Alice Chambers |
With over 17,000 employees working on a wide range of devices across 800 locations, the IT team for Aalborg Municipality in Denmark must ensure it runs effective security systems to protect citizen data. It manages 19,000 individual and shared mailboxes, as well as the municipality’s Microsoft 365 platform, which meant it faced a high volume of requests for assistance with phishing and business email compromise (BEC) cyberattacks.
The municipality had been using Microsoft Defender for email security, but when it was time to renew the licence, it found the coverage terms had changed. Tablet, thin-client and mobile users no longer had the same level of protection as those who accessed email directly from desktop systems. The subscription cost also increased significantly.
“First, we needed to ensure consistent email security for all users while remaining cost effective,” says René Ellersgaard, systems engineer for Aalborg Municipality. “At the same time, we wanted to relieve the burden on our support team by making it easier for users to manage quarantined email. We began considering new email security solutions.”
The municipality wanted a cost-effective solution that would deliver outstanding email security and be easy for both end-users and the IT support team to use. It also wanted seamless integration with Microsoft 365 and its cloud-based IT system management (ITSM) solution. Finally, the team wanted to work with a known and trusted vendor.
Aalborg Municipality opted to trial Check Point Software Technologies’ Harmony Email & Communication software, and worked with the company’s Professional Services team to test the solution with 80 users. One week later, it expanded the trial to cover 2,000 users and later to 4,000 users. After four weeks, everyone across the municipality was enrolled.
Harmony provides complete protection for Microsoft 365, as well as other collaboration or file-sharing applications. It blocks advanced phishing, malware, BEC, account takeover and ransomware attacks before they reach users’ inboxes, and it prevents sensitive business data from leaving the organisation.
“Implementation went great,” says Ellersgaard. “We were up and running within a day. Over the next few weeks as we expanded coverage, we also integrated Harmony with our ITSM solution. With a few tweaks, Harmony worked seamlessly in our organisation.”
The solution integrates with Aalborg’s ITSM product to automate the process of reviewing suspicious emails. When users are notified that they have received a quarantined email, they can decide whether to release it or not. If they click to release the email, the solution automatically creates a ticket in the ITSM. A support team member looks at the questionable email and decides whether it is safe to release.
Harmony now protects all Aalborg users, whether they use Microsoft Outlook email, web access without an Outlook client, or Microsoft Teams. Built-in artificial intelligence capabilities continuously scan inbound emails using contextual analysis, anomaly detection and anti-phishing algorithms to detect BEC and employee impersonation. Harmony Email then creates custom threat profiles by learning communication patterns, relationships and historical emails within users’ inboxes.
“Users embraced Harmony and found it easy to use,” says Ellersgaard. “Now they’re notified of a suspicious email and can decide whether or not to release it. They have better awareness of email security because they are involved in the decision process.”
Before Harmony, the support team had little visibility into threats while having to make decisions about which emails to release. Now the team now can see the types of emails coming in and is highly aware of the current cyber threat landscape.
“Harmony requires minimal effort from our support team,” says Ellersgaard. “We’ve gone from 20 to 25 release requests per day from users to one or two. When we do see a request, our team can quickly discern harmless emails from real threats.”
Users are also more aware of the types of sensitive data citizens send in emails to the municipality and have begun helping them to understand the risks and suggesting safer ways of sharing this information.
This article was originally published in the Spring 2024 issue of Technology Record. To get future issues delivered directly to your inbox, sign up for a free subscription.