Mimecast Insider Risk Management and Data Protection Reviews

My main use case for Mimecast Insider Risk Management and Data Protection is using it as a main tool for insider risk management or IRM, where we monitor for user activities. If there are large downloads or uploads to any external sites, or if there is a large download from SharePoint and other kinds of workloads, the use case kicks in and an alert would be triggered wherein we investigate. Then we get confirmation and do further analysis to confirm whether it is a legitimate or illegitimate activity done by the user.

One specific example of a situation where Mimecast Insider Risk Management and Data Protection helped me catch or investigate an insider risk involves multiple alerts, but one stood out. We had one alert wherein there was a large amount of data uploads to one of the S3 buckets, an Amazon S3 bucket. When we got the alert, we did the investigation, but the S3 bucket that was mentioned does not belong to our organization. While we investigated further, we came to know that the user account was compromised and the attacker was trying to upload the data from the user's OneDrive into their own S3 bucket in order to exfiltrate the information. Though it belongs to insider risk management, it was the attacker who took control of the user's account, and from there on, he started to upload information to the Amazon S3 bucket, which kicked in an alert. We got an alert that there was a large data upload from one of the users. When we performed the investigation, we concluded that it was the attacker who compromised the user account and then the attacker was trying to upload a large amount of data to their S3 bucket.

I use Mimecast Insider Risk Management and Data Protection on a regular basis for investigation and also to create any new use cases as instructed from management. Recently, we added two or three use cases related to SharePoint. We had one of the previous cases wherein the attacker was trying to manipulate the user's inbox and then there was a large amount of data that was being sent out. There were also some legitimate cases wherein the upload or download data was so minimal, in a way that it led us to increase the threshold for that. These are some of the use cases or rather tweakings that we do on Mimecast Insider Risk Management and Data Protection on a regular basis or on a day-to-day basis.

The best features Mimecast Insider Risk Management and Data Protection offers are best-in-class features wherein some of the use cases have been added by the Mimecast team themselves so that we just need to customize the existing use case and do not need to create any new use cases. The second thing is that the alert getting triggered is very fast. There is no latency issue that we have observed. In some of the tools, the users might be uploading and downloading the data, and then after a few minutes or so, the alerts would get triggered. But here it is instant and quick, wherein it provides the results with zero latency. That is also one of the best tools that we have used in recent times.

I find the built-in use cases most valuable in my day-to-day work because as we are a small team, we have many other tasks that need to be carried out. Just sitting down on a regular basis and then creating a new use case from scratch is going to be much more time-consuming. That is where the default use cases kick in, wherein we just have to tweak the existing or the default use cases so that we do not need to create it from scratch. That is one of the standard features, standout features, that I would probably go ahead with.

Mimecast Insider Risk Management and Data Protection has positively impacted my organization as earlier we were struggling with insider risk wherein we were not having any control over it. We were strong in terms of external attack surface, but insider risk was something that we were lagging behind. Because of it, unknowingly there were many data that was exfiltrated by the users and it was sent to their personal email ID and we did not have any control over that. We were exploring some of the solutions out there in the market, including Microsoft Purview, and then Mimecast was another tool that we discussed. We went on with Mimecast because of its cost optimization and also its features and use cases that caught our attention. We deployed the tool in our organization so that now we have more control over the user's activities within our organization, and the quick alerting also helped us in minimizing the internal data exposure. That is where the tool is extremely useful for us.

Regarding how Mimecast Insider Risk Management and Data Protection can be improved, sometimes the tool is slightly laggy, wherein it would take some time for us to fetch the related logs from the Mimecast portal, and that of course can be improved. There could also be a graph or a kind of a graph where, if the organization has a smaller number of employees, it is fine, but if it has a large number of employees and different departments, then in that case, Mimecast could give us an AI suggestion upon how to improvise the current security posture, how we stand and where we can go up to in terms of implementing or tweaking the policies. As the organization's size gets bigger, it would also be better if Mimecast could provide some solutions upon how to segregate the users into groups and what groups can have which policies. Those kinds of features can be added.

Regarding Mimecast Insider Risk Management and Data Protection's AI capabilities, I think its governance and security could improve as I am not entirely sure how it works. It would be helpful if Mimecast could, as the AI capabilities are in place, maintain a strict governance policy upon the data that is being processed, especially for user personally identifiable information. As insider risk management sometimes also gets into the personal details of the user, organizations might be hesitant; even we are also hesitant to use the AI capabilities. If Mimecast could provide more information about how they store the data and whether the agents are local agents or cloud-hosted agents, that would be of great help for the organizations to consider its AI capabilities while adhering to the compliance needs of a particular organization.

I have been working in my current field for about seven years now.

Mimecast Insider Risk Management and Data Protection is stable.

The scalability of Mimecast Insider Risk Management and Data Protection is good; we can deploy it in organizations with more than a thousand or even ten thousand or even hundreds of thousands of employees.

Sometimes we do encounter vague answers for some of the queries we have, but apart from that, the customer support response has always been very good.

We have not used any other solution previously; Mimecast Insider Risk Management and Data Protection is our first solution.

My experience with pricing, setup cost, and licensing for Mimecast Insider Risk Management and Data Protection was good, but the licensing cost could have some sort of concession, especially based on the number of employees within the organization. However, the setup cost or the pricing was nominal for us to proceed.

