Mimecast security in general, it's a SaaS service so they have their servers; they have everything on their side and we're just quote-unquote, passing the traffic through them, the email traffic through them.
Mimecast has multiple different solutions, all linked to the email. They recently added user info security training, but we're not using that. We, however, are using the archive piece and we're currently using their security threat protection. Regarding the threat protection — that does just fine. As far as the security goes — they had a big hiccup earlier this year where they were giving a false positive to a bunch of attachments. I'm not sure what happened on their side but for one week at least we had that issue. It took them a little over a week to resolve the issue. We also had some minor incidents after that, that they resolved.
Generally speaking, other than that event, it has been good. It doesn't block a hundred percent of the security threats received, but you have a lot of options to tag or even further analyze the messages received through Mimecast, either to a third-party solution or through an endpoint solution.
Everyone uses this solution at our company, whether they know it or not because you can leave it as transparent as you want it, or as user-demanding as you want it. There are specific items that only IT uses, but in general, this solution is used by one hundred percent of the company.