Manufacturing Builds A Better Email “Mousetrap”

November 02, 2016

COMPANY TRAPS ADVANCED EMAIL THREATS BEFORE THEY ENTER

The company’s existing spam tool was rapidly losing ground in the fight against high volumes of spam and sophisticated, malicious phishing campaigns. Phishing, impostor emails (also known as business email compromise, or BEC), and spoofing of executives’ emails had become seriously disruptive. Because many threats got through, the Help Desk team spent hours each day calling users—including executives—initiating complete antivirus scans of their machines, and re-imaging workstations. Not only was remediation time-consuming for Help Desk staff, it was annoying to executives, disruptive to users, and alarming to the security team.

“The situation was just all kinds of bad,” said the Network and Security Engineer at the company. “And we just couldn’t stop the flood.”

The company had been using an IronPort cloud-based solution for the past three years, but its effectiveness had degraded during that time. The team did everything possible with the tool’s vendor to optimize the system. Nothing changed. Next, it began evaluating the vendor’s replacement solution, but the results weren’t overwhelmingly positive.

“STAGGERING” RESULTS
“We knew that Gartner considered Proofpoint to be a leader, so we decided to do a proof of concept with Proofpoint Email Protection,” the engineer said. “We started by placing Proofpoint between our existing tool and our Exchange servers.”

The company’s team wanted to see if Proofpoint would catch the threats bypassing their existing tool. And if threats got through, it wanted to know what they were—spam or more malicious phishing, URLs, or attachments.

“The results were staggering,” the engineer said. “Proofpoint caught a lot more spam and e-mails with malicious URLs and attachments that got through our existing tool. That made our decision easy.”

The company purchased Proofpoint Email Protection to defend against spam and malicious emails. It also chose Proofpoint Targeted Attack Protection (TAP) with URL Defense and Attachment Defense to stop advanced and zero-day attacks that target users through malicious URLs and email attachments.

SIGNIFICANTLY BETTER
“Proofpoint gives us significantly better protection than we had with IronPort,” the engineer said. “I’m especially impressed with Proofpoint’s responsiveness to false negatives. We’re streamlining that process, but even handling them manually with Proofpoint is way better than what we had before.”

Proofpoint TAP’s comprehensive zero-day capabilities stop advanced threats, like phishing through malicious URLs and attachments. Detailed insight gives the security and Help Desk teams much better visibility into any phishes that might get through. They know exactly how many people received a phish, who they are, and whether they clicked. TAP has reduced the flood of calls and antivirus scans that the team had to manage in the past to a relatively small handful.

“TAP is an excellent companion to Email Protection,” the engineer said. “Its sandboxing efforts are extraordinary. I love that all URLs in inbound email are rewritten to pass traffic through Proofpoint. This works great—it’s protecting users and saving us loads of headaches. And I spend a lot less time handling false negatives.”

EASIER TO USE
The team found Proofpoint’s management interface to be easier to administer and navigate. The single interface is much simpler to use than the other tool’s two disconnected anti-spam and additional reporting system interfaces.

“We report exceptions to Proofpoint, and Proofpoint actually takes action on them,” the engineer said. “It’s much easier to quickly report them to Proofpoint than IronPort. I’ve offloaded quite a bit of malicious attribute analysis, and Proofpoint uses it to quickly improve anti-spam effectiveness for all Proofpoint customers.”

A MAJOR WIN
Now, spam, phishing, BECs, and zero-day threats face formidable opposition when they try to enter the company through email. Naturally, employees and executives don’t miss the disruption and productivity losses that threats used to cause.

“We experienced a major win with Proofpoint,” said the engineer. “We get significantly more effectiveness. It’s worth it.”

Download PDF