Mimecast Cloud Archive provides an archive storage solution for data retention, as well as search and retrieval of email, attachments and MS Teams conversations. The cloud archiving solution offers search capabilities for employees and automated tools for administrators that simplify management of mailboxes, e-discovery and litigation support.
N/A
Proofpoint Security Awareness Training
Score 10.0 out of 10
N/A
Proofpoint Security Awareness Training (formerly ThreatSim from Wombat Security) is a cloud-based training platform that simulates threat scenarios (e.g. phishing) and also provides assessment testing developed by Wombat Technologies, which was acquired by Proofpoint in March 2018.
This is for any business that needs secure, tamper-resistant, long-term email storage. Mimecast cloud archive is the answer. Easy self-service user interface, Admin interface is generally pretty usable as well with a good level of granular permissions for delegation to support staff. It allows cost savings with email storage by implementing retention policies and offloading the storage to Mimecast.
Perfect for regular (monthly) training of staff versus a "one and done" annual assignment on Cyber Security. Allows for a greater number of topics to be covered and for creating a "culture" of security awareness among all Staff throughout the entire company. NOT a replacement for IT Security Certifications amongst your technical staff (CISSPs & GSLCs on staff are a must have). Your Proofpoint Account Rep does most of the heavy lifting, but the program still requires "care and feeding" (resources) within your organization - preparing monthly user lists for training assignments and preparing reports for leadership on participation & progress
Sync and Recover is a great tool for when you need to recover emails quickly or in bulk.
The archive is nested in the mail protection admin portal, so it is easy to navigate between the recent mail in the protection portal (limited window of time) and the archive when searching for emails during investigations or troubleshooting.
The additional protection feature allows scanning of emails that land in the archive. This helps with internal to internal emails that might have been malicious, for instance from a compromised account.
The Mimecast for Outlook add-in is nice, although you can access it from the web as well, for seeing your own archives. If users are missing an email, they can look there on their own without submitting an IT support ticket.
We do not allow end users to restore their own, but that is a feature that exists as well.
There are so many features, it can be difficult to find exactly how to perform some actions.
Emails are not automatically shown in their native format when searched you must click on the email and then request it be formatted in the proper format (HTML, plaintext, etc.).
The lack of a user rating on "cyber risk" is proving to be an immense difficulty. As we are looking at how to better hold our employees accountable as well as provide increased learning opportunities for those who need it most, it is becoming cumbersome--especially given the fact this is starting to become the standard for Security Awareness companies. The lack of this is resulting in a manual process vs being able to automate and moderate, thus taking up time and resources, which are always at a scarcity. It can also be cumbersome to look across the tools to see how a particular user is doing, vs being able to view all of their data in one space.
If you are a marketer, the editors for the Phishing Templates and Teachable Moments are quite frustrating. They feel out of date and clunky, as well as not featuring an auto-save, so you could lose the templates you are building. At this point, I have actually started to work in other email creation editors and learning HTML, to better customize and then moving all of the code into the editor. It has thus far proven to be less of a headache. I also do not believe the average user is working on branding their program, creating consistency for easy of navigation, and including additional resources in their teachable moments in the way we currently are. However, as more social science backgrounds continue to enter security awareness, I believe this will move towards the norm.
Some of the reporting numbers for Simulated Phishing could be better. For example, telling me how many people acknowledged the teachable moment out of the full email campaign is less meaningful than knowing how many people acknowledged it, from those who actually triggered/were shown the teachable moment.
We have a good relationship with our vendor/Proofpoint, which I believe is needed to be successful in Security Awareness and using tools like this
The package/service as a whole is incredibly helpful
The integrations with Proofpoint's Trap is one of the most valuable things we could do. It turns your entire email user base into members of IT security, to be on the look out to report cyber attacks, and have them pulled out of everyone's email if the email is condemed/found malicious.
The archive is easy to use and the searching is highly customizable. You can easily search based on timeframe, sender, recipient, words, phrases, and attachments. The ability to search keywords within attachments, body, and subject line is incredibly helpful. We're able to quickly and easily find what we're looking for.
Overall, PSAT is integral to what we do. PSAT is a helpful tool to help us improve our employees ability to recognize, report, and respond to phishing. It works for us to use a longterm partner, who is incredibly helpful/supportive, and also bringing Proofpoint's greater cybersecurity & attack intelligence into PSAT. Honestly, we are pretty happy and would make the choice to go with PSAT again (we evaluated the major players in the space via Gartner's Magic Quadrant). The team behind the products are excellent and the product of itself is both intuitive and expansive. This combination allows us to reach our 10k+ employees who are located in over 20 countries
There is never an issue. Everytime I have needed to access my own personal search archive or globally search across the whole business it works each time. I cannot recall a time where the service was down when needed to be used and all our staff use it daily.
The stability of the tool is the biggest factor, it has a fantastic uptime and the loading speed is exceptional. Long gone are the days of waiting for Outlook to open up a traditional PST archive, I can simply click, find what I need and go, usually, before outlook has opened the archive. It is an exceptionally efficient tool.
It does a good job. The support team of the product was good and responsive and was also able to fix the issues I was experiencing at the time. It isn't perfect and takes some time to set up properly in the environment but once set up the product does what it is supposed to do which is what you are paying for.
Proofpoint support has always been above average. A lot of companies provide a customer service manager for your account but few have proved as connected as Proofpoint. The CSM was able to give us a good start with the product and checked in periodically. I found them always helpful with any questions and very knowledgeable about the platform.
One of the big features of Mimecast is the ability to send large files. We used to use CItrix Sharefile for this but switched over to Mimecast's LFS for one large reason...since we are archiving all of our mail in Mimeast anyway we would have wanted these attachments, even if large, also available to if we go back to look at old emails. However just for usability sake I think Citrix Sharefile's large file send is more polished and probably works a little better. We just choose to use the Mimecast so we had a one stop shop when it came to email archiving
All three products have the pros and cons. Since we use other Proofpoint products, TAP, TRAP, etc. the integration with PSAT is much better. The other products do not integrate with TRAP nearly as well as PSAT.
I don't have any tangible numbers to provide, but we definitely have an increase in the number of staff reporting suspicious emails and fewer people clicking on phishing emails.
The cost we are paying per employee (<$2 pp)is low enough that we can consider this a "benefit" we offer to our employees. The knowledge gained can also be applied to your personal life with similar threats.
