Avanan

A Fortune 500 company was inundated with phishing and other suspicious emails, with their end-users receiving more than 16,000 phishing emails per month. In addition to dealing with the actual phishing attacks, this company's Security Operations Center (SOC) was required to review each suspicious email report by the end-users. These were emails that end-users felt could be phishing and thus sent to the SOC for further analysis. On average, the SOC reviewed nearly 17,000 end-user email reports per month, causing them to be overwhelmed and quickly approaching burnout. A change was needed that first stopped the attacks from reaching the inbox while also reducing the overwhelming load on the SOC. In looking for a solution, they evaluated two different solutions and eventually selected Avanan to secure their enterprise email with Avanan Email Protection and Avanan IRaaS to achieve their objectives quickly.

Fly High Airway, a major domestic and international airline, was facing challenges with their existing email security solution, Proofpoint. The airline was not satisfied with the efficiency of their email catch rate and was looking for better protection for their Microsoft Teams account, which they heavily relied upon for internal communications. The airline was also seeking a solution that was cloud-native and connected via API. The airline's CISO, Sebastian Thompson, was not happy with the number of phishing emails that were getting through on a regular basis. The airline was also interested in Microsoft Teams protection. They needed a solution that could stop email threats before they hit the inbox, and protect Teams and other collaboration apps.

CRO, a global contract research organization, was a highly-targeted organization for phishing attacks and intellectual espionage. It was subject to multiple regulatory laws including HIPAA and data leakage was a fundamental concern to its clients. The company had already deployed a secure email gateway from Proofpoint to protect its Office 365 environment, but it was not up to the task. Multiple times a week, the IT department had to manually send email warnings, instructing employees not to click on the malicious links that had recently reached their inbox. The constant need to monitor and react to missed attacks was both time-intensive and a high-profile reminder to everyone that IT had not yet solved the phishing problem. The old way of doing things wasn't working.

Engineering Associates had been using Mimecast for years to protect their on-premise Microsoft environment. However, when they moved to the cloud, they started experiencing plenty of delivery issues and tons of phishing getting through to the inbox. They needed an easy-to-use solution that stopped more phishing and caused fewer headaches. For a new email security solution, the first criteria was improved phishing detection. Secondly, they needed an easy-to-use, hands-off solution that did the work for him.

The accounting firm had moved much of its IT to the cloud, most significantly, to Office 365’s core applications and email. However, the firm had fallen victim to a number of phishing attacks, including an aggressive ransomware attack, even with Office 365’s Advanced Threat Protection enabled. They had paid extra for Microsoft’s best security, but it was not enough. The company’s IT manager knew they needed additional layers of security beyond Office 365’s native solution.

ServiceSource, a revenue lifecycle company, migrated to the cloud and started using a variety of cloud storage resources and SaaS applications. As a public company with many compliance requirements, ServiceSource had been using best-of-breed security products to secure information in its data center. However, with its recent cloud migration, the company quickly discovered the limitations of its data center security products in protecting information in the cloud. The company needed a way to apply the same levels of security to its cloud infrastructure as it did in its data center.

The City Cybersecurity team within the Department of Technology must provide protection for 50 City and County departments subject to widely varying risks and requirements. For example, the Department of Elections must be protected from state-sponsored cyber attacks while also being transparent to public oversight. Health Care and Human Services, Finance and the Courts all fall under multiple regulatory requirements, from HIPAA to PCI to California State and Federal regulations. Needs vary widely. Some organizations have over 10,000 staff members with their own IT staff. Others may only have 50, with elected leaders that change every election cycle. Makstman partners with all to protect their data and services. Whether safeguarding water, power and transportation systems, or supporting health and human services for vulnerable populations, Makstman is tasked with protecting critical municipal services for the one million people who work and live in San Francisco.

TPA America, a national benefits administration company, was facing issues with their email security solution, Mimecast. The company had moved to Office 365 and wanted a security solution that was easy and low maintenance. However, after deployment, they started facing problems. The first issue was the number of false positives which disrupted the business. Emails would disappear until a user would ask about it the next day or spend time looking through quarantine. This led to a helpdesk ticket or an urgent call from a department head. The interface was also confusing and difficult to navigate. It was hard to find a message or understand why it was blocked. The lost time, both on the IT team and for company employees, became an expensive burden. Email-related tickets are often time-sensitive and because they can lead to a breach, potentially critical, forcing the helpdesk to grant each priority. It became necessary to add staff to manage the system.

