Skip to content
Search
Support
 Select language
Cancel

Case Study

Shields Health Solutions

At a Glance

1491 dangerous emails identified within 90 days

82 potential data loss incidents stopped

Defend Dashboard gives holistic view of types of threats so internal simulated phishing campaigns can be customized

KnowBe4 Transforms Email Security at Shields Health Solutions

The Need to Protect Patient Privacy in a Remote Environment

As a leading pharmaceutical organization, it is crucial for Shields Health Solutions (Shields) to guarantee the safety and confidentiality of sensitive patient data on email.

With most Shields employees working remotely, Rob Fountaine, Principal Security Engineer at Shields, explains: “Email is an essential but ultimately dangerous tool we use every day. Whether it’s interacting with targeted phishing emails like business email compromise, sending sensitive information to a personal email address or not applying the right security – any mistake puts our sensitive data at risk.”

Industry

Healthcare

Location

Massachusetts, USA

Challenge

Addressing a full range of email-based threats while managing employee interactions with sensitive data

KnowBe4 Products

Observing the limited detection capabilities of secure email gateways (SEG) and the overlap in functionality offered by Microsoft 365’s native security controls, Fountaine says: “We wanted a single platform to plug the gaps in Microsoft 365 and defend against the entire range of advanced inbound and outbound threats over email. In addition, we wanted the platform to provide in-the-moment prompts to enhance employee’s security awareness without disrupting workflow.”

See KnowBe4 Defend™ in Action

Learn how Defend™ strategically enhances Microsoft 365 native security to catch the threats Secure Email Gateways (SEGs) and others miss.

Get a Demo

KnowBe4 Intelligently Eliminates the Full Spectrum of Email-based Threats

KB4-CR-0881-SHS-IT-Office-800Following a successful pilot, Shields implemented cloud email security products from the KnowBe4 Collaboration Security suite across all 2,000 users to address the security limitations they recognized in their native security platform. KnowBe4 Defend™, KnowBe4 Prevent™, and KnowBe4 Protect™ seamlessly integrate with Microsoft 365, utilizing AI models and an adaptive security architecture to detect and respond to threats, as well as providing real-time nudges to alert users before security incidents can occur.

Defend leverages pre-generative and zero-trust models, as well as linguistic, contextual and behavioral analysis to detect sophisticated phishing attacks such as business email compromise. On the outbound, Prevent and Protect combine contextual machine learning, intelligent DLP and encryption to ensure emails are sent to the correct recipients, containing the right information and are appropriately protected relative to the level of risk.

“The Defend banners have been game-changing,” Fountaine says. “Not only are users stopping to pay attention to the banners and understand the threat, but since we incorporated them into our phishing simulation campaigns, we have seen a dramatic decrease in click rate. In addition, the Prevent prompts allow users to make an educated decision when sending an email, and I know that every single time a user accepts advice, we may have just avoided a serious data loss incident.”

“The Defend banners have been game-changing. Not only are users stopping to pay attention to the banners and understand the threat, but ... we have seen a dramatic decrease in click rate.”

Rob Fountaine, Principal Security Engineer, Shields

Defend Detects 1491 More Attacks than Microsoft 365

In a 90-day period, 1491 phishing emails bypassed Microsoft 365 and were identified and neutralized by Defend, with 743 attacks that evaded native security came from compromised accounts. In the same period, Prevent stopped 82 potential data loss incidents.

1491 dangerous emails identified within 90 days

KB4-CR-0881-SHS-IT-Data-Storage-800“If you are using Microsoft 365, it makes perfect sense to move towards a best-of-breed platform like KnowBe4 that can eliminate the full spectrum of inbound and outbound threats over email.” Fountaine says. “Another thing we like about utilizing a [cloud email security vendor] over a traditional SEG vendor is that we didn’t have to alter our MX record, meaning there are less publicly available indicators for threat actors to exploit.”

Fountaine and the security team at Shields were particularly impressed with KnowBe4’s remediation capabilities. “With Defend, the dashboard gives us a holistic view of the types of threats targeting our organization which we can then use to tailor our internal phishing campaigns. Conversely, Prevent and Protect analytics give us granular insights into what type of advice is being accepted to continually assess email security policies.”

Fountaine says: “We were looking for a new platform that went above and beyond the SEG – and that’s exactly what KnowBe4 has given us. KnowBe4 has optimized every aspect of our email security, from detection and remediation to security awareness training."

Download the PDF