I have not seen a return on investment yet, as we have not used the AI capabilities. Currently, we have ten employees who are managing the entire portfolio, which we could potentially reduce. There have been scenarios where we have stopped users from sharing data, and that data has been successfully protected from leaving the premises, adding tremendous value for us. With respect to time saved, we have automation in place, enabling us to save a considerable amount of time, such as checking logs to confirm whether actions were performed by the user or if an account was hacked, which has also resulted in significant time savings.

I advise others looking into using Mimecast Insider Risk Management and Data Protection to consider it a great tool, but it depends on what is required as per the organization's needs to extract the maximum capabilities that Mimecast offers. The customer support has always been good, and except for the licensing cost, I think the pricing is also reasonable, and the setup cost is a one-time investment that will stay with us forever. It is essential to evaluate your organization's needs and capabilities and the complexity in managing employees, especially if you have multiple departments. Mimecast helps segregate policies for each department efficiently.

Before choosing Mimecast Insider Risk Management and Data Protection, we evaluated Microsoft Purview Insider Risk Management, but we moved to Mimecast.

Regarding Mimecast Insider Risk Management and Data Protection's AI capabilities, we have not used this feature yet; it is still in the discussion phase, so I will not be able to comment on that part.

We deploy Mimecast Insider Risk Management and Data Protection in our organization using a hybrid cloud model, as we use it for Azure, AWS, and GCP.

My additional thoughts about Mimecast Insider Risk Management and Data Protection are that it is a great tool. Before deploying, we need to understand the organization's landscape, including how many departments we have and what scope we could expand upon with respect to insider risk management. Protecting the internal environment or from internal employees is just as important as protecting the external environment, and the organization should consider insider risk management a priority. It is a valuable tool, and organizations can certainly proceed with its deployment. I would rate this solution a nine out of ten.

I have used Mimecast Insider Risk Management and Data Protection for almost four and a half years for one of my clients.

I use Mimecast Insider Risk Management and Data Protection for detecting and maintaining email security for my client. Mimecast gives us unmatched visibility and focuses on behavior analysis with file vector users, real-time nudges, and top-tier support.

Mimecast Insider Risk Management and Data Protection uses a file-vector-user framework. Instead of just blocking everything blindly, it examines the file value, how it is moving, and which users are moving it. I can provide a real-world example of how a company uses this product to stop insider threats.

My example involves departing employees and data theft. An employee resigns to take a job at a direct competitor. Before their access is cut off, they decide to download sales battle cards, customer leads, or product roadmaps to a personal USB or personal Google Drive to give themselves a head start at the new job. Mimecast manages this through HR integration by connecting to the company's HR system such as Workday or their particular HR system. The moment HR marks the employee as resigned, Mimecast automatically moves that employee to a high-risk departing employee watchlist. Additionally, behavioral monitoring tracks their activity over the last thirty days and monitors them going forward. If they suddenly try to transfer fifty gigabytes or a large amount of corporate data to a personal cloud drive or rename files to other formats to sneak them past security, Mimecast flags the mismatch instantly. The security team is alerted immediately with the exact file history, allowing them to freeze the user's account before they leave.

I can provide multiple scenarios. Another scenario involves Shadow AI leak. A well-meaning product manager wants to quickly clean up a piece of unreleased proprietary code or summarize a sensitive financial presentation to save time. They paste the entire raw text into an untrusted, unapproved public AI tool such as an unsanctioned GenAI web application. Mimecast manages this through vector detection by monitoring endpoints and browsers. It detects that corporate data is moving to an unapproved browser destination or shadow IT. A real-time nudge triggers an automated response instead of locking down the computer and creating a massive IT ticket. A pop-up appears on the employee's screen saying, 'You are trying to share internal code or data with an unapproved AI tool. Please use our secure corporate enterprise AI tool instead.' This stops the leak immediately while educating the user.

Another scenario involves hijacking accounts with a compromised insider. For example, a customer support agent falls for a spear-phishing email and inputs their credentials into a fake portal. A malicious external hacker now logs into that agent's account from a different country. The hacker appears to be an insider using legitimate credentials and begins silently harvesting customer personal identifiable information. Mimecast manages this through anomaly detection. Mimecast notices that this specific user is suddenly logging in at three in the morning from an unusual IP address and downloading customer data at ten times the normal rate. The system identifies that this behavior heavily deviates from the user's standard historical profile or data through context analysis. Because this is high-risk, the platform triggers an automated workflow via integration with the company's EDR tool such as Defender or CrowdStrike or an identity provider to isolate the device and force a password reset, instantly locking out the attackers.

There are many features that come with Mimecast Insider Risk Management and Data Protection. The absolute hero feature that makes Mimecast Insider Risk Management and Data Protection incredibly valuable to a business is a no-policy trust activity model, which I understand to be inferred trust.

Traditionally, data loss prevention tools are a nightmare because IT teams must manually write thousands of strict rules trying to guess every way an employee might steal data. Mimecast turns this on its head. Instead of writing rules, the system monitors everything and uses AI to automatically build a map of your corporate ecosystem. The magic happens when an employee downloads a file from corporate Google Drive and uploads it to corporate OneDrive. Mimecast cross-references both endpoints simultaneously. It recognizes that both sides are corporate-owned, so it silently marks the activity as trusted and ignores it. If some employees take that exact file and upload it to a personal Google Drive, Mimecast instantly flags it as untrusted because it cannot verify the destination container. This is the most useful feature that Mimecast Insider Risk Management and Data Protection has.

