to the risk of data breaches. In 2020 alone, Office applications accounted for more than 70 percent of exploited applications worldwide.

So, is the cloud secure? The truth is, that’s a loaded question. One way that a CASB helps to secure cloud-based applications and data is through encryption.

A cloud access security broker sits between the user and the cloud service provider and screens usage, secures data, and guards against threats. By applying strong encryption in context, they are able to discern contextual info about the transaction.

For instance, the CASB should know who is transacting, what group they are in, the physical location, what action they are performing in what service and to what data, and if that data is sensitive.

How might that look in the real world? Take, for example, an HR user uploading a kitten video. Clearly, that doesn’t rank the same as an employee uploading a Word document entitled “Personal Health Info,” which triggers a confidential data DLP (data loss prevention) violation.

This kind of contextual security intelligence is achieved by deploying a CASB in various roles: forward proxy, reverse proxy, and, to a limited extent, using the cloud service’s API. A forward proxy deployment ensures comprehensive coverage by applying policies to all traffic flows, including sync clients, native apps, mobile apps, and even unofficial cloud services. For browser traffic to authorized services and contained mobile traffic (e.g., Salesforce), a reverse proxy is employed. In cases where the encryption is not happening inline, but after the upload, an API deployment is used.

Critical Requirements for a Viable CASB Use Case

Beyond deployment choices, here are five critical requirements that are needed to achieve a cloud security use case:

• Be aware of context, like activities such as “upload”
• In both sanctioned and unsanctioned services, see and control usage
• Use key management to apply strong encryption to sensitive content
• Integrate with KMIP-compliant, on-premises key manager
• Encode the unpublished API and decrypt SSL to comprehend the transaction, used for a forward proxy

So, how are you applying strong encryption based on conditional factors in cloud services? And what else can a cloud broker do for an organization? Here are just a few ways CASBs can add immediate value to your security initiatives:

• Advanced enterprise DLP
• Granular policies for all apps
• Architecture for any use case
• Access and privilege control
• Active threat protection
• Provide visibility and control over cloud spend
• Ensure compliance in the cloud
• Mitigate cloud app usage risk
• And more…

Most organizations simply don’t know what they don’t know, and those unknowns are almost always what keeps security professionals up at night.

How to Get Your CASB Right the First Time

In conclusion, while the security journey in the cloud continues to evolve, embracing CASBs as security intermediaries can provide organizations with a robust shield against threats, facilitate compliance, and empower them to wield the full potential of cloud-based services.
To ensure a successful CASB deployment, it’s essential to collaborate with impartial partners who offer agnostic insights and who can conduct comprehensive assessments.

What is VXLAN?

Many of us, at one time or another, have worked in an office environment with several floors filled with separate cubicles or rooms grouped into teams or divisions. When working on an intense project involving another team, you often had to get up and move to another floor or room to meet with them throughout the project. During those super busy, stressful times, I remember thinking, “Wouldn’t it be nice if I could just wave my wand and magically appear there like in Harry Potter?”

It’s helpful to imagine that VXLAN is a little like that “magic” ability to transport to another space, but for computers and servers that need to move around and work together smoothly across different parts of an extensive network. However, unlike the teleport example, instead of just moving to one space, VXLAN provides millions of virtual networks on-demand simultaneously, which is helpful when there are large numbers of teams or systems that each need their own space to work.

However, as revolutionary as VXLAN is, it may only be suitable for some organizations since it still requires special skills and planning to set up, manage, and ensure proper security. So, let’s walk through the benefits and use cases where VXLAN is most suited, as well as some of the considerations.

Benefits of VXLAN

Today’s modern infrastructure requirements demand efficient, flexible networking solutions to accommodate rapidly evolving technology and user demands. VXLAN offers a transformative approach to networking by stretching a layer 2 fabric across a layer 3 fabric, bringing together the advantages of both layer 2 and layer 3 networking providing greater flexibility and scale.

Benefits of VXLAN include:

Flexible Networking: VXLAN allows you to create virtual networks that can stretch across physical locations, making it easier to move resources around without changing their network settings.

Greater Scalability: VXLAN provides a significantly larger number of virtual network segments compared to traditional VLANs to accommodate the needs of complex and growing environments.

