Keeping sensitive information in and bad actors out
The global threat environment continues to get more aggressive and sophisticated. PerkinElmer was seeing more fraudsters evade its spam and antivirus solutions and deliver email-based phishing attacks, spoofed emails, and malicious URLs.
PerkinElmer Inc. helps scientists, clinicians, and lab professionals accelerate science through innovative detection, imaging, and informatics solutions. Recently, the company itself needed innovative detection and remediation capabilities to fight emailbased threats.
“Attacks were causing a lot of concern,” said Jim Forsyth, Senior Network Engineer Global IT Infrastructure at PerkinElmer. “Financial hacking groups targeted us, putting personal credentials at risk. Ransomware threats are real. Our spam and antivirus solutions weren’t adequate anymore.”
PerkinElmer employees received highly targeted emails that appeared to come from trusted sources. Some were designed to look like Microsoft Exchange “mailbox full” notices. Some requested users’ credentials to view an attachment. Botnet attacks infected systems, causing them to send spam. Business email compromise (BEC), or impostor emails, asked users to wire funds and pay invoices. If users entered their credentials, they fit the profile for hacking groups that steal credentials and attempt to access confidential corporate financial data.
A Click Away from Compromise
In spite of endpoint protection and web filters, it took only one click to allow a phishing attack to get through. Business implications were huge—the company was vulnerable to direct financial loss. Members of the IT team lost hours and days of time isolating and cleaning infected machines. It took even more time for the IT team to track email sources, open cases with their other security tool vendors, and increase logging capabilities just so they could identify threats faster.
“The time we spent fighting threats increased tenfold,” Forsyth said. “As a growing global company, we needed a more flexible, affordable approach.”
Fast, Comprehensive Defense
Forsyth looked at Proofpoint solutions for answers. He was impressed by the sound design principles behind Proofpoint products and chose Proofpoint Email Protection to defend against unwanted and malicious email. He added Proofpoint Targeted Attack Protection (TAP) for defense against advanced threats in email that use malicious attachments and URLs.
“Proofpoint worked,” Forsyth said. “We deployed TAP and changed the MX record in just minutes. We rolled it out to all of our users over 10 days, only because we needed the extra time to notify everyone first.”
He added that the Proofpoint professional services team “really knows what they’re doing and were friendly and helpful.” Proofpoint helped Forsyth’s team configure settings and familiarize themselves with the interface and features. After the rollout, professional services stayed available to answer questions.
99 Percent Less Malicious Mail
“Proofpoint TAP helped tremendously,” Forsyth said. “It reduced malicious emails, attachments, and URLs getting through by 99%.”
The TAP URL defense feature detects and sandboxes unknown URLs for analysis. Even if a user clicks on a URL, TAP can later block access to the same URL if it becomes malicious. If something gets through, Forsyth knows immediately. The Proofpoint dashboard shows who received it, describes its impact, and helps remediate it. With more visibility and better attack data, PerkinElmer practically stopped phishing, malware, spoofing, and ransomware—directly avoiding fund and productivity losses.
High Accuracy Minimizes False Positives
PerkinElmer plans to deploy Proofpoint Email DLP, which helps prevent users from accidentally sending out sensitive information. It also enforces email policies centrally and automatically.
With this capability, PerkinElmer will reduce its risk of Payment Card Industry (PCI) noncompliance. If a PerkinElmer customer accidentally includes credit card information in an email, replies from a PerkinElmer employee will adhere to PCI standards. Proofpoint Email DLP identifies sensitive information in outgoing emails and blocks those emails while notifying the employee to either remove the sensitive information or encrypt the email.
“Proofpoint is accurate,” Forsyth said. “It generates almost no false positives, and we can flexibly fine-tune responses. It works well.”
Intelligence with Flexibility
PerkinElmer now has more security and flexibility. For instance, Forsyth can filter bulk email so that it goes only to employees who want to receive it.
“I filter my own email for bulk emails, and it made my life a lot calmer,” he said. “But those employees who want to receive bulk mail messages, can. Proofpoint gives us more options, and there are many more things that we can do with it.”