I would highlight reporting and analytics improvement. While the dashboard looks great, getting highly customized reports out of the system without using an external API can be difficult. The daily dashboards are very intuitive, but native executive report features could be enhanced. If you want to create highly customized reports for C-level presentation or high-level reviews, you often have to rely on their API to export data into a third-party SIEM or BI tools. Having more out-of-the-box templates for quarterly risk summaries would be a huge time-saver and advantage for this tool.

I would also mention virtual or shared environment support. It is technically specific, and there is a struggle in particular virtual desktop infrastructure environments where multiple users share a single host. One area of improvement is better out-of-the-box support for multi-user shared host environments such as Azure Virtual Desktop or AVD setups. When multiple active users share a single host simultaneously, the endpoint tracking can sometimes face performance bottlenecks or require complex workarounds to report individual data flawlessly. These are the areas where this product can improve.

I have been a part of SOC operations for eight or nine years.

Mimecast Insider Risk Management and Data Protection is stable.

Customer support has been impressive. I raise a ticket or task number for any query or issue I have, and I have been receiving great support from the customer service team.

Previously, I had O365 for email security. I was not getting the centralized view that I am getting with Mimecast Insider Risk Management and Data Protection. The AI-enabled capabilities in Mimecast Insider Risk Management and Data Protection are truly impressive. It gives me behavioral analysis and allows me to monitor real-time logs. I was able to get analysis of user behavioral patterns. Because of these reasons, it helps me maintain less headcount in security engineers for this product.

The initial setup is great.

Mimecast Insider Risk Management and Data Protection does provide ROI. It saves a lot of time. Instead of having multiple people managing DLP, I have a Mimecast Insider Risk Management and Data Protection monitoring team. The biggest positive impact has been the sheer amount of time my IT and security team has saved. Legacy DLP tools used to require a dedicated engineer just to manage daily alerts and constantly tune policies. With Mimecast Insider Risk Management and Data Protection, our investigation time for high-risk incidents has been cut in half, and overall management now takes us less than four hours a week. It provided immediate ROI within the first few months by automating our response workflows. Mimecast Insider Risk Management and Data Protection AI response is integrated directly with our HR and identity systems, which allows a smaller security team to do more. It has saved time, saved cost, and reduced the number of people in that particular security project.

It has been a great journey for me with the pricing and setup. I do not have to think about reducing the cost. My experience has been great with Mimecast Insider Risk Management and Data Protection so far.

I was considering Defender, but I wanted a solution purely dedicated to insider risk management and data protection. I heard from other clients that Mimecast Insider Risk Management and Data Protection is a truly good product, and I received a demo as well. It impressed me at the first point, so I went for it.

Mimecast Insider Risk Management and Data Protection provides behavioral pattern analysis and gives me a centralized alert. It helps me maintain less headcount for security engineers. It saves time and cost.

The accuracy of Mimecast Insider Risk Management and Data Protection detection is highly impressive because it moves away from rigid keyword matching and examines the true behavioral context. By utilizing over two hundred fifty built-in risk indicators, it successfully separates everyday employees' collaboration from actual malicious exfiltration. For example, it tracks when the file extension is renamed or when an unusual large volume of files is moved to a personal cloud browser tab, giving the alert high fidelity. In terms of reliability, the endpoint agent is incredibly lightweight and stable. It operates silently across both Windows and macOS setups with almost zero performance impact, ensuring it does not slow down employees' machines or crash. The system is highly dependable. I give this product a review rating of nine out of ten.

I manage an organization with more than five thousand employees who are all in either on-site or hybrid environments and receive multiple emails every day. The email flow on a daily basis is too much to handle manually. Emails can be sent from approved domains, or they can be spam or other unwanted messages. I cannot reveal my customer's name, but I can say that they are in the shopping business. Since they are in the shopping business, they receive multiple mail flows from the sales team and regular communications, and it becomes very crucial to differentiate which emails are useful and which are not.

On a daily basis, I check whether the mail flow is within the established threshold. Unless there are end-of-season sales occurring, I do not see a high mail flow that exceeds the threshold we observe. I evaluate the detections I am seeing, and in Mimecast Insider Risk Management and Data Protection, I can see detections based on various time frames, such as twenty-four hours, forty-eight hours, or whatever custom time frame I choose. The maximum limit according to our enterprise is thirty days. Since I need to see activity in real time, I analyze whether all the respective mail flows are coming in and what category they fall under. The categories can include malware, spam, extortion campaigns, or multiple others.

I analyze that data by fetching the raw logs for my customer, checking the spam scores for their emails, and reviewing statuses such as accepted, rejected, held, deferred, and more. I analyze whether Mimecast Insider Risk Management and Data Protection's policies work properly. I cannot just rely on it being a SaaS-based product with enabled policies working correctly. There are many use cases where I have seen emails being delivered that should not have been delivered. That does not make Mimecast Insider Risk Management and Data Protection a bad product; it means that I have not fine-tuned the policy to my organization's expectations. Once I work on the tool daily, I understand the mail flow, recognize which emails fall into the spam category, and compare them not only on the Mimecast Insider Risk Management and Data Protection database but also with external comparison tools like MX Toolbox or VirusTotal to analyze things. This gives an overview of what my general scenario looks.

