Volition’s innovative solutions are based on the science of Nucleosomics™—identifying and measuring nucleosomes in blood or fluids. Nucleosomes are indicators that disease is present. Nucleosomic techniques are used primarily in human diagnostics, but Volition also has a subsidiary focused on animal diagnostics.
Bioscience advances occur quickly, and Volition needs to stay agile. The company relies on cloud-based infrastructure and SaaS as much as possible to support growth without adding operational complexity. After Volition migrated to Microsoft Office 365, it implemented Domain-based Message Authentication, Reporting, and Conformance (DMARC) and Sender Policy Framework (SPF) for additional email authentication assurance.
“Like disease, it’s better to prevent problems than have to cure them,” said Daniel Halter, Group IT Manager for Volition. “We want to prevent threats while ensuring that legitimate emails get through with as little ‘background noise’ as possible.”
Yet, in spite of ongoing internal user education, advanced security techniques, and best practices, the IT team continued to see phishing attacks. Attacks are becoming more sophisticated, and attackers often try to enter Volition through compromised third parties.
Two are better than one
From an IT perspective, Volition faces the same security challenges that other companies face. Unlike many other companies of its size, Volition wasn’t going to face them alone.
“The security threat landscape is ever changing and it’s vital to keep apace with it,” said Halter. “I wanted to build and leverage a trusted relationship with security experts to help us better secure our email and maintain a strong security posture going forward. Khipu Networks is a trusted advisor to us, and that’s how we found the Proofpoint Essentials solution.”
Khipu Networks is an award-winning international cybersecurity partner that delivers security solutions, technologies, and services across industries. We have worked with Daniel for more than a decade,” said John-Ryan Smith, account director at Khipu. “After a detailed consultancy, we knew only one company would exceed their requirements: Proofpoint.” In the ever-changing threat landscape, Khipu was confident in recommending Proofpoint Essentials. As a cloud-based solution, it delivers big-picture threat intelligence and granular insight into specific threat types and frequency. It’s also quick to deploy and significantly reduces Volition’s footprint of risk. “
During the POC, Proofpoint was quarantining email that previously came through,” said Halter. “Quarantining is really efficient, and Proofpoint captured threats trying to come through. Once we saw the results, we went straight to production to begin delivering this protection across the business.”
Next step: archiving
As a public company, Volition is subject to cybersecurity compliance requirements. One requirement is having the ability to securely archive and retrieve both received and sent email. Halter and Khipu conducted a POC to identify the best solution for achieving this goal. One option was a backup solution to store email outside of Office 365. The other option was Proofpoint Essentials Email Archive.
“We chose Proofpoint Email Archive because it is a true, easy-to-use, searchable archive,” said Halter. “The other solution backed up the files, but it wasn’t searchable. We also would have to restore content, mailboxes, and folders just to begin looking for something.” Instead, the Proofpoint archive solution made it easy to import historical email, automatically preserve all emails with their attachments, and perform fast, easy searches across the entire archive.
Halter says Proofpoint Essentials Professional package gives him peace of mind. Volition now has a solution that’s capturing much more than they could stop before, and he doesn’t have to worry where the next attack might come from.
“Beyond a shadow of a doubt, the URL rewrites are a blessing,” said Halter. “Most of the phishing has been stopped outside of our environment, but even if an attack gets through, we still have a safety net. Proofpoint rewrites the URLs, so even if someone clicks on a link, it can’t execute.
”The daily email digest has greatly reduced ‘background noise’ coming through with legitimate email. Users can look at what’s captured and release it if they choose. However, Halter says there is not often the need to do so.