Mimecast TTP boosts cybersecurity

Posted on August 8th, 2018

Sanlam is committed to updating protection mechanisms that mitigate the impact of cyber risk on our environment. With this in mind, Mimecast TTP email security comprises three features that protect users, namely URL protect, Attachment protect and Impersonation protect.

How will they work?

Impersonation protection

‘Whaling’ attacks are phishing scams that target the profiles of people with access to highly valuable information. They’re often in the form of one-line emails asking for an urgent payment to be processed. Traditional spam-filtering systems are unable to detect these due to their minimal content. To prevent exposure to these attacks, all emails received from outside the Group will be marked [EXTERNAL] in the subject line.

This will allow users to spot suspicious emails if the sender’s name is internal and the message reads [EXTERNAL] in the subject line. GTI has tested to ensure this won’t affect existing mailbox rules.

Attachment protect

Attachment protect strips attachments from messages that could potentially contain malicious code, for example, pdf or Microsoft Office files. It’ll test the file for malicious content and intent before the user receives the email. If a file is detected as malicious, you’ll receive a notification indicating it was withheld.

In extreme cases, you may request the file to be released from the GTI Service Desk. The Group Cyber Security Centre will first assess the file and release it after confirming it’s not malicious.

URL protect

URL protect rewrites the URL links (internet links in emails), including those found in .txt and .html attachments. A layered security check is performed on the destination site when users click on a link from an email. Following the initial URL link check, Mimecast also determines if the link downloads to a file directly and scans for potentially malicious content in the file.

Users must enrol their devices for this functionality immediately by clicking on a link that you’ll receive via email. Simply follow the on-screen prompts guiding you through the enrolment steps. You’ll be required to enrol every 30 days for security purposes.

Once you complete enrolment, the URL protect component of Mimecast TTP will be enabled. What happens next depends on whether the URL is considered safe, or harmful. If the link is safe, you’ll be redirected to the original destination site without intervention. If the link is considered unsafe, you’ll receive a message indicating why this is the case.

For queries in this regard, contact the GTI Service Desk.