The way attachments are being read by Mimecast Insider Risk Management and Data Protection is crucial, especially concerning what data is sent outside the organization from the internal network and what kind of data is being sent from outside to inside. This can include URLs, file types, PDFs, and other content. The OEM team has blocked many widely recognized malicious file types themselves, which helps in rejecting emails that people try to send containing malicious content. For PDFs specifically, which are sent regularly, it becomes crucial that if an authorized user sends something for business purposes, it should go through; however, if Mimecast Insider Risk Management and Data Protection flags it as suspicious or the domain user is not whitelisted, that is completely fair.

Mimecast Insider Risk Management and Data Protection performs its share of detection, and I have even tested it with a very large file, such as an eight-hundred-page document where only one or two hyperlinks were malicious content. Mimecast Insider Risk Management and Data Protection detected that immediately. Comparatively, other specific technologies did not block it even when I temporarily removed the sending limit that some mail tools impose, for example, only sending up to five to twenty MB. In that testing scenario, Mimecast Insider Risk Management and Data Protection shines with how policy enforcement and data protection is implemented. Secondly, it shows the top malicious senders for the week or whatever time frame I desire, illustrating which users were targeted the most. It does not just present a list; clicking on a user reveals who exactly sent the emails, the sending mail category, and more specifically regarding the targeting of the user.

The emails can fall into categories such as ransomware, spam, or impersonation, indicating whether a legitimate email has failed DKIM or DMARC validation, which Mimecast Insider Risk Management and Data Protection detects efficiently. While other tools also identify these aspects, Mimecast Insider Risk Management and Data Protection clarifies how everything works quite well. In day-to-day work, one key point I would definitely highlight is log fetching. Many other tools make fetching logs tiresome and irritating; every log search requires so much hassle with filtering. In contrast, Mimecast Insider Risk Management and Data Protection enables me to just paste the mail ID, and it finds everything automatically, fetching all relevant logs in one place without needing to differentiate between statuses such as rejected or accepted. It offers specific groups including permitted senders, trusted senders, and blocked senders. It is all clean and sophisticated. Having worked with various tools and technologies before, I can say that tools such as this should exist; they ought not to be complex. During troubleshooting calls, I should not be figuring out why the tool does not provide the required logs; it should be quick.

The SSO integration in Mimecast Insider Risk Management and Data Protection works securely and smoothly, functioning across all browsers. However, I must mention that at times, the homepage of Mimecast Insider Risk Management and Data Protection takes too long to load, which I am personally not complaining about, but colleagues have reported slow loading on rare occasions.

Mimecast Insider Risk Management and Data Protection has a very clean interface, which makes it easy to use effectively once it is handed over to the organization. I can actually ask the Mimecast Insider Risk Management and Data Protection team how to understand the tool, and they have guidelines and documentation that provide all the necessary information. Mimecast Insider Risk Management and Data Protection offers several features beyond policies and digest notifications, such as message digest notifications that I receive. It helps in understanding trace paths very well. What I mean by trace path is that when a user is sitting inside the organization and wants to send an email to an outside domain, it will not be sent directly.

First, the email goes to the Microsoft Outlook mail server. From there, an SMTP request is initiated to Mimecast Insider Risk Management and Data Protection. Once the SMTP connection is established, the email gets forwarded from the specific sender mail server to the receiver mail gateway, which is Mimecast Insider Risk Management and Data Protection. Now, from the Mimecast Insider Risk Management and Data Protection gateway, the email gets analyzed. It runs through policy checks, checks for permitted blocks, trusted senders, and frequent sender information, analyzing whether I have received some specific emails from this user and whether any of them were flagged. It goes through the database, and post all Mimecast Insider Risk Management and Data Protection internal checks, the email is verified as acceptable and is good to go.

Once verified, the email goes out to the recipient's mail server. There may be a mail server at the recipient's mail end as well, but that is not my concern since I do not manage that. It then reaches the user's inbox. Many times, the organization's control includes complaints such as not receiving the email, or the email was rejected or the attachment was missing. Why do those things happen? Mimecast Insider Risk Management and Data Protection provides a clear idea through the message delivery option, where I input the from ID and to ID for a specific timeframe, and I can see what headers were captured in the emails in a completely raw format, policies that were hit, the spam score, detections, and the exact reason for these events.

The theoretical aspects are acceptable, but the best part is the clarity it provides on the connection between the sender and recipient SMTP, such as start and end time. It shows when the connection was made to Mimecast Insider Risk Management and Data Protection, when the email got delivered, the time Mimecast Insider Risk Management and Data Protection took to establish that connection to the recipient's mail server, and when Mimecast Insider Risk Management and Data Protection sent that email. It provides thorough clarity for understanding exactly where the delay lies, including how much time Mimecast Insider Risk Management and Data Protection took for internal processing before the email went out. Many times, the blame is placed on the tool that it is not functioning properly, but those logs allow me to verify the problem's exact location. The report generation is quite easy. For policy creation, I cannot create a new policy, but almost all the policies that an organization could need are present. The interface is good—I am saying this again, but it is.

Moreover, the access level, such as the access matrix, is pretty clearly defined—basic administrator, read-only access, custom IT help desk, super administrator, and one in between, based on the plan taken for Mimecast Insider Risk Management and Data Protection. Mimecast Insider Risk Management and Data Protection learning community is something I recommend; I have done certification for them and am preparing for their advanced certification. The certification is really helpful; I learned through experience mainly, but anyone can start from the original OEM certification. There are helpful documentations and multiple tests as part of the courses, which range from ten to twelve hours for basic and advanced exams.

