The challenge: Static SEG technology falling short
- Phishing attacks: Metropolis International Group’s previous SEG was insufficient in preventing advanced attacks.
- Spam filtering: A significant amount of spam evaded their SEG. Managing spam notifications became an administrative burden, significantly increasing the security team’s workload.
- Email misdirection: The SEG failed to stop sensitive information from being sent to incorrect recipients, creating privacy and compliance risks.
- Impersonation protection: The SEG’s simplistic name matching policy led to excessive false positives when messages were sent from personal to work email accounts.
Mastering the complexity of email domain management
As a leading media and technology firm, Metropolis International Group (Metropolis) manages over 40 diverse publications, ranging from financial journals to music industry magazines. This variety often results in false email misdirection and impersonation alerts from their Secure Email Gateway (SEG) during internal forwarding. Faced with an uptick in sophisticated phishing attacks evading the SEG, Metropolis wanted to take decisive action to mitigate risk, improve user experience and alleviate the administrative burden on its security team.
Seamlessly migrating away from the SEG whilst ensuring business continuity
After deploying the Egress Intelligent Email Security Suite, Metropolis decided to transition away from its SEG entirely. Chris Jenkins, IT Manager at Metropolis explains: “We rigorously reviewed our email security policies to discern what needed to stay and what was outdated. Opting for a clean slate, we chose Microsoft Exchange Online Protection, with the Egress Intelligent Email Suite layered on top for additional security.”
The migration, conducted domain by domain starting with the least active, involved reconfiguring internet traffic and updating crucial settings to secure mail flow. “Following this adjustment, we activated all the necessary policies. The next stage, which was critical, involved observing and testing the system closely for any missed emails or potential issues that required immediate attention and resolution,” Chris notes. Progressively, Metropolis expanded this approach to include their five largest domains. This systematic method allowed Chris to strengthen Metropolis’ email security infrastructure gradually, ensuring each domain was adequately secured before moving onto the next.
Chris explains: “The biggest priority for me is about being abundantly cautious when dealing with the business-critical service of email and ensuring mail flow remained uninterrupted throughout.”
“Egress takes a lot of operational tasks away with automation. Since removing our SEG, the security team no longer wastes time on spam notifications and can focus on more strategic initiatives.
Chris Jenkins, IT Manager, Metropolis
Metropolis International elevates email security with advanced detection, automated spam remediation, and misdirected email protection
Having successfully migrated from its SEG provider, Metropolis is now leveraging Egress Defend’s behavioral AI to detect and neutralize the most sophisticated threats that bypass Microsoft’s native security, identifying 12,696 dangerous emails over a 90-day period.
Chris explains: “With our small team, time-saving features are crucial. Defend’s automatic remediation function is a standout for us — removing malicious emails from everyone’s inboxes at scale without requiring any additional input from the team.”
Another productivity feature, Graymail Detection, is intelligently classifying unwanted mail and moving it to a dedicated folder before it reaches the inbox, with 191,979 graymails filtered in the last 90 days alone. “Egress takes a lot of operational tasks away with automation. Since removing our SEG, the security team no longer wastes time on spam notifications and can focus on more strategic initiatives,” notes Chris.
Users were struggling with misdirected emails and impersonation alerts from their SEG. Now, Egress Prevent is providing intelligent, bespoke data loss prevention for every Metropolis user. With a potential data breach avoided every other day over a 90-day period, Paul Wilkins, Chief Technology Officer, says: “The notifications aren’t too frequent, but they appear just often enough to make an impact.” He concludes, “Ultimately, switching from our SEG to Egress has elevated our email security and significantly reduced administrative burden, all while saving on unnecessary costs.”