Shady Side Academy shaves 92% off phishing incident response times with Armorblox
Shady Side Academy is an independent preparatory school located in Pittsburgh, Pennsylvania. Shady Side Academy enrolls approximately one thousand students annually and is a member of the National Association of Independent Schools and the Association of Boarding Schools.
For Shady Side Academy to uphold its mission of “challenging students to think expansively, act ethically and lead responsibly”, it’s vital that students have a secure learning experience. A key component of this security ideal is keeping malicious emails out of the inboxes of students, faculty members, and staff.
Shady Side Academy had built-in email security from Office 365 to protect against spam, malware, and mass phishing attacks. While spam and known malware was largely taken care of by native email security, targeted email attacks were still making their way into inboxes.
Email risk is a reality for every educational institution. The 2021 Verizon Data Breach Investigations Report found that 50% of breaches in the Education sector involved social engineering. Around 80% of these social engineering breaches involved Pretexting as a tactic, which is heavily associated with BEC.
Tim Winner, Director of Educational Technology at Shady Side Academy, said:
“We would routinely get hit with phishing and impersonation emails. These were usually sent from Gmail accounts and started off as a ‘quick email’ to check if the victim was in office or a request from someone pretending to be their manager. If even a few users fall for the attack, it becomes a challenge.”
The security team were also burdened by time-consuming investigation and remediation processes for every email threat and false positive. Leaving a suspicious email in a student’s mailbox could also lead to parental concerns being raised.
“If a student falls for an email attack, their accounts can be used as a vehicle for more attacks and spam delivery. It’s important for us to find and remediate any bad emails in students’ inboxes, but it has also been time consuming. A help desk process for a student usually took between 1-3 hours before Armorblox.”
Shady Side Academy was looking for an email security solution that augmented built-in Office 365 capabilities, provided effective protection against advanced phishing and targeted email attacks, and saved time for the security team without affecting email delivery.
“We were looking for something that didn’t impact email delivery by being inline. We were also looking for sophisticated threat detection - something beyond wholesale blocklisting that could more accurately detect targeted attacks.”
Armorblox inbound email protection
Armorblox connects over APIs with Office 365 to provide highly effective protection against targeted email attacks like BEC, account takeover, impersonation, and credential phishing. By using Natural Language Understanding (NLU) and other detection algorithms, Armorblox stops advanced email attacks from endangering Shady Side Academy students, faculty, and staff.
Emails are automatically classified under granular threat categories (e.g. payroll fraud, payment fraud, phish URL in mail body, email account compromise), minimizing the need for custom policy setup and upkeep. Armorblox also automatically remediates a vast majority of detected threats, based on remediation actions configured by the security team (e.g. delete, quarantine, lock user account, apply warning banner).
Armorblox has helped Shady Side Academy meet its email security objectives while also positively impacting its people and processes.
Improved protection against targeted email attacks
Armorblox provides highly effective protection against socially engineered email attacks targeted at Shady Side Academy students, faculty, and staff. The vast majority of targeted email attacks are automatically remediated by leveraging Office 365 APIs, keeping people safe without negatively affecting email availability or overloading the security team.
User-reported email threats at Shady Side Academy have reduced by 75% since Armorblox deployment due to improved inbound threat detection.
“Armorblox is exactly the sort of sophisticated solution we were seeking. It detects threats that blocklists would never have caught. I don’t have to risk email delivery anymore by applying heavy-handed filters to domains.”
Time savings for the security team
Armorblox has simplified and automated large portions of email threat protection at Shady Side Academy. The platform is easy to use and provides quick time to value for the security team without interrupting their daily work. Armorblox automatically remediates suspicious emails across user mailboxes.
For Shady Side Academy, Armorblox has reduced triage and remediation times for user-reported phishing emails by 92%.
“Since implementation, Armorblox has saved the Shady Side Academy IT team a few hours per week on average. Identified messages aren’t lost because they’re moved to the user’s Deleted Items folder, where they’re still accessible, but clearly marked as unsafe with rationale provided. End users and IT staff can easily identify why a message was mitigated. Armorblox has proven its accuracy and effectiveness to the point that I rarely even think about dangerous emails getting through!”