A con to mention is that Mimecast Insider Risk Management and Data Protection, at times, may not capture everything. For instance, the time that Mimecast Insider Risk Management and Data Protection took to process something such as incoming email is normally fifteen to twenty seconds, which is completely normal. Though the email is released, delays of ten to twenty minutes may be experienced, which does not get captured in Mimecast Insider Risk Management and Data Protection. It may show delays on the recipient's mail server end, but creates a contradiction since in Mimecast Insider Risk Management and Data Protection I do not see any delay, while the recipient's mail server indicates a delay occurring at Mimecast Insider Risk Management and Data Protection.

For testing, I whitelisted the specific domain for the sender's email. After whitelisting that, the delay disappeared, yet I wonder why Mimecast Insider Risk Management and Data Protection did not capture that in this specific log. This issue has not occurred often, maybe once or twice in the past six to seven months, but understanding that aspect has led me to reach out to OEM. They provided their views, but I was not very satisfied; they could show where it is getting captured and why it is not highlighted clearly. That is a con of Mimecast Insider Risk Management and Data Protection, but overall, it is a great tool. Mimecast Insider Risk Management and Data Protection is totally recommended. The policies are solid, they work effectively, the implementation time is not very long, integrations with SIEM are quite easy, and the Glassbreak account is something I have tested, making Mimecast Insider Risk Management and Data Protection better in this regard. Overall, it is a great tool.

I have been using Mimecast Insider Risk Management and Data Protection for one and a half years.

Mimecast Insider Risk Management and Data Protection is definitely stable without fail based on my experience.

Mimecast Insider Risk Management and Data Protection scales efficiently. In the last two months, I saw a high volume of inbound email, including spam and fraudulent emails. The tool effectively detected both malware and spam, ensuring that only a few emails categorized as malware reached user mailboxes. For malicious content, Mimecast Insider Risk Management and Data Protection performs adequately, blocking suspicious formats while still validating the email's content.

Customer support for Mimecast Insider Risk Management and Data Protection is excellent. I rarely face issues, usually resolving in two to three business days when necessary.

I am not certain about the primary solution used before switching to Mimecast Insider Risk Management and Data Protection, as I did not oversee its initial deployment. I can tell you that switching involved considerations regarding costs, particularly with DLP vendors and mail control.

I am not certain about specific time savings with Mimecast Insider Risk Management and Data Protection as technical observations can be vague. However, time is definitely saved in practices, as the tool requires less hands-on management after fine-tuning. I can generate specific reports, including top malicious senders and domain statistics, presenting them during customer review sessions, and those analyses help justify needed blocks.

I am unsure about Mimecast Insider Risk Management and Data Protection's pricing, setup costs, and licensing details. However, I know that licensing details are user-specific according to the license purchased. Information on current license details is easily accessible through the right-most side of the interface under support, showing information such as account manager details for the firm and expiration timelines. I can say that the OEM escalation metrics are good, and I have never faced delays in calls to support, though sometimes CSR has business day delays.

I did not evaluate other options before choosing Mimecast Insider Risk Management and Data Protection as I am an engineer focused on technical aspects.

My advice for those looking at Mimecast Insider Risk Management and Data Protection is to compare your use case comprehensively. Do not just rely on reviews, as they offer communal insight; evaluate from a technical perspective and consider the stability of your infrastructure and how well it aligns with your operational needs moving forward. Be thorough in understanding the features that other users find critical and ensure they align with your specific requirements. I give this review an overall rating of eight out of ten.

My main use case for Mimecast Insider Risk Management and Data Protection is that in my organization, we use it as a governance policy to ensure that it's implemented for email retention, and then also email recovery. A failover should our primary email service provider fail, it works as a failover as well, and provides a security layer and encryption layers for inbound and outbound emails.

In regards to email retention, because our organization or customer is within the finance industry, regulatory policies require that we have a retention in place in case it is requested that we retrieve emails. This should be separate from your primary email source, so you need an independent, separate, or independent data retention provider in place. Another scenario where I needed to make use of it is we had a cyber attack in our organization, in our Microsoft 365 Exchange platform. The on-premises server was down and was inoperable, so it was required that we reroute all emails through our Mimecast service. Users were logging in, signing into their Mimecast profiles and accounts and then accessing their emails while a restoration was being implemented for the primary email service.

Mimecast Insider Risk Management and Data Protection has several features that we have noted, including the email signature feature enabled in it, which we use for company branding. We assign email signatures to various users in the organization, so they are automatically applied, and also used for promotional purposes, and for customer and marketing related matters.

Mimecast Insider Risk Management and Data Protection offers the ability to conduct a deep dive and granular access to previous data in our organization. We are able to retrieve emails in a secure manner. The security policies in place are used to filter spam and also protect C-suite executives from malicious attacks such as impersonation and cyber attacks.

Mimecast Insider Risk Management and Data Protection has positively impacted our organization by giving us confidence in our security. It has eased the workload that our technical team has to do in order to resolve cyber related issues. Mimecast offers cyber training material that we can pass on to our users, which makes it easier for upskilling our users in regards to cybersecurity.

