Mimecast needs to reduce the number of false positive emails; a big pain point for us. A lot of emails were missed despite being known samples. This needs improvement to reduce the workload on admins to manage emails.
Mimecast need to ensure that the body text format is correctly handled and that images are properly embedded in the body text. Additionally, Mimecast should ensure that the system can accommodate multiple users and effectively send information to them.
IT Manager at a logistics company with 201-500 employees
Real User
Top 20
2024-06-14T10:30:08Z
Jun 14, 2024
The tool can be challenging because it relies on rule-based configurations, especially for addressing impersonation threats. This approach requires setting up numerous rules to ensure filtering. It should work based on behavior-based analytics. However, it relies on a database of blocked web addresses in the background rather than behavior-based scenarios. So, if a link is malicious and not in the database, it might slip through. Based on my experience requesting changes and configurations, even simple security queries can sometimes be challenging. For instance, it took us a week to properly configure. Resolving the issue involved multiple rounds of testing and discussions via email and conference calls. So, I believe some aspects of maintenance and setup in Mimecast Email Security may not be as straightforward as expected.
The solution is complex and not easy to use. I have to continuously manage the tech in a different space with the solution. I've got to manage different types of rules separately.
The solution's console interface was recently changed for the admins, but the previous one was much better because we could open tabs on it. Currently, it's just one pane, and we cannot open tabs in it.
Head of IT & Innovation at Shoreham Port Authority
Real User
Top 10
2023-06-30T12:00:43Z
Jun 30, 2023
I did have a problem with Mimecast. That is why I was looking for an alternative solution because their sender IP address gets poorly rated by Microsoft. So it blocks sending emails to Microsoft addresses. The aforesaid reason made me decide to opt for an alternate solution possibly.
The interface needs improvement. If I'm looking at the administration panel right now, I can track messages. I can see what was accepted. I can see what's held. I can see what's rejected. I can see what's bounced. I can see delivery. I can see processing. However, it's all seven different things, and that's just silly. Also, if something's held and shouldn't be, I can release it, yet I can't add it straight to an allowed list from there. I have to go to a whole separate section, create a policy, update the policy, and add the email address, whereas in our prior product that we used to use, called AppRiver, if mail came in and it should be white-listed or allowed, you would just click the little box and say always allow, and it would just add it straight to the appropriate filter to allow it. The way we have to do it in this product is very convoluted. On the back end, there are ten different places to check for things before you finally figure out the right spot. I'd like to have better support from the product in the future. I have noted that support has gotten worse over time.
They should make the solution's identity protection feature even better. Also, its default policies need improvement. In addition, they should improve the cookies management feature as well.
Director, Information Services at Institute of Peace
Real User
Top 5
2023-03-09T22:03:29Z
Mar 9, 2023
Many of our users complain that the system is blocking too many attachments. It's a good practice from a security perspective, but our users think Mimecast is doing too much. It might be something we'll have to adjust.
The installation is not so straightforward. In comparison, for example, Proofpoint or Defender offer easier installations when you integrate with Active Directory.
The lock in is very, very tight. It is impossible to move out of Mimecast to a different product, like Proofpoint or 365 ATP, and keep the chain of custody for every email that I've archived. The reaction time between a new threat being identified and Mimecast picking it up needs to be narrowed a bit. That gap needs to close. But other than that, I think it's good.
Senior Equity Analyst & Director of Managed Income Strategy at a financial services firm with 51-200 employees
Real User
2021-09-13T16:54:24Z
Sep 13, 2021
This solution can be frustrating. It blocks many things that should be going through. I have to authorize permission, which seems to be a frequent occurrence. It may be that we have set our protection too high but we work in a regulated industry. When you click to change permissions on something, it always launches a browser instance to tell me that I have taken an action. I have to close that out and go on to the next one, and when I asign permission another item, again it opens up a browser again to notify me that I have taken action. I don't know why it does that or why it is necessary. The filtering needs more flexibility.
Director ICT at a museum or institution with 51-200 employees
Real User
2021-05-29T15:27:51Z
May 29, 2021
There is always space for them to improve. As a user, the user interface of the management console could be upgraded, for example. They can definitely improve their management console interface. The solution could always add more features and expand its offering.
IT System Administrator at a engineering company with 1,001-5,000 employees
Real User
2021-04-29T21:13:16Z
Apr 29, 2021
Their support should be improved. They are notorious for sending you to knowledge-based articles rather than actually talking to you, but that is, unfortunately, kind of becoming a trend with everything. In terms of features, I haven't had any complaints. However, I don't like the fact they moved to a paid training subscription model. They used to have a lot of free webinars for training, but they have started to charge for them in the past year.
Head Of Finance And Administration at a financial services firm with 1,001-5,000 employees
Real User
2020-12-18T19:00:16Z
Dec 18, 2020
It was not so much about the product itself, however, their business model needs improvement. We have subscribed to an archival service, and yet, when we have to get our data out, we have to pay a fee to get our own data. They charge an extraction fee. This is something which really worries us as a company.
IMC Companies at a transportation company with 1,001-5,000 employees
Real User
2020-12-16T07:45:01Z
Dec 16, 2020
The detection rates are an area for improvement. The other opportunity area I see with Mimecast is that when you're searching inside of the admin console and you detect malicious emails that bypass Mimecast security: let's say you had a hundred of those messages there. Mimecast doesn't have a way to group those and submit one single report to Mimecast. You have to do one at a time which is not really very conducive — it's very time-consuming. Those are the main two points. If they work to fully resolve those two issues, that would make this an awesome tool. I mean, it's a good tool, but it would be even better. The main feature that will help everyone will be a different way to submit phishing or malicious emails that went through security. That would be a very good feature I would like to see in the next release.