Home Management, a property management firm in the Southwest, had been using Mimecast for years. However, the small IT department found that managing their email was taking too much time due to the complicated usage and lack of results. The product was too expensive for what they felt they were getting out of it. They were paying for Mimecast’s archiving system that they weren’t actually using. It was difficult to see what was going on in their environment. When something was blocked, they couldn’t figure out why. It was especially frustrating due to the high level of false positives, and due to the fact it was blocking a lot of legitimate emails. The system was just plain complicated. The IT department was swamped, being pulled in hundreds of different directions. But they were bogged down with email. Mimecast was “a pain” to manage, and left them having to put aside other, critical tasks.

Brodeur and Giroux, a New England-based law firm, had been using Mimecast to protect its Microsoft 365 users. However, they began to notice a pattern in the types of attacks coming through to the inbox. These Business Email Compromise attacks are of particular concern since they are incredibly effective and tough to stop. Beyond that, the firm was struggling with standard credential harvesting schemes, including fake invoices. All he was left to do was hope “that our end-users catch and don’t fall for it,” he says. For Reaves, that’s a risk he wasn’t willing to take.

The NE Association, a non-profit based in New England, was facing a significant challenge with their email security. They were using Sophos, but the solution was causing more problems than it was solving. The organization was receiving a high volume of phishing and malware attacks, and Sophos was not effectively blocking these threats. Additionally, the Sophos solution was causing confusion among staff due to its inconsistent encryption policy. The NE Association needed a new solution that was user-friendly, connected via API, and cost-effective.

Bethel School District in Washington state realized the need for a proactive security solution after two major phishing attacks on nearby districts resulted in significant losses. One attack led to the theft of $50,000 worth of computer equipment, while another resulted in a breach of personally identifiable information from all finance department employees. While Bethel Schools had not experienced breaches of this magnitude, they had endured some phishing attacks in the past. After learning of these events, a breach of that nature seemed increasingly possible.

State of Art Comms, a wireless communication equipment provider, was facing issues with their existing Secure Email Gateway, Barracuda. They were experiencing a high number of Business Email Compromise (BEC) attacks, where malicious emails were getting through to end-users. In some instances, even legitimate internal and customer emails were being blocked, disrupting business processes. The company was in need of a solution that could effectively stop these attacks while ensuring important emails were not blocked. Despite having a few months left on their contract with Barracuda, the company decided to look for a more effective solution.

Diagnosis Co., a biotech company specializing in DNA and protein-based diagnostic testing, was in need of a robust security solution. The company was particularly concerned about the increasing attacks on medical companies from nation-states, especially in the wake of COVID-19. They were looking for a solution that could prevent sensitive information from leaving the company and protect their email and file-sharing services. The company had been using Microsoft EOP to protect their Microsoft 365 environment, but this basic level of protection was not sufficient. The company was also worried about external threats, particularly those targeting medical companies. They were aware of the devastating impact of data breaches on pharmaceutical and other biotech companies and were determined to protect their clients' sensitive DNA data.

Blue Emerald, a large manufacturer in the Southeast, was struggling with a major credential harvesting campaign. Their 200 users were inundated with scores of these attacks daily. The company had already deployed a Secure Email Gateway from Trend Micro to protect its Microsoft 365 environment, but it wasn’t doing enough. The Director of Information Technology, Chris Schneider, was particularly frustrated by one attack that had passed through Trend Micro’s scanners. One user got a phishing email that claimed to be from Bank of America. It wasn’t. But because of the onslaught of phishing emails aimed at his user and the lack of clarity from Trend Micro, Schneider didn’t know about it until days later. Unfortunately, it wasn’t the first time that attack has reached inboxes. As an administrator, he only got an alert if that email was forwarded. Sometimes, that can take a couple of days. Sometimes it doesn’t happen at all.