Mimecast Insider Risk Management and Data Protection could be improved if they can offer a remote app for ease of use. If the team is not working from a workstation, we usually have the service access through our laptops, and if there's an interface on a mobile basis, that would be useful.

Ease of use for our newer recruits is an area for improvement. When someone just joins our team, we want an easy onboarding process for them to understand why Mimecast Insider Risk Management and Data Protection is in place. Sometimes we do not have the capacity to train someone, but we would like to ensure that Mimecast Insider Risk Management and Data Protection is able to provide that training information to get them up to speed on what our system is, what our setup is in the Mimecast platform. Maybe implementing a deep dive AI tool that understands our organization much better and can relay information to anyone that we're training would help. This way, we can pull training parameters to track areas where our technical teams can improve their understanding and knowledge base and skill base into making use of Mimecast Insider Risk Management and Data Protection better.

I have been using Mimecast Insider Risk Management and Data Protection for three years.

Mimecast Insider Risk Management and Data Protection is stable.

The scalability of Mimecast Insider Risk Management and Data Protection can be challenging at times, but once set up, it is fantastic.

I would rate customer support a seven out of ten because support is provided through a third party, and we are technically not inclined to reach out to Mimecast directly unless we go through our support vendor. I would rate the customer support an eight out of ten.

I previously used a different solution, Acronis, along with other various platforms that come with our RMM platform.

The setup process can be difficult due to the documentation process taking very long if you don't have the right technical team. Services for additional support are offered by third-party vendors that actually resell the product.

We use Azure as our cloud provider, along with the standard one that gets offered by Mimecast Insider Risk Management and Data Protection itself.

I have seen a return on investment more on time saved. In a team where our resources are limited, Mimecast Insider Risk Management and Data Protection eases the workload through automation, through policies and rules that are pre-configured to handle complex tasks that would take hours and days for a team to initiate, automatically replying to basic user incidents and providing level zero support to our end users.

My experience with pricing, setup cost, and licensing indicates that pricing is always very expensive. It's a very expensive product to sell to other people, but usually customers accept it once they experience the risk, and not when the risk is there. When the risk occurs, that's when they want to implement it, but it can be very difficult to implement. Sometimes support can be difficult as well. Reaching out to support can be challenging for some users or for our technical team.

Before choosing Mimecast Insider Risk Management and Data Protection, I evaluated other options, including Acronis and other software offered by most antivirus product companies such as Sonos.

Mimecast Insider Risk Management and Data Protection has eased the workload for my technical team because in the Mimecast platform, we can automate certain tasks to filter certain risk criteria, using its built-in features such as spam filtering to remove all unnecessary spam, so it does not bombard or cause issues for our users. Should a specific email be required and confirmed that it's secure, then we release it. It also helps us manage and keep us up to date in regards to all relevant threats in the specific time frame or in the time period that we're in.

I advise others looking into using Mimecast Insider Risk Management and Data Protection to give it a try and see for themselves. If they have access to a demo, they should really give it a trial and see for themselves. I would rate this product a ten out of ten.

A specific example of how Mimecast Insider Risk Management and Data Protection helped me catch or block a phishing attempt or malicious email is that we deployed some gateway policies and content-based pattern matching policies. We identified recent campaigns we were facing in the organization and created regex-based patterns on the content matching side, which helped me mitigate the threat by matching that content from the gateway policies and blocking the emails that were potentially phishing.

My day-to-day use case, being a security engineer or security analyst, is to investigate the emails that users report and purge the emails. Mimecast Insider Risk Management and Data Protection gives very good functionality for purging emails or reviewing reported emails, which helps me significantly with investigation apart from blocking threats.

The machine learning algorithms and data protection features have made a difference for me as I explained earlier, with the same practical goals where I deployed them.

Mimecast Insider Risk Management and Data Protection has positively impacted our organization as it has helped us identify a lot of phishing emails and stopped many unauthorized disclosures or accidental disclosures of information. Multiple users attempted unauthorized or accidental disclosures during both testing and production phases.

I think the UI of Mimecast Insider Risk Management and Data Protection can be more optimized, as it feels slow and laggy at points. If that can be optimized and improved, that would be better.

As I mentioned, I was not part of the procurement or deployment phase, so I cannot speak to the experience with pricing, setup cost, or licensing.

A specific example of how I'm using Mimecast with those Microsoft platforms is that we are checking what is currently being shared on that collaboration, what data might be leaving our organization, and we are putting controls in place to be notified of what is entering and also leaving our organization.

Mimecast Insider Risk Management and Data Protection becomes part of our challenge management because we are addressing the challenge of not having a data loss prevention tool in place. Since we don't have a DLP solution, this can be utilized to cover that space.

Mimecast Insider Risk Management and Data Protection helps me ensure the integrity and confidentiality of my data by filtering our emails. It is also our email backup solution where if our on-premises emails are not working, we can access our emails via Mimecast Insider Risk Management and Data Protection. We are also archiving through Mimecast Insider Risk Management and Data Protection. It serves as our email continuity solution. When filtering, we are filtering against phishing, spam, and other threats to ensure that our environment does not get compromised by those attacks.

Mimecast Insider Risk Management and Data Protection is not just about filtering; it is also an email continuity platform. For me, that is the best feature currently for us because if we are unable to access our emails, we know we can go to Mimecast Insider Risk Management and Data Protection to access our emails. Even if we are hit by a disaster, we know that we are still covered with Mimecast Insider Risk Management and Data Protection for our emails.

