Mimecast co-founder and former CEO, Peter Bauer, previously founded FAB Technology in the mid-nineties and sold it to Idion. Earlier, Peter trained as a Microsoft systems engineer and worked with corporate messaging systems.[17] Mimecast co-founder and former CTO is Neil Murray, previously CTO at Global Technology Services and founder of Pro-Solutions.[18]
Another significant former executive is Mimecast Chief Scientist Nathaniel Borenstein, who was amongst the original designers of the MIME protocol for formatting multimedia Internet electronic mail - he sent the world's first e-mail attachment on 11 March 1992.[19]
Technology
The service uses a massively-parallel grid infrastructure for email storage and processing[20] through geographically dispersed data centers.[21][22] Its Mail Transfer Agent provides intelligent email routing based on server or user mailbox location.[23]
Email Security
Secure Email Gateway: robust and user-optimized protection against spam, malware, and denial-of-service (DoS) and directory harvest attacks (DHA). It features real-time diagnostics and reporting, comprehensive data loss prevention, secure message delivery, email branding, and disclaimer management. Additional capabilities include document conversion and metadata management, real-time online queue management, large attachment handling, advanced email routing, and spooling. This solution ensures a secure and efficient email environment by continuously monitoring and safeguarding inbound, outbound, and internal emails.[24]
Email Security Cloud Integrated: a gateway-less solution designed to enhance security for Microsoft 365 environments. It provides robust protection against sophisticated email threats while streamlining security management. The solution deploys rapidly, often in less than five minutes, making it ideal for IT teams seeking quick, scalable security enhancements without added complexity. By leveraging Mimecast’s AI-powered detection and extensive threat intelligence, Cloud Integrated helps organizations improve their security posture and resilience against cyber threats. This solution is particularly suited for organizations looking to bolster their Microsoft 365 defenses with minimal administrative overhead.[25]
Targeted Threat Protection: URL rewriting at the gateway with time-of-click scanning for malicious content before being opened.[26]
Large File Send: send and receive large files from Outlook, with encryption, optional access key and custom expiration dates.[27]
Secure Messaging: secure email channel for sensitive information either user-initiated or policy-driven.[28]
Information Archiving
Cloud Archive for Email: Encrypted cloud storage which saves emails in triplicate[29] in an immutable storage system.[30] Users can access and search emails through an Outlook desktop client.[31] Archive access is available via a Mac desktop app and apps for Android, BlackBerry, iOS[32] and Windows Mobile devices.
Mailbox Continuity
Continuity: During primary mail system outages, email can be accessed via Microsoft Outlook, through a web browser[33] and via mobile devices.[34]
DMARC
DMARC Analyzer: designed to help organizations manage their DMARC (Domain-based Message Authentication, Reporting, and Conformance) records effectively. It provides a user-friendly interface to simplify DMARC deployment and move towards a reject policy swiftly. The solution offers comprehensive visibility and governance across all email channels, helping to prevent email impersonation and improve email security posture. By leveraging detailed reports and analytics, organizations can gain insights into email traffic, identify unauthorized senders, and enforce DMARC policies to protect against phishing and spoofing attacks.[35]
Awareness Training
Awareness Training: an engaging, comprehensive platform designed to enhance employees' cybersecurity knowledge and behavior. It covers critical topics such as phishing, ransomware, CEO fraud, and compliance with regulations like HIPAA, PCI, and GDPR. The training uses short, interactive videos that are updated regularly to reflect the latest threat landscape.[36]
Brand Exploit Protect
Brand Exploit Protect: advanced online brand protection by identifying and eliminating potential threats before they can launch. This cloud-based solution utilizes machine learning and extensive scanning techniques to detect and neutralize attempts to clone websites, impersonate domains, and deceive customers.[37]
Security and privacy breaches
In January 2021, a Mimecast security certificate was revealed to have been compromised, potentially allowing attackers to intercept communications with Microsoft-based email servers.[38][39][40]
^"Email security firm Mimecast says hackers hijacked its products to spy on customers". U.S. 2021-01-12. Archived from the original on 2021-01-12. Retrieved 2021-01-13. Three cybersecurity investigators, who spoke on condition of anonymity to discuss details of an ongoing probe, told Reuters they suspected the hackers who compromised Mimecast were the same group that broke into U.S. software maker SolarWinds and a host of sensitive U.S. government agencies.
^"Mimecast Discloses Certificate Incident Possibly Related to SolarWinds Hack". SecurityWeek.Com. 2021-01-13. Retrieved 2021-01-13. According to Mimecast, it learned from Microsoft that hackers had compromised a certificate used to authenticate Mimecast Continuity Monitor, Internal Email Protect (IEP), and Sync and Recover products with Microsoft 365 Exchange Web Services. ... The company has not shared any details about the attacks abusing the compromised certificate, but some experts have speculated that the certificate may have allowed the hackers to intercept Mimecast customers' communications.
^Seals, Tara (2021-01-12). "Mimecast Certificate Hacked in Microsoft Email Supply-Chain Attack". Threatpost. Retrieved 2021-01-13. Mimecast provides email security services that customers can apply to their Microsoft 365 accounts by establishing a connection to Mimecast's servers... A compromise means that cyberattackers could take over the connection, though which inbound and outbound mail flows, researchers said. It would be possible to intercept that traffic, or possibly to infiltrate customers' Microsoft 365 Exchange Web Services and steal information. 'The attack against Mimecast and their secure connection to Microsoft's Office 365 infrastructure appears to be the work of the same sophisticated attackers that breached SolarWinds and multiple government agencies,' Saryu Nayyar, CEO at Gurucul, said via email.