Customer Story: Safe as Houses

Abhishek Iyer
Written by Abhishek Iyer
Customer Success Stories /
Customer Story: Safe as Houses

Growth-stage fintech company discontinues their SEG after deploying Armorblox as an O365 augmentation

The Customer

The subject of this case study is a financial technology company that operates an online marketplace for investing in real estate, primarily single-family rental homes. The company helps its clients by providing them with research, analytics, and insights to evaluate and purchase certified properties.

The Challenge

The customer had built-in email security from Office 365 and had deployed a legacy Secure Email Gateway (SEG) in front for additional protection against spam, phishing, and targeted email attacks. While spam was largely taken care of by incumbent security controls, and a sliver of phishing protection was now in place, targeted email attacks were still making their way into employee inboxes.

The IT manager at the company said:

“Even with the SEG in place, we were getting many emails impersonating our CMO and CEO, either asking for payments or just interrupting our employees’ daily work. We had to manually go into the SEG and filter out these emails every time they appeared.”

The SEG also introduced operational difficulties, particularly related to not letting ‘good’ or safe emails reach inboxes. Since SEGs are inline and every email is checked in theory, there is a perception of increased security. But many organizations, including the subject of this case study, face a less rosy reality where bad emails still get through and retrieving wanted emails requires needless overheads of time and effort.

The IT manager said:

“The SEG blocking emails that we wanted to go through ended up being very frustrating and impacted the productivity both of the security/IT team and of the employees whose emails were being blocked. I lost count of the times the team had to go into the SEG to try and find out where certain emails went, adding unnecessary workload to our already lean setup.”

The customer was looking for an email security solution that augmented built-in Office 365 capabilities, provided effective protection against advanced phishing and targeted email attacks, and eliminated manual, repetitive work for the security team.

The Solution

The customer deployed Armorblox as an augment to Office 365 security, while initially also continuing with their SEG albeit with a reduced footprint. Since Armorblox connects over APIs and inspects emails after both Office 365 and SEG filters, the Proof of Value process showcased scores of email attacks that had bypassed all existing email security layers.

Roughly one year after deploying Armorblox, the customer decided not to renew their SEG investment, choosing instead to just operate Armorblox as an augment to built-in Office 365 email security.

The IT manager said:

“The simple and effective PoV process was one of the main reasons we decided to invest in Armorblox. Putting it behind the SEG and still seeing email attacks come through really opened our eyes to the magnitude of the problem that needed to be addressed.”

Armorblox connects over APIs to Office 365 to provide highly effective protection against targeted email attacks like BEC, account takeover, impersonation, 0-day credential phishing, and vendor fraud. By using Natural Language Understanding (NLU) and other detection algorithms, Armorblox analyzes 1,000s of signals to understand the content and context of communications and protect the human layer from compromise.

Emails are automatically classified under granular threat categories (e.g. payroll fraud, payment fraud, phish URL in mail body, social engineering), eliminating the need for custom policy setup and upkeep. Armorblox also automatically remediates a vast majority of detected threats based on remediation actions configured by the security team (e.g. delete, quarantine, lock user account).

The Results

Streamlined and effective email security stack

Roughly one year after deploying Armorblox, the customer decided to discontinue their SEG deployment entirely, choosing instead to invest in an E5 license for Microsoft 365 and using Armorblox as the sole augment to built-in email security.

Armorblox works in concert with Office 365 Exchange Online Protection (EOP) and Microsoft Defender (MSDO) to catch email attacks missed by those solutions without duplicating the effective capabilities they already provide.

The IT manager said:

“We have a good mix with email security now. Armorblox takes care of a wide range of targeted email attacks like payment fraud, impersonation, fake password reset messages, and advanced phishing attacks. It also does a great job of pulling out threat insights from the emails for our inspection, in case we need to investigate any threat further.”

Freed up time and workload for the security team

Letting go of the SEG has considerably reduced operational difficulties with email delivery. Additionally, Armorblox out-of-the-box detection policies have eliminated the need for the security team to manually setup and maintain filters and policies, freeing up their time for other pressing cybersecurity concerns.

The IT manager said:

“Armorblox has been as close as possible to a ‘set it and forget it’ security solution, maybe more like ‘set it and check on it once a week’. Most of the setup, triage, and other repetitive work is taken care of, and information for email threats is easily accessible and understandable whenever we want to dig further.”

An IT support specialist on the project said:

“We have a very small team that covers all aspects of IT and security for the company. We will always appreciate tools that do some work for us and take some work off our hands. Armorblox has extended the bandwidth of our team, and that’s a resounding compliment.”

To see Armorblox work in your email environment, get a free 2-week risk assessment below

Get risk assessment

Read This Next