3 min read
CareM is a healthcare management service providing services to senior care, post-acute, and home-based care companies. CareM has been operating for over 100 years, assisting privately owned groups, not-for-profits, municipalities, Native American tribes, and others.
|
Company snapshot |
|
|
Industry |
Healthcare management services |
|
Use case |
Protect executives from spoofing attacks, send HIPAA compliant email |
|
Goals |
|
|
Used solution |
|
|
Favorite features |
|
We sat down with Ryan Winchester, CareM’s Director of IT, to learn how the company uses ExecProtect+ alongside other Paubox solutions to communicate securely with the practices they serve and the vendors they partner with.
The problem
Winchester has been with CareM for many years and worked with various vendors. His team is in charge of helping the business communicate with hundreds of practices, and, as Director of IT, his priorities are secure communication with partners and protecting executives from Business Email Compromise (BEC) attacks, like spoofing.
While HIPAA compliant email was his starting point, Winchester knew he also wanted a solution that could protect against the more sophisticated threats targeting the healthcare industry.
One area his team used to struggle with? Protecting against spoofing attacks. BEC attacks generally involve a malicious actor using the name of an executive employee to scam other employees or clients, often demanding money or confidential information.
With Paubox ExecProtect, spoofing attempts at CareM have dramatically decreased–the solution automatically filters out spam. Administrators can adjust settings within the filter to block from entering user inboxes.
ExecProtect has always been a valuable part of CareM's cybersecurity strategy, but with attacks increasing in sophistication, CareM has faced renewed concerns. Winchester connected with Paubox to see if anything could be done, and, with CareM's and other customers' feedback, Paubox developed ExecProtect+, an even more comprehensive tool for fighting spam and spoofing attacks.
The solution
Winchester was already pleased with ExecProtect+. "It catches a lot of stuff. It really does," he explained.
ExecProtect+ utilizes AI-driven enhancements that allow organizations to automatically protect against display name spoofing attacks. The system uses AI to compile lists of users' names and email addresses, populating them into an ExecProtect configuration. When a malicious actor attempts to impersonate an individual, the email is quarantined. Administrators can easily verify the emails, allowing them to determine if any quarantined communication should be released.
"I can go to rule sets, paste it in there, and it's done," Winchester explains. "Microsoft is so convoluted and so hard to navigate to block a domain or whitelist a domain, whereas Paubox is very simple."
Winchester plans to input every employee at CareM into ExecProtect+, ensuring each individual's name is verified and protected. With the help of AI, it becomes almost impossible for bad actors to spoof employee names. It helps current employees, but it also ensures that if an employee leaves the company, their name won't be used in spoofing attempts. With a company as large as CareM, security needs to be maintained even if employees leave.
Paubox has met all of Winchester's needs and more. From HIPAA compliant email to ExecProtect+, Winchester has found the website and products easy to launch and simple to understand. Throughout his years at CareM, Winchester has come to know that some systems, like Microsoft, are time-consuming to figure out, making it an endeavor to blacklist or whitelist a domain.
With Paubox, the entire process is seamless and quick, "That's a huge deal when you’re short on time," he said. "Navigating around your website is so easy, so simple. It's incredible. It's one of my favorites. So easy to use."
The results
On top of security for executives, Winchester loves how secure every email is. Every person who sends an email, whether an intern or vice president, can feel confident that their email will be encrypted.
Most importantly, Paubox is easy for employees to use. Winchester appreciates that sending an email doesn't require