Mimecast Insider Risk Management and Data Protection has positively impacted my organization by giving us more visibility in terms of what our users are doing or which data they are sharing. Our organization is a high-profile judiciary organization in South Africa, so that visibility of what data has been shared and where is very important. Mimecast Insider Risk Management and Data Protection has afforded us that opportunity.

That visibility has made a difference by improving compliance because when we report to the Auditor-General, we are able to pull reports and show that this is the data that is currently being shared or traversing through our organization. Since we don't have a DLP solution, Mimecast Insider Risk Management and Data Protection is now covering us on that front.

In terms of integration with other tools, there should be a look at the firewalls for integration to the perimeter security.

My main use case for Mimecast Insider Risk Management and Data Protection is during the first instance when taking on a client, when conducting risk analysis, identifying where the gaps are, and establishing baselines of what the clients are experiencing, whether it is exfiltration or understanding what the users are using. This allows me to identify behaviors from end users and create policies to mitigate those risks.

A specific example of how I have used Mimecast Insider Risk Management and Data Protection to spot a risk or stop data loss involves onboarding the client, letting it run for some time, and then analyzing the data by pulling up executive reports. Depending on the licensing, I start the configuration and close the gaps identified in the risk assessment. In some instances, if the issue is user behavior, I create trainings for the end users to raise awareness about the risks, the direction the business is taking, and how to mitigate those risks. In my field, a fully equipped user is more valuable than depending solely on the technology.

Mimecast Insider Risk Management and Data Protection's best features in my experience include user behavior analysis, the executive risk summary for stakeholders, the analysis tools available for engineers and technical people, and the responsiveness of support. Mimecast support is very effective, and I can easily reach out to them whenever I need assistance.

Mimecast Insider Risk Management and Data Protection has positively impacted my organization by making it much easier to onboard a client and start using the technology. The simulation phase where insights are being built is not too long, and moving through that into a protective environment is straightforward. The multi-tenant capability is very helpful for us as a managed service provider because we can isolate clients.

User behavior analysis specifically helps my team and stakeholders by analyzing what users do and what they are prone to do, taking into account the data that Mimecast has processed. This gives direction on how to help that user become risk aware and cybersecurity aware. Support responsiveness is very effective because I understand that security solutions can impact business operations. If an executive needs to send an email to secure a deal and a normal business activity is being blocked, the vendor's responsiveness allows me to efficiently communicate to executives that we are working on the issue and can always show progress.

Mimecast Insider Risk Management and Data Protection can be improved by incorporating artificial intelligence and machine learning into the environment for ease of operation and handling processes at machine speed.

Mimecast Insider Risk Management and Data Protection is stable in my experience. I have also tested the version on Microsoft, and while their licensing model is slightly different, it is very stable.

Mimecast Insider Risk Management and Data Protection's scalability is one of the reasons we chose Mimecast because it is easy to scale up or down as the client base changes.

Customer support for Mimecast Insider Risk Management and Data Protection is top-tier. I have never had any problems with the customer support, and they are very responsive.

When onboarding a client, they want to see results sooner and want to see that they now have some level of security. Having a quick turnaround is always very beneficial because it shows presence to the client and to the end users. It also saves time because once all false positives have been cleared out, a solution can be relied upon. After tuning all those false positives, the solution becomes accurate, which is significant.

My advice to others looking into using Mimecast Insider Risk Management and Data Protection is to take a demo, see how it works, and get a look at the features. I am confident they will find it favorable. I would rate this product and experience with a five-star rating.

My main use case for Mimecast Insider Risk Management and Data Protection is email protection, blocking spam, and creating rules to avoid spam.

A specific example of how I use Mimecast for email protection and blocking spam is that users often receive emails containing links that could compromise our system or environment. In most cases, we check the link through Mimecast to determine if it contains malware or poses a risk. If the link is risky, we block it and the email that sent it, then notify all users not to click on that link. After blocking the link, even if another person attempts to click on it, they will not be able to access it.

Mimecast has additional benefits beyond manual blocking. Sometimes the system automatically detects and blocks malicious links or files without requiring manual intervention. When Mimecast identifies a malicious link or file, the user receives a notification that the email is blocked for our review to determine if it is safe. We have also created rules in our environment to specify what is allowed and what is not allowed.

The best feature that Mimecast Insider Risk Management and Data Protection offers is malware detection. I find it very useful because it detects and blocks threats before users can click on links or open documents.

The malware detection feature makes my day-to-day work easier and safer because as soon as an email arrives with a link or document that Mimecast identifies as malicious, it blocks it. This protects our environment by preventing the threat from spreading. Even though we conduct cybersecurity training, users sometimes click on links regardless, so Mimecast's ability to detect and block threats immediately stops them from spreading across the environment.

Mimecast Insider Risk Management and Data Protection has impacted my organization positively by protecting our environment from malicious links and spam. It detects and blocks links or removes attachments from emails, preventing them from spreading across our network.

To improve Mimecast Insider Risk Management and Data Protection, I believe the product should provide more options for creating custom rules in the portal. Since hackers are constantly developing new attack methods, Mimecast should continue evolving to keep pace with these threats and give us more options to create additional rules. There have been scenarios where we felt that if Mimecast could allow us to do certain actions, we could have blocked or avoided security issues, though I do not have a specific example at this moment.

