- Safeguard intellectual property and customer data from a wide range of industries
- Protect a newly distributed workforce, including those working from home
- Scale up security capabilities without swelling budget
- Proofpoint Email Protection
- Proofpoint Targeted Attack Protection (TAP)
- Proofpoint Threat Response Auto-Pull
- Stopped a broad range of email threats
- Identified highly targeted users and departments in need of additional protection
- Secured remote workers and helped keep them compliant
- Augmented internal security team with outside threat intelligence and research
Two critical aspects of 7.ai’s business are protecting its intellectual property and keeping clients’ information private.
The company has more than 200 patents approved or in process along with intellectual property that it keeps more closely held. Its customer data is just as important to protect. Some chat sessions, for instance, might include credit card numbers or personally identifiable information.
7.ai’s customer base runs the gamut of industry sectors. Many of those—such as healthcare, finance and government—are highly regulated. 7.ai must keep customer data out of the hands of cyber criminals and compliant with a growing myriad of regulations.
“Cybersecurity plays a big, big role in what we do,” Wynn said. “We’re fighting a cyber war with people who are behind another keyboard and who are trying to harm us all.”
That fight has grown more complicated in the wake of Covid. The global pandemic has scattered workforces, pushed commerce to the web and created new security and compliance risks.
Fortunately, 7.ai was prepared. It had already begun making the shift to remote work when the pandemic hit, so it was better prepared than most to make the sudden switch. (A majority of its 10,000 employees now work from home; others collaborate at microsites designed to comply with local social distancing rules.)
It met with its key vendors, data centre operators and top customers to discuss how the pandemic might affect operations and map out how it can respond. As the company assembled a business continuity team and raced to reassure customers, new security implications took centre stage.
Data privacy is just one example.
“Who is a trusted person in the home?” and “What is a safe environment?” she said. “If your loved one comes over and says ‘hi,’ they might inadvertently see something on your screen.”
For 7.ai and other companies, the new working environment is really more like thousands of new working environments. Unlike an office, which offers uniform workspaces under easily controlled conditions, each home environment is unique. Companies must deal with countless combinations of device and networks—all out of reach of the IT, security and compliance departments.
To help manage the chaos, 7.ai crafted new acceptable-use agreements for corporate resources. In some cases, it even had employees send pictures of their working environments so the company could assure customers that their data is being properly managed and protected.
Remote work also meant doubling down on a people-centric approach to cybersecurity. While cyber attackers have long focused on people rather than traditional IT infrastructure, keeping them protected remotely can be even harder, Wynn says.
“I can’t be a ghost in everyone’s house,” she said. “So what can I do to have the same security and privacy controls when they’re on their computer?”
To meet the challenge, Wynn enlisted the help of Proofpoint, a cybersecurity vendor she calls a strong ally in her fight against cyber threats and compliance risks.
“One of the things that I look for is who can be a good partner with me, who can be a great augmentation of my staff,” she said. “We are in a cyber war and I need people who can be in that cyber war with me.”
The company uses Proofpoint Email Security to stop a wide range of cyber threats—in most cases, before they ever reach users’ inbox. The award-winning solution stops spam, malware and attacks that use social engineering to exploit human nature rather than technical vulnerabilities.
These non-malware threats include email scams such as business email compromise (BEC). In BEC, attackers impersonate trusted colleagues, business partners and brands. And they do so in ways that aren’t always easy to detect with conventional email defences.
When something gets through or turns malicious after being delivered, Proofpoint Threat Response Auto-Pull automatically removes the message—along with any copies that have been forwarded to other users.
The Proofpoint deployment has enabled 7.ai to take a people-centric approach to cybersecurity by providing visibility into the company’s most heavily targeted users, or what Proofpoint calls Very Attacked People™.
“I can see which people, in which departments, are getting what kind of attacks,” she said. “This allows me to see whether I need to do additional training or meet with people one-on-one. And it better prepares me to protect the whole company.”
According to Wynn, one of the factors that makes Proofpoint such a valuable partner is its wide-ranging threat intelligence. Like 7.ai itself, Proofpoint works across industries. That means Proofpoint can spot potential cyber threats against industries that 7.ai serves.
Wynn says Proofpoint has helped her become more efficient by becoming an extension of her internal security team. Thanks to Proofpoint investments into research and development and the scale of its threat intelligence, Wynn can redeploy her team to focus on security issues best managed internally.
“You guys are my team,” Wynn says.
Having access to Proofpoint’s cybersecurity data and insight gives 7.ai critical information in as close to real time as possible for it to make better decisions—making her team more efficient and her company more protected.
“Proofpoint allows me to sleep at night because of what they are doing for me,” she said.