Enhanced Security: VXLAN’s segmentation capabilities enhance security by isolating different groups of resources within separate virtual networks.

Efficient Resource Utilization: By allowing resources to be moved and shared dynamically, VXLAN optimizes resource utilization and enhances load balancing.

Automation and Simplification: Many vendors offer tools and automation options to ease VXLAN deployment and management, reducing complexity for network administrators.

Multi-Tenancy: VXLAN enables the creation of isolated networks for different customers or tenants within a shared infrastructure.

Future-Proofing: With its ability to accommodate a large number of virtual segments, VXLAN provides a foundation for scaling and adapting to future networking requirements.

Use Cases for VXLAN

Disaster Recovery Solutions

VXLAN helps maintain connectivity between data centers by creating virtualized layer 2 segments across different geographies, enabling seamless movement of workloads in case of disasters or failures.

VM Mobility

In the era of virtualization, VXLAN simplifies the mobility of virtual machines, which can be moved between servers or data centers without changing their network configurations. This significantly streamlines processes, creating load balancing, migration, and maintenance efficiencies.

Scaling and VLAN Expansion

VXLAN offers a massive increase in scalability compared to traditional VLANs. While standard VLANs provide around 4,094 distinct segments, VXLAN boasts the potential for up to 16 million segments. This level of scalability is invaluable for large-scale environments with multiple isolated segments.

Data Centers and Automation

VXLAN aligns well with the demands of modern data centers, offering scalable segmentation, mobility support, and disaster recovery solutions to create more flexibility and enhance efficient resource utilization. Recognizing the growing interest in VXLAN, networking vendors have begun developing automation tools and simplified deployment methods to help ease the setup of VXLAN fabrics.

Considerations and Complexity

While VXLAN provides remarkable benefits for modern networking, it’s important to acknowledge its potential complexities. Implementing VXLAN can add a layer of intricacy to network configurations, requiring a deeper understanding of both layer 2 and layer 3 concepts. Additionally, monitoring and managing traffic within a VXLAN environment can prove more challenging due to the encapsulation and tunneling involved.

Organizations considering VXLAN adoption should carefully evaluate their networking team’s capabilities and assess whether the added complexity aligns with their operational requirements.

Remember in the early days of the Internet when there seemed to be little care or concern about online security? You were excited to go online and find cool new things you’d never even dreamed of before. You’d put your contact information into a form without giving it a second thought. You could create and publish online content about nearly any topic and people would easily find you… fast. Maybe you’re too young to have lived through that historic time… but it was pretty exciting, and WOW, we’ve come a long way.

Now it seems with each passing day, business gets more complex… and so does security. As more and more companies have moved data to the cloud, while maintaining some on-premise infrastructure and frequently moving large data sets between locations, cybercriminals are finding new and innovative ways to disrupt that movement and steal data for nefarious reasons.

Enter a fast-evolving security space: high-speed data encryption (HSE), specifically designed to encrypt and secure data-in-motion.

Sure, in reality, data encryption has been around for a long time… so, I won’t go down this rabbit hole here. Thales Group does a great job of detailing that history anyway, Circa 600 BC, if you can believe it! Check out their blog on it… a fascinating read. I will say, however, that we’re increasingly working with clients who have a lot of systems and data all over the place – on-premise, in the cloud, at rest, in motion, and everywhere in between, including frequently transferring large datasets between locations. Can you say ‘exponentially more risk!?’

Are the Days of IPSec Tunnels Finally Over?

You likely understand and have used IPSec tunnels. If you’re unfamiliar, this is an Internet Protocol Security encryption method for protecting sensitive data (think financial transactions, medical records, customer data, etc.) as it’s transmitted across a network, encrypting all data sent between two endpoints.

However, what you may not realize is that where there are large data sets, the amount of time and resources required to securely move that data between locations can be gargantuan. In one client case, a client was aiming to replicate a few terabytes of data across a 1GB pipe, and it took more than eight hours. That transit time not only eats up a lot of compute resources, it also dramatically increases your security exposure risk.

As networks are under a constant barrage of attacks, advanced high-speed encryption that improves security while eliminating the need for IPSec, while also reducing time and required resources are quickly becoming a new standard.

