Just like many law firms around the world, UK-based Lodders Solicitors is a frequent target of email attacks including spear-phishing, malware, impersonation and spam.
The information the firm holds and the client money retained in bank accounts are a ripe target for criminals.
Email is the main risk, but attacks have included physical attempts to gain access to their critical infrastructure and telephone-based social engineering trying to trick employees into transferring money to fraudulent accounts.
A steady rate of email attacks were successfully getting past their incumbent email security cloud defences.
As a point security solution, the legacy system did not extend to email archiving and assured availability which had become key requirements given the importance of email communication and the information stored in it.
Lodders, which was established 230 years ago and offers clients legal services from four offices across the UK, chose Mimecast to boost its email protection and resilience.
Mimecast makes business email and data safer for thousands of customers and millions of employees worldwide. Founded in 2003, the company’s next-generation cloud-based security, archiving and continuity services protect email and deliver comprehensive email risk management.
Mimecast solutions implemented by Lodders included Email Security, Targeted Threat Protection (Attachment Protect, URL Protect, Impersonation Protect and Internal Email Protect) Cloud Archiving, Mailbox Continuity, Large File Send and Secure Messaging.
Lodders IT Director, Alex Loquens, said: “Reducing the risk of a breach was key for our ongoing operation, reputation and General Data Protection Regulation (GDPR) readiness. We also needed a failsafe for our exchange on-premises deployment and a secure archive of all email data for compliance.
“Having Mimecast in place as we plan our Office 365 migration reassures us that our email and data is safe both during and after the move”.
Lodders has ingested legacy archive data into Mimecast too so that everything is in one immutable store and easily searchable by both end users and IT.
Mimecast’s email security with Targeted Threat Protection has proven its worth quickly, stopping more than 20,000 malicious or unwanted emails in just a few months.
It will also protect internal email to help prevent the spread of malicious links and attachments that may find their way in via non-email routes. Support desk calls have reduced as staff can search their own archive, release held messages themselves, and access their mail even if the server is down themselves.
The benefits of keeping the business safe from cyberthreats has also extended into other areas of business operations – including improving the firm’s efficiency.
Mr Loquens said: “The Mimecast security solution has ensured emails are delivered in a timely fashion and are malware free. Historically, incoming emails that were captured as potentially dangerous were stored in a repository that was not accessible by staff.
“With Mimecast we now receive a daily digest of potential spam emails and staff are able to ‘self-serve’ and release emails without the IT team’s intervention. This allows us to respond quicker to client queries, as IT issues don’t get in the way of this critical communication.
“For Lodders, we previously had the worry of our business-critical email environment going down. With the Mimecast disaster recovery and business continuity solution, we’re now confident that in the eventuality that on-premise email services are unavailable, we can seamlessly switch to the ‘online mailbox’ and continue critical client email communication with little to no downtime.”
Mr Loquens said there were a number of reasons why Lodders chose Mimecast as a trusted provider.
“Mimecast is used by the top 100 law firms so we know Mimecast has a proven track record. Mimecast provides all the email functions we require from a single vendor, with malware, viruses and spam unable to enter our organisation through email.
“The system has also enabled business continuity and URL protection, so if an email arrives containing a malicious link, the staff won’t be able to click on it and be taken to a phishing site,” he said.
Lodders is part of the UK200Group – the UK’s leading quality assured membership association of independent accountants and lawyers – and runs the Lodders Charitable Foundation to support regional charities.
Mr Loquens said: “The implementation occurred seamlessly over a weekend. On Friday the legacy systems were still in place and by Monday we were fully operational with Mimecast up and running.
“No user intervention was required. A small amount of user communication was necessary, around the Mimecast ‘plugin’ for Outlook and advice was provided around the digest emails that staff would receive daily.”
Not only does the Mimecast system protect staff and the firm itself but also provides peace of mind to the customers entrusting their personal details to the company.
Mr Loquens said: “Our customers know that their email information is handled securely and they are safe in the knowledge that any emails sent from our firm will be malware and virus free.”
“Mimecast enables us to build on its platform and allows us to seamlessly transition to other mail service providers (such as hosted Exchange using Office 365) with no more than a simple mail exchanger record change. In addition, we no longer need to consider separate email continuity, mail malware and virus solutions, or web proxy software for email URL protection.”
He added: “Feedback from staff has been very positive. With Mimecast we have an enterprise-grade solution to help prevent email-based attacks across all devices no matter where our fee earners are. It was quick and easy to implement, and support has been excellent. We’ve been able satisfy our need for improved email protection covering security, archiving and continuity all from one solution.”