Regional Manager at a tech services company with 11-50 employees
Real User
2020-12-15T15:31:11Z
Dec 15, 2020
Because we have not faced any challenges there is no way that we can say that there has to be some improvement. The price could be better, it should be reduced.
Mimecast Email Security is a comprehensive solution designed to safeguard organizations against advanced email threats. With an array of advanced security features, it provides robust protection against phishing attacks, malware, ransomware, and other targeted threats.
This product leverages Mimecast's extensive threat intelligence network to identify and block malicious emails before they reach the user's inbox. It employs sophisticated algorithms and machine learning techniques to analyze...
Mimecast needs to reduce the number of false positive emails; a big pain point for us. A lot of emails were missed despite being known samples. This needs improvement to reduce the workload on admins to manage emails.
The product's interface could be improved to be more user-friendly.
Mimecast need to ensure that the body text format is correctly handled and that images are properly embedded in the body text. Additionally, Mimecast should ensure that the system can accommodate multiple users and effectively send information to them.
The tool can be challenging because it relies on rule-based configurations, especially for addressing impersonation threats. This approach requires setting up numerous rules to ensure filtering. It should work based on behavior-based analytics. However, it relies on a database of blocked web addresses in the background rather than behavior-based scenarios. So, if a link is malicious and not in the database, it might slip through. Based on my experience requesting changes and configurations, even simple security queries can sometimes be challenging. For instance, it took us a week to properly configure. Resolving the issue involved multiple rounds of testing and discussions via email and conference calls. So, I believe some aspects of maintenance and setup in Mimecast Email Security may not be as straightforward as expected.
External security features need improvement.
The feature that should be included is to remove the block on the encrypted files.
The solution should include more AI features instead of Mimecast's more general static configuration tooling.
They could provide a unified licensing model, including all the security features.
The solution is complex and not easy to use. I have to continuously manage the tech in a different space with the solution. I've got to manage different types of rules separately.
The solution's console interface was recently changed for the admins, but the previous one was much better because we could open tabs on it. Currently, it's just one pane, and we cannot open tabs in it.
I did have a problem with Mimecast. That is why I was looking for an alternative solution because their sender IP address gets poorly rated by Microsoft. So it blocks sending emails to Microsoft addresses. The aforesaid reason made me decide to opt for an alternate solution possibly.
The interface needs improvement. If I'm looking at the administration panel right now, I can track messages. I can see what was accepted. I can see what's held. I can see what's rejected. I can see what's bounced. I can see delivery. I can see processing. However, it's all seven different things, and that's just silly. Also, if something's held and shouldn't be, I can release it, yet I can't add it straight to an allowed list from there. I have to go to a whole separate section, create a policy, update the policy, and add the email address, whereas in our prior product that we used to use, called AppRiver, if mail came in and it should be white-listed or allowed, you would just click the little box and say always allow, and it would just add it straight to the appropriate filter to allow it. The way we have to do it in this product is very convoluted. On the back end, there are ten different places to check for things before you finally figure out the right spot. I'd like to have better support from the product in the future. I have noted that support has gotten worse over time.
They should make the solution's identity protection feature even better. Also, its default policies need improvement. In addition, they should improve the cookies management feature as well.
Many of our users complain that the system is blocking too many attachments. It's a good practice from a security perspective, but our users think Mimecast is doing too much. It might be something we'll have to adjust.
The solution is very expensive.
The installation is not so straightforward. In comparison, for example, Proofpoint or Defender offer easier installations when you integrate with Active Directory.
The lock in is very, very tight. It is impossible to move out of Mimecast to a different product, like Proofpoint or 365 ATP, and keep the chain of custody for every email that I've archived. The reaction time between a new threat being identified and Mimecast picking it up needs to be narrowed a bit. That gap needs to close. But other than that, I think it's good.
While it's quick and easy, the initial setup could be more user-friendly.
This solution can be frustrating. It blocks many things that should be going through. I have to authorize permission, which seems to be a frequent occurrence. It may be that we have set our protection too high but we work in a regulated industry. When you click to change permissions on something, it always launches a browser instance to tell me that I have taken an action. I have to close that out and go on to the next one, and when I asign permission another item, again it opens up a browser again to notify me that I have taken action. I don't know why it does that or why it is necessary. The filtering needs more flexibility.
Its pricing can be improved. It is a bit expensive.
There is always space for them to improve. As a user, the user interface of the management console could be upgraded, for example. They can definitely improve their management console interface. The solution could always add more features and expand its offering.
Their support should be improved. They are notorious for sending you to knowledge-based articles rather than actually talking to you, but that is, unfortunately, kind of becoming a trend with everything. In terms of features, I haven't had any complaints. However, I don't like the fact they moved to a paid training subscription model. They used to have a lot of free webinars for training, but they have started to charge for them in the past year.
It was not so much about the product itself, however, their business model needs improvement. We have subscribed to an archival service, and yet, when we have to get our data out, we have to pay a fee to get our own data. They charge an extraction fee. This is something which really worries us as a company.
The detection rates are an area for improvement. The other opportunity area I see with Mimecast is that when you're searching inside of the admin console and you detect malicious emails that bypass Mimecast security: let's say you had a hundred of those messages there. Mimecast doesn't have a way to group those and submit one single report to Mimecast. You have to do one at a time which is not really very conducive — it's very time-consuming. Those are the main two points. If they work to fully resolve those two issues, that would make this an awesome tool. I mean, it's a good tool, but it would be even better. The main feature that will help everyone will be a different way to submit phishing or malicious emails that went through security. That would be a very good feature I would like to see in the next release.
Because we have not faced any challenges there is no way that we can say that there has to be some improvement. The price could be better, it should be reduced.