This is a guest blog from Proofpoint, a leading cybersecurity company that protects organizations' greatest assets and biggest risks: their people.
SUMMARY
A manufacturing customer of Gotham’s has over 100 years of experience tailoring custom products to meet their customers’ most demanding specifications. They pride themselves on the ability to provide any size order, to any specification, in a wide variety of configurations, and shipped on-time, worldwide.
The customer worked with Gotham to replace their previous email protection product with Proofpoint Essentials and used the improved results to create a better experience with better protection for both their end users and their security team. With the improved protection they received, the customer could focus their energy on further improvements to their security and to the education of their staff.
CHALLENGE
The customer had been using Symantec Endpoint Protection for a very long time. They had gotten very good at running that system and felt that it did the job, but more importantly, they were familiar with it and had spent years building it out to fit their custom needs.
However, Symantec had decided to stop support for their Endpoint Protection on-prem product and had informed the customer that they would not be renewing their contract. This meant the customer had to research available options, figure out which one would work best for them and their systems, and then implement the product, all in a very short time frame.
This customer and Gotham had worked together for over 15 years and in that time had built a strong, trusting relationship. Because they also would be looking for a managed solution, the customer wanted to go with someone who they could trust and who was familiar with them, their needs, and their systems. Gotham had even stood up this customer’s existing email infrastructure so they knew that Gotham would understand which email protection system would work best for them.
SOLUTION
The customer was looking for not only a very robust and secure solution, but one that would be easy to use, save them time, and cause the least disruption in day-to-day activities. They also needed one that was still offered on-prem but would allow them to eventually move to the cloud. From the beginning of their search Proofpoint Essentials was at the forefront of the conversation. Both parties felt not only that the price was reasonable, but that Essentials gave them more than what Symantec had to offer.
Once the proper approvals were in place, Gotham and the customer worked together to get Essentials up and running within two to three weeks total. This included setting Essentials up within the customer’s mail environment, creating new policies, cutting over outbound mail, then cutting over inbound mail. The customer’s change control process was also somewhat difficult because their industry operates 7 days a week and they couldn’t afford any interruptions, but even with this added difficulty both parties agreed the transition was very straightforward.
Additionally, not only did they successfully make the switch, but because of the ease of transition Gotham and the customer were able to do some cleaning and pruning of their existing rules and policies within the same timeframe. This allowed them to remove or revisit some of the older policies that had been in place and get back to basics and function simply again, like “hitting reset on a computer.”
In working with Gotham, the customer states that, “Gotham has always been very good at getting back to us when we have any problems. Since we implemented Proofpoint 11 months ago we’ve had to call Gotham maybe four or five times. When we did the response was fast and the problem got resolved.”
RESULTS
Since implementing Proofpoint 11 months ago, the customer has seen at least a 30 to 50% decrease in unwanted emails each month. In a recent 30-day period, out of over 45k emails received, 51% were quarantined or blocked, 5% were marked as spam, while 44% were marked as clean and delivered to their recipient. The customer has also stated that there is less time spent having to go into the console and manually block items or make other changes for end users because they can do it on their own.
A few key capabilities have also stood out as the most beneficial to the customer, some being brand new to them while others were improvements to their previous capabilities:
- Quarantining – The improvement in accuracy when determining which emails were quarantined vs delivered was overall the most valuable change for the customer.
- Sandboxing – For emails that are delivered with links in them, Proofpoint rewrites the URLs and sandboxes the links until they are deemed safe by the user, further protecting them from incidental clicks on malicious links.
- Threat Digest– Users have full visibility into what has been blocked and can take actions on their own to unblock anything that should have been let through. This was previously a manual process for the security team.
- Attachment Encryption- The customer previously had a process for sending encrypted attachments that was more manual and was prone to mistakes. They can now automate this with a tag in the email subject line, which helps ensure more security and again saves them time.
This increase in protection and capabilities has in turn given the security team additional time to refine their policies so that what started as an immediate drop in unwanted emails has continued to improve incrementally over time as it gets more intelligent from their continued input.
“It’s not a treasure hunt anymore.”
Finally, the customer stated the following, “Previously, our users might ask a simple question like why they didn’t get a certain email and all this work would have to happen behind the scenes to figure it out. We would have to ask, “Has it not made it to our network? Has it not gone past the Symantec Gateway? If so, is it safe enough for me to release it?” All these questions had to be answered with considerable work spent each time. With Proofpoint Essentials it's not a treasure hunt anymore. Now we know the steps to ask, like, “Did you check your quarantine list? If it’s in quarantine, does It contain an unsafe attachment?” The conversation is past those basic questions and is now about, “What do we do with it?” Our efforts have become much more fruitful since implementing Proofpoint Essentials.”