What to Look for in a High-Speed Data Encryption Solution

There are seven key elements to consider when you’re hunting for a data-in-motion encryption solution to upgrade your current data security strategies:

1. Look for a single platform that was architected to ‘encrypt everywhere,’ from your network traffic between data centers, your various locations and headquarters, and your backup and disaster recovery sites.

Managing multiple encryption systems to try and coordinate data security everywhere gets complicated fast, which means risk exposure when systems don’t ‘talk’ to each other effectively. It doesn’t matter if your data is on-prem, in the cloud, at rest, or in transit – one encryption system will result in a more secure strategy.

2. Leverage Layer 2 and 3 encryption to ensure data-in-motion security without any compromises. That means you should get maximum throughput with minimal latency, empowering you to better protect any data format, including video, voice, and metadata, from overt and covert interception and surveillance.

3. Up your security game on your most sensitive traffic. The latest, most advanced encryptors are hardware-based, stand-alone appliances that deliver robust encryption and FIPS 140-2 Level 3 tamper-resistant key management capabilities.

Be sure the solution you short-list has been rigorously tested and certified to be in compliance with the requirements of Common Criteria, the Federal Information Processing Standard (FIPS), and that it has been thoroughly vetted by such organizations as the Defense Information Systems Agency (DISA UC APL) and NATO.

4. Ensure the encryption solution meets the specifications for Suite B cryptographic algorithms (AES-256, ECDSA, ECDH, and SHA-512) for secure communications. While some solutions use NIST-certified random number generators, others use advanced key management strategies that are generated and stored in hardware, ensuring that the keys are always under your control, even in multi-tenant environments.

5. Look for high-performance, high-availability. The last thing you need is encryption system outages. Ask your shortlist of providers if they have proven uptime statistics in demanding, performance-intensive environments with near-zero latency, as well as if they are operating in full-duplex mode at full-line speed without the risk of packet loss.

6. Ask about reporting and diagnostic capabilities. Today’s most advanced encryption solutions give administrators clear and early warning signs of potential issues before they impact the business. This allows your admin team to remain vigilant and proactive around the clock.

7. Be sure it’s interoperable. Encryption solutions that are not flexible and interoperable enough to work with any vendors and systems you have in place are essentially worthless. You’ll need to verify the solution is compatible with all of the major network vendors across your environment and can be relatively easily adapted to meet your evolving security and network requirements as they change.

The solution should also support network speeds of 10Mbps to 100 Gbps, and support single to multi-port appliances, as well as be offered in both hardware and virtual formats.

Do you remember the days when there were mysterious rumblings and rumors of ‘inbox zero’ and quiet whispers at tradeshows and in corporate break rooms about how email would be disappearing… soon to be replaced by chat, SMS, and other collaboration tools…? I distinctly remember thinking, “I cannot wait… but how on EARTH is that ever going to happen?!”

Well, it’s 2023, and here we are.

The truth is, most companies are still knee-deep in the inbox day after day. Chat, SMS, and other collaboration tools have just been added to the pile of communication streams we have to manage. Email follows us everywhere we go including at home each night… it’s everywhere… still.

Like many technological innovations throughout history, it can take decades to see a major paradigm shift. Our reliance on email is like a persistent habit that’s difficult to break, and unfortunately, hackers know this all too well. That means companies should be vigilant about email security and hygiene around the clock, not only to protect their data and users but also to protect the value of their brand.

It’s just not enough to add an email security tool, set it and forget it, and think you’re done. I’m sorry to say, but it just doesn’t work that way. Email security is like a chess game, with each side constantly making their move in an offense, defense, counter-move kind of way.

That’s why in this blog post, I’ll map out a few key technical ‘must-dos’ of email security and hygiene using the Mimecast email security and resilience solution.

Get Your MX and Email Provider Records Right

Before you even get to Mimecast, you need to put a couple of things in order. MX records (mail exchange) are DNS records that talk to each other in order to send email and other traffic to the correct destination. By default, it’s set to send traffic to the lowest priority valued location first, not always your preferred destination. For example, an MX record with an O365 server at priority 10 and Mimecast at priority 20 will send messages to O365 first, not to Mimecast. Sometimes these settings are forgotten during the implementation – make sure they are correct.