I give Mimecast Insider Risk Management and Data Protection a rating of eight because there are several areas where I feel the product could improve. There are scenarios where we find ourselves wishing we could perform certain actions within the platform. Additionally, there have been instances where a document or link has bypassed Mimecast, causing us to question why it was not blocked before reaching users.

I have been using Mimecast Insider Risk Management and Data Protection for five years. Since I joined Seacom, they have been using this solution.

Mimecast Insider Risk Management and Data Protection is stable.

I would rate the scalability of Mimecast Insider Risk Management and Data Protection between seven and ten.

I think the customer support is good, and they respond on time.

My advice for others looking into using Mimecast Insider Risk Management and Data Protection is that it is a nice product to use. I would give this product a rating of eight.

My main use case for Mimecast Insider Risk Management and Data Protection involves policy fine-tuning while analyzing patterns, incident response, and providing support and guidance to the user.

A specific example of how I use Mimecast Insider Risk Management and Data Protection for policy engineering or incident response involves working with PAN card and mobile numbers. Since we are in India, we are provided with phone number patterns, regex, and Aadhaar details as an Indian identifying number. Accordingly, we provide certain patterns so that Mimecast Insider Risk Management and Data Protection checks documents that should trigger our system to ensure nothing is violated. For the document part, as an e-commerce company, it checks that no business data is shared externally.

Regarding my main use case and how I handle sensitive information with Mimecast Insider Risk Management and Data Protection, we currently have some policies that we are not using, but we are working on different policies, such as those concerning various types of PII data. We are focused on fine-tuning to receive more critical alerts.

The best features Mimecast Insider Risk Management and Data Protection offers include providing a timestamp of each incident, which indicates when it triggers and its accuracy. However, some features we are not using yet, but we plan to proceed with them in the future.

Mimecast Insider Risk Management and Data Protection positively impacts my organization by helping us thoroughly check any kind of data that should not be mishandled, primarily for endpoint users who are sending organization documents outside. It helps us avoid any kind of data breach.

For the improvement of Mimecast Insider Risk Management and Data Protection, it would be helpful if the timestamps in the console and the timestamps in the emails where we get all outgoing mails were the same, as this would provide more clarity. Additionally, some documents do not fetch carbon copies in the emails, so we need help with that.

I have been working in my current field for three years, with two years dedicated to the DLP part and one year in endpoint EDR.

Mimecast Insider Risk Management and Data Protection is stable.

The scalability of Mimecast Insider Risk Management and Data Protection is good.

Customer support for Mimecast Insider Risk Management and Data Protection is adequate, and they are helpful.

Mimecast Insider Risk Management and Data Protection prevents data breaches by triggering alerts for each email sent outside, allowing us to see patterns of users sending documents externally. We analyze these incidents and patterns to work on any issues, and this also helps in the fine-tuning process.

I would rate Mimecast Insider Risk Management and Data Protection an eight out of ten because we need improvements in policies, and although I am not aware of other organizations' experiences, we are facing some lags, and there are points we must work on.

I advise others looking into using Mimecast Insider Risk Management and Data Protection to definitely use it for email security because it is very helpful. I have given this product an overall rating of eight out of ten.

Mimecast Insider Risk Management and Data Protection is relied upon primarily for email security, functioning as an email gateway within the company so that every email is processed through Mimecast, filtered, and then delivered to user mailboxes after security checks are completed.

Day-to-day operations involve handling tickets from users stating that their email has been held and they request release. We cross-check whether SPF is matching, if SPF has passed, and if DKIM has passed. Once everything is verified and we determine the sender is trusted, we release the email. We have different types of security gateways, including impersonation protection, which is created by establishing a profile group so that if it matches any keywords, it might flag potential impersonation. We have many policy options within the system. Based on our requirements, we can set up policies, and Mimecast helps us filter emails very effectively. We can clearly check whether emails are being delivered or not. If they are undelivered, we can check the reason for non-delivery. URLs are decoded through Mimecast, allowing us to scan links and determine whether they are safe or not. Many options exist within Mimecast for these purposes.

I have been using Mimecast Insider Risk Management and Data Protection for the past three years.

Whenever we block an email ID, we can do so from Mimecast profile groups, and we can add email addresses from which we no longer want to receive emails. For example, if a phishing email arrives, it stops and holds that email based on SPF, DKIM, and DMARC rules so that it does not reach the user and remains held. Mimecast also protects emails that contain URLs or links within them, as users may accidentally click on those links, which might affect the entire company. In this way, Mimecast helps us significantly.

Mimecast Insider Risk Management and Data Protection stands out the most. The URL protection, link scanning, blocking of users, and creation of multiple profile groups, gateways, and policies are valuable features. There have been many positive changes with Mimecast Insider Risk Management and Data Protection since implementation, and we feel it is working out positively. We also receive continuous support from the Mimecast team, with weekly calls to discuss technical issues within Mimecast.

Mimecast Insider Risk Management and Data Protection could be improved by providing more advanced features within the platform. If it collaborated with other different features, that would be more helpful.

I have a total of ten years of experience in my current field.

All functionality is performing well. There has been a reduction in phishing events. I would rate Mimecast Insider Risk Management and Data Protection an eight out of ten because sometimes it blocks or holds emails that are supposed to be unblocked. Occasionally, Mimecast does not work as effectively, which is the reason for this rating.