New Destination Travel was looking to upgrade its Microsoft ATP environment. They were specifically interested in a higher catch rate of phishing, DLP and full-suite protection. For years, the company relied on Microsoft ATP for security in its Microsoft 365 environment. However, they were troubled by how many phishing attacks reached the inbox. Day after day, a new campaign was visible to users. Beyond that, they needed a better way to search and quarantine or destroy messages. With Microsoft, the process was clunky. As a busy IT admin, Roy needed a simple, fast, and effective solution. Finally, Roy needed a better inbound and outbound DLP solution. As a travel agency, they deal with a lot of credit card numbers to book their customers’ travel. That means they need to be extra careful in ensuring those numbers don’t get into the wrong hands.

Palm Cargo, a large international cargo shipping company, was struggling with a significant number of phishing attacks reaching its end-users. Their existing Advanced Threat Protection (ATP) was particularly ineffective against spoofing and Business Email Compromise (BEC) attacks. The company needed a solution that could prevent malicious emails from reaching the inbox. The existing solution, Microsoft ATP/Defender, was not up to the task. Malicious emails were constantly in the inbox, and often, they would stay there for far too long. The company was also struggling with Business Email Compromise attacks, which were increasing in popularity and difficult to protect against.

Clean Teeth, a small dental insurance company, was looking for a comprehensive security solution. They were particularly concerned about securing Personally Identifiable Information (PII) and staying HIPAA compliant. The company holds a vast amount of PII, including Social Security numbers, job information, and medical records, making it a target for hackers. The company was experiencing common malware and phishing attacks, and data leaks were a significant concern. Nick Schmidt, who runs the IT department for Clean Teeth, was tasked with finding a high-quality security solution to prevent data breaches and keep client information secure. He tried several products, from traditional security like Secure Email Gateways to more modern, API-based solutions, but none met his needs.

Dawson Distributors had been using GreatHorn for their email security for two years. However, they found that the solution was not as effective as promised, leading to a significant amount of time spent on remediation and investigation of emails. The company was spending 12-15 hours a week in the admin console, reviewing release requests. The 'Report Phishing' button provided by GreatHorn was supposed to automatically pull reported emails from all inboxes, but this was not happening, leading to a significant amount of time spent sifting through emails. The company was constantly inundated with phishing emails reported by colleagues, leading to a significant drain on resources. The company needed a solution with far better efficacy against phishing, so they could spend less time reviewing emails and more time on other IT tasks.

In 2019, Crowder College, a community college in Neosho, Missouri, was hit by a ransomware attack that shut down the college’s email, website, and computer systems. The virus, likely introduced via email, had been dormant in the computer’s system for nearly a year. The college refused to pay the hackers $1.6 million demand, and set to work rebuilding and restoring their systems. Immediately after the ransomware incident, Crowder deployed AppRiver for their email security. However, AppRiver, a Secure Email Gateway (SEG), had limitations. It was not very granular and let a lot of phishing and spam through. Crowder needed a more efficacious solution that wasn’t passive, provided robust security, with better reporting and better customer service.

Capital Caring, a healthcare organization, was facing a significant challenge with email security. Their employee inboxes were flooded with hundreds of phishing and other malicious messages each day, potentially putting patient data at risk. Despite aggressive training, it was difficult for employees and volunteers to filter out the increasingly sophisticated attacks. A recent survey revealed that 78% of healthcare providers experienced a ransomware or malware attack in the last year, with email being the number-one source of a potential data breach. The regulatory issues of exposing patient information meant that a compromised account could lead to expensive compliance fines, even after the initial threat has passed.

The consulting firm was facing security issues with their Office 365 mail, especially after migrating from Exchange in 2016. The company's CFO was receiving spearphishing attacks on a weekly basis, which posed a significant risk to the company's intellectual property. The firm's chief security architect, Jim, was aware of the vulnerabilities inherent with Microsoft Office 365 and was concerned about the potential for their data to be leaked or exposed. He recognized the need for additional layers of security to protect against hackers and bad actors.

