IBL Group has addressed Office 365 email security challenges, including internal threats, thanks to Grove and Mimecast.
The IBL Group is the largest conglomerate in Mauritius. Formed in 2016, IBL Group was born from the merger of GML and Ireland Blyth Limited, two of the largest conglomerates in Mauritius at the time. Today, it employs more than 26,000 people in over 280 investment and operational companies, spanning logistics, banking, insurance, finance, retail and hospitality.
With so many businesses and users in its stable, IBL Group wanted an email system that was easy to manage and saw the value in shifting its on-premise email solution to Microsoft Office 365 in the cloud.
“The moment we did that, our attack surface increased substantially,” said Mevin Goonmeter, IBL Group Infrastructure Operations Manager.
“At the time we were using the Advanced Threat Protection (ATP) security feature in Office 365, but we saw immediately that it wasn’t enough. As a global enterprise with interests in nearly every industry, we get a lot of attention in the media – which also means a lot of attention from cybercriminals. We could see via our monitoring mechanism that our Office 365 accounts were being continuously targeted with brute force and impersonation attacks that were especially concerning.
“It was a massive wake-up call for us. We realised we were dangerously under-protected, and we had to act fast.”
Laurent Fayolle, IBL’s Group IT Executive and Acting CIO, says the Group wanted more than an out-of-the-box solution from a vendor that they’d never see again.
“We were looking for a partner more than anything else,” he said.
“We didn’t have any cybersecurity governance in place, and we needed a provider that could guarantee a certain level of protection as well as provide a certain level of comfort to the Audit and Risk Committee. They needed to guide us towards the right decisions, configure the system according to our needs, and be prepared to assist whenever we needed it.”
IBL Group found that support in Grove, a Mimecast reseller and partner.
“I met with Chad Bartlett from Grove and appreciated that he never once tried to sell me anything,” added Fayolle.
“He asked intelligent questions and tried to understand the challenges we faced in the company and the country. “This type of cautious and skilled approach is something I’ve yet to see from most local IT providers. Before we even spoke about solutions, Chad knew that he had to understand our business and challenges.”
Goonmeter says IBL did due diligence on a number of solutions and took their time benchmarking and comparing different options. After a successful proof-of-concept covering 200 users, IBL Group signed a three-year contract for 2,000 users. It purchased Mimecast’s Secure Email Gateway with Targeted Threat Protection, Continuity, Archiving and Sync and Recover, to improve its cyber resilience. It also adopted Mimecast Awareness Training, Internal Email Protect services, and Grove’s 24/7 Support service.
“Mimecast ticked all the boxes for us – monitoring, reporting, comfort, protection against all kinds of attacks, but especially impersonation attacks, alerts, a commitment to research and development, a high level of ethics, and – most importantly – a value-adding service,” said Goonmeter.
“With Grove and Mimecast, it was always about more than the solution. We felt comforted by the fact that there would be a skilled team looking after our interests and guiding us to make the right decisions. What started out as a scope for protection from external threats and the ability to recover in the event of an attack, expanded to include internal threat protection and user awareness training – services that we weren’t looking for in the beginning but that were proposed by Grove to help us address our challenges.”
IBL Group saw immediate results after implementing Mimecast.
“Even when we were in ‘relaxed’ implementation mode, we could already see the benefits in terms of the number of emails and attachments that were being blocked,” said Goonmeter.
“Implementation and fine-tuning happened so smoothly and, if there were any issues, Grove addressed them before they became problems. The entire experience was positive and one that we now want to make available to our investment companies.”
An important part of improving their defences was adopting Mimecast Internal Email Protect.
“We noticed that quite a few threats came from within our perimeter, which is why we also opted to analyse our internal emails as well,” said Fayolle.
“If we were to only protect the business from external threats, we would have only covered a portion of our attack surface, leaving us exposed. We now have full visibility of all emails and the assurance that emails sent between internal users are analysed. Infected emails and/or attachments are automatically removed from users’ inboxes.”
Both Goonmeter and Fayolle are also excited about rolling out Mimecast Awareness Training.
“We haven’t implemented this yet, but I’ve seen the videos and I love the characters – and I’m sure our users will also love the engaging content,” said Goonmeter.
Fayolle, meanwhile, notes that security awareness training is a focus area for IBL Group because human error was often part of the attacks. No matter how effective your security technology is employee mistakes still pose a threat to your organisation.
“Irregular sessions and boring ‘death by presentation’ don’t work anymore,” said Fayolle.
“Mimecast’s training makes it interesting and will help to increase the level of security awareness across the organisation.
“Users are now responsible for closely inspecting the emails they receive and will be forced to think twice before clicking on a link or opening an attachment from an unknown sender.”
IBL Group’s executives voted in 2018 that cybercrime was among the top risks facing the organisation.
“It’s nothing new but the impact that cybercrime is having globally is worrying,” said Fayolle.
“We had a reality check two years ago. We were lucky in that there was no major impact to the business, but it was an opportunity to fill the gaps in the business. We were under fire and we knew we were going to be in trouble if we didn’t take the necessary steps to protect ourselves.”
His advice to other businesses is not to wait until it’s too late.
“Understand your challenges, align your business objectives with your technology and cyber resilience strategy and find a partner who can support you and help you to find the right solution for your requirements,” said Fayolle.