If you have an email gateway product like Mimecast’s Secure Email Gateway (SEG), you have to tell your email provider to only accept emails from your gateway and no one else. If you don’t, criminals could send messages directly to your email provider and bypass the SEG – eliminating all of the controls you have in place. While this might sound like email security 101, I’m surprised by how often this kind of setting is overlooked, so be sure your DNS and email provider configurations take this into account.

DMARC, SPF, and DKIM: the Front and Back Gate Guards of Email Security

Once you’re confident your MX record and email provider are configured correctly and you have Mimecast sitting between your mailboxes and potential threats, it’s critical to look next at DMARC, SPF, and DKIM. These three combined are like the powerhouse of email authentication, preventing spammers, phishers, and other unauthorized parties from sending emails on behalf of a domain they do not own.

The two primary authentication protocols, SPF and DKIM, help validate that an email message comes from who it claims to come from. Layered on top of SPF and DKIM is DMARC, which uses SPF and DKIM and then provides instructions to receiving email servers on what to do if they receive unauthenticated mail.

Mimecast users can learn more about DMARC and the others, including creating a DMARC record, a guide to reading reports, compliance, setup on Google, and more on the Mimecast website.

Once DMARC, SPF, and DKIM are set up properly with your third-party email provider, Mimecast is correctly configured, and you’re certain all email is funneling through secure routes, it’s time to better understand the added features Mimecast can offer.

Insider Risk Protection

Mimecast’s Internal Email Protect technology lets you detect email-borne security threats that originate from within your email system and automatically or manually remove malicious content from end-users’ mailboxes post-delivery. Following a compromise, users whose accounts are being exploited by attackers or employees who engage with malicious links or simply make mistakes are better protected with an additional security layer that offers lateral threat protection, rechecks of already delivered files, and much simpler day-to-day administration.

Impersonation Protection

Impersonation attacks — also known as business email compromise — can result in significant financial loss, as attackers try to trick employees into making wire transfers or other transactions by pretending to be the CEO, CFO, or even external partners. In many cases, the attacker underscores some kind of emergency situation that must be addressed immediately, so what employee says “no” to an executive with an urgent request? The Mimecast makes it easy to protect your users from impersonation attacks.

Attachment Protection

The Mimecast Attachment Protect feature scans every email and every click on any user device to identify (and contain, if needed) potentially dangerous attachments. When an attachment appears suspicious, one of two events happen next: 1) the malicious email may be sandboxed, and the content of the email is delivered to users without attachments, or; 2) the malicious email attachment may be instantly converted to a safe format, neutralizing any malicious code, and then is sent to the recipient for preview. As part of the simplified management of Mimecast, administrators may also combine sandboxing with instant previewing to create the best mix of safety, performance, and functionality.

Mailbox Continuity

Since the world is still running on email, this Mimecast Continuity feature helps protect against planned and unplanned email server outages with uninterrupted access to user emails and calendars in native user applications. This continuous monitoring of your email flow also provides automated activation, alerting, and notifications.

AI and Machine Learning

Mimecast’s email security solution leverages AI and machine learning to better detect continuously evolving threats and to give employees email warning banners when needed. The feature also identifies potentially misaddressed emails, helping to avoid mistakes turning into security incidents. Using AI and ML in your email security arsenal helps limit attacker reconnaissance by shielding employees and preventing would-be attackers from gathering intelligence that can be used to craft highly targeted social attacks.

Message Encryption

Message Encryption allows senders and recipients to safely exchange emails and files without burdening IT or relinquishing control of shared data. It gives you easy message and file access via a security portal hosted by Mimecast, a fully customizable configuration to help ensure brand recognition and recipient confidence, and granular message controls that cover message recall, expiration, automated read receipt, print and reply/forward control — all set to your specific policies.

Email Incident Response

Time is essential in the email security world, so this feature is key to decreasing the dwell time of cybersecurity threats while at the same time reducing the burden of threat response and remediation on your Security Operations Center (SOC).

To Recap

This list of Mimecast email security features is by no means exhaustive. Their comprehensive solution offers plenty of customization and configuration options for nearly every type of business email environment.

So if you haven’t done so already, upgrading and more proactively monitoring your email security solution is a great place to start. Email security and resilience solutions such as Mimecast should be uniquely configured to your business, users, and security priorities rather than taking a ‘set it and forget it’ approach. This kind of holistic view of email security, email hygiene, and online brand protection should be a critical component in your overall security plan.