Jeff Madsen, CTO of ALEX (Alternative Experts, LLC), was tasked with complying with Executive Order 13587 from the National Counterintelligence and Security Center’s National Insider Threat Policy. This policy required federal contractors to establish a program to detect, deter and mitigate insider threats. Jeff needed to protect the company’s Office 365 email and OneDrive file sharing beyond Microsoft’s native security capabilities. He was looking for protection against malware, ransomware, phishing, and compromised credentials for mailboxes; and for OneDrive, he needed a way to ensure that sensitive information wasn’t being used inappropriately by his employees or getting leaked externally. Jeff initially considered Microsoft’s own Advanced Threat Protection (ATP), but it failed to detect the zero-day malware he tested it with. ATP also lacked malware protection for OneDrive, and its data leakage policies were very basic and were not compatible with his current DLP tools.

Legendary Entertainment was facing issues with their legacy email provider and were not satisfied with the customer support from Microsoft ATP. They were looking for a solution that was API-based and worked with Legendary as a partner. They had previously tried migrating to a big email security company but found the same issues of a shared platform. They also had issues with the user experience and the company's lack of response to their concerns. They needed a solution that was cloud-first, connected via API, and had a great relationship between vendor and customer.

Smoky County Public Agency, a governmental organization in the South, was facing numerous security issues with their existing Microsoft ATP solution. They were experiencing a high number of spear phishing attacks related to COVID-19 and other issues that made it difficult to see the scope of the attacks. Despite adjusting the settings, the ATP solution was not providing the security they needed. The agency was receiving a high number of bad emails and good emails were being blocked. They were in need of a solution that was simple to use, easy to analyze, and customizable to their needs.

All-Timer Studios, a large entertainment studio in California, was facing significant challenges with their email security. Initially, they were using Proofpoint, a Secure Email Gateway, which was proving to be difficult to use due to its clunky user interface, hard-to-follow reports, and inexact data. The company decided to switch to Microsoft's Advanced Threat Protection (ATP) as they were already using Microsoft 365 as their cloud suite. However, ATP did not alleviate their problems. The IT staff found it difficult to resolve many issues and were frustrated with the daily headaches ATP was causing. They needed a solution that was easy to use, provided detailed reports, and came with excellent customer support.

Peach University, a mid-sized public college in the Southeast, was facing budget cuts due to the COVID-19 pandemic. The university was looking for a more cost-effective email security solution that would allow them to avoid layoffs. The university had been inundated with phishing campaigns, something that had only gotten worse since the pandemic began. Their solution had to be easy to use and able to scale quickly. Peach University needed an email security solution that not only stopped phishing and malware attacks, but stopped them before they got to the inbox, so that their remote students don’t accidentally click on a malicious email. The university had been using an API-based solution from IronScales, which was too expensive to keep in the current climate. Furthermore, IronScales could only remove a malicious email after it had reached the inbox, which was not ideal for the university.

Midwest County, a small county government in the United States, was facing a significant challenge with its email security. The county was particularly prone to ransomware campaigns and credential harvesting attacks, which were often delivered via phishing expeditions. The county's existing email security solution, Proofpoint, was failing to block these attacks, and the county was paying a high price for this ineffective protection. With an upcoming election, the personal data held by the county was more valuable than ever, and the county needed a cost-effective email security solution that could effectively stop phishing and credential harvesting campaigns.

Wildwood Credit Union had been using Proofpoint for several years and was becoming frustrated. Far too many malicious emails were getting into the inbox. Plus, they felt that the gateway setup was way out-of-date, necessitating a new approach to securing their email. Finally, since protecting personal identifying information is so critical, they needed a far more robust DLP solution. For years, the company used Proofpoint to protect its environment. But after a while, Proofpoint began to disappoint. For one, far too many phishing messages came through to the inbox. That was made worse since the pandemic, since, according to a report, 74% of banks and insurers have experienced a spike in cybercrime since the pandemic. In particular, there has been a 35% increase in phishing, a 35% increase in ransomware, and a 29% increase in internal threats. Wildwood needed a solution that could combat this rise.

New City School District was struggling with a massive amount of phishing attacks. Their existing protection, Microsoft EOP, was not effective against impersonation and BEC attacks. The district needed a solution that could prevent malicious emails from reaching the inbox and fit within their limited budget. The district was particularly vulnerable to internal spoofing, where an email appears to come from a school employee or student, but one or two letters are off. These attacks are difficult to stop and are rising in popularity. The district was also concerned about student accounts being used as an avenue into the larger organization.