{"id":4805,"date":"2020-09-10T23:39:14","date_gmt":"2020-09-10T23:39:14","guid":{"rendered":"https:\/\/pariswells.com\/blog\/?p=4805"},"modified":"2025-02-25T08:47:21","modified_gmt":"2025-02-25T08:47:21","slug":"mimecast-best-practice","status":"publish","type":"post","link":"https:\/\/pariswells.com\/blog\/research\/mimecast-best-practice","title":{"rendered":"Mimecast Best Practice"},"content":{"rendered":"\n<p><strong>Anti-Spoofing<\/strong><\/p>\n\n\n\n<p>*Are these policies working for the organization?<\/p>\n\n\n\n<p>Please look toward the following link for better insight on the policy:<br>https:\/\/community.mimecast.com\/s\/article\/email-security-cloud-gateway-configuring-anti-spoofing<\/p>\n\n\n\n<p><strong>Auto Allow<\/strong><\/p>\n\n\n\n<p>Please consider the following for a better security posture:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Auto allow policy set to &#8221; Apply auto allow strict&#8221; this will enforce a 1 to 1 relationship in case of any third party outbreaks.<br>2.Set the addresses based on to &#8220;Both&#8221;<\/li>\n<\/ol>\n\n\n\n<p>Please look toward the following link for better insight on the policy:<br>https:\/\/community.mimecast.com\/s\/article\/email-security-cloud-gateway-configuring-auto-allow-policies<\/p>\n\n\n\n<p><strong>Permitted Senders<\/strong><\/p>\n\n\n\n<p>*Consider adding some entries to the profile group.<\/p>\n\n\n\n<p>Please look toward the following link for better insight on the policy:https:\/\/community.mimecast.com\/s\/article\/email-security-gateway-permitted-senders-policy-configuration<\/p>\n\n\n\n<p><strong>Spam Scanning<\/strong><\/p>\n\n\n\n<p>*Auto allow actions should be set on the definitions.<br>*Questions around the multiple policies.<\/p>\n\n\n\n<p>Please look toward the following link for better insight on the policy:https:\/\/community.mimecast.com\/s\/article\/email-security-cloud-gateway-spam-scanning-policy-configurations<\/p>\n\n\n\n<p><strong>Attachment Protection<\/strong><\/p>\n\n\n\n<p>Additionally please note that the UI in the definition of attachment protection has changed please look toward the following links for further insights:<\/p>\n\n\n\n<p><strong>Impersonation Protection<\/strong><\/p>\n\n\n\n<p>*Consider creating a VIP policy instead of having multiple policies.<\/p>\n\n\n\n<p>Please note that if you find that your VIP personal are being attacked or impersonated often please look to making a VIP policy where it is set to one hit with the customer display names enabled and filled in accordingly please look toward the following link for better insight.<br>https:\/\/community.mimecast.com\/s\/article\/email-security-cloud-gateway-impersonation-protection-guide<\/p>\n\n\n\n<p><strong>URL Protection<\/strong><\/p>\n\n\n\n<p>*Configured correctly.<\/p>\n\n\n\n<p>Please look toward the following link for better insight on the policy:https:\/\/community.mimecast.com\/s\/article\/email-security-cloud-gateway-configuring-url-protection<\/p>\n\n\n\n<p><strong>Internal Email Protection<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/community.mimecast.com\/s\/article\/api-integrations-journaling-overview?r=1030&amp;ui-knowledge-components-aura-actions.KnowledgeArticleVersionCreateDraftFromOnlineAction.createDraftFromOnlineArticle=1\">https:\/\/community.mimecast.com\/s\/article\/api-integrations-journaling-overview?r=1030&amp;ui-knowledge-components-aura-actions.KnowledgeArticleVersionCreateDraftFromOnlineAction.createDraftFromOnlineArticle=1<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Setup<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Remove text on stationary ( HTML and plain text ) before sending emails via Mimecast<\/li>\n\n\n\n<li>Disable Office 365 Spam Filter\u00a0<img decoding=\"async\" src=\"https:\/\/pariswells.com\/blog\/wp-content\/uploads\/2020\/09\/img_5f57289b6b2dc.png\" alt=\"\"><\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Maintenance<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Enabled Digest Sets every Hour ( not every 4 hour )<\/li>\n\n\n\n<li>Disable Device Enrollment\n<ol class=\"wp-block-list\">\n<li>Log on to the\u00a0<em><strong>Administration Console<\/strong><\/em>.<\/li>\n\n\n\n<li>Click on the\u00a0<em><strong>Administration<\/strong><\/em>\u00a0menu item.<\/li>\n\n\n\n<li>Select the\u00a0<em><strong>Account | Account Settings<\/strong><\/em>\u00a0menu item.<\/li>\n\n\n\n<li>Expand the\u00a0<em><strong>User Access and Permissions<\/strong><\/em>\u00a0section.<\/li>\n\n\n\n<li>Select the\u00a0<em><strong>Targeted Threat Protection Authentication<\/strong><\/em>\u00a0option.<\/li>\n<\/ol>\n<\/li>\n\n\n\n<li>SAML for Authentication SSO via a provider like Office 365 for 2fa and Brute Force protection. If not Fall back to LDAPS ( EWS basic Auth is not Secure )\u00a0<\/li>\n\n\n\n<li>Disable Cloud Auth ( Or enable only for Continuity , and expire logins after 30 days )\u00a0<\/li>\n\n\n\n<li>Service Monitoring Setup<\/li>\n\n\n\n<li>Acknowledge Disabled Users ( Make sure Receipt Validation is set to Known\u00a0<\/li>\n\n\n\n<li>Setup impersonation protection for VIP<\/li>\n\n\n\n<li>Restrict Administration Console to IP<\/li>\n\n\n\n<li>Continuity Test<\/li>\n\n\n\n<li>Confirm you have an account as Super Admin<\/li>\n\n\n\n<li>Enable Outbond DKIM\\SPF\\DMARC<\/li>\n\n\n\n<li>Inbound ( \u00a0this we recommend a \u201cReject\u201d setting. Out of the box we set it to ignore\/managed permitted sender entries as some customers didn\u2019t like that it was too aggressive. )\u00a0<img decoding=\"async\" src=\"https:\/\/pariswells.com\/blog\/wp-content\/uploads\/2020\/09\/img_5f581c202ffa4.png\" alt=\"\"><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Anti-Spoofing *Are these policies working for the organization? Please look toward the following link for better insight on the policy:https:\/\/community.mimecast.com\/s\/article\/email-security-cloud-gateway-configuring-anti-spoofing Auto Allow Please consider the following for [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[3345],"class_list":["post-4805","post","type-post","status-publish","format-standard","hentry","category-research","tag-mimecast-best-practice"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/4805","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/comments?post=4805"}],"version-history":[{"count":5,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/4805\/revisions"}],"predecessor-version":[{"id":8603,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/4805\/revisions\/8603"}],"wp:attachment":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/media?parent=4805"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/categories?post=4805"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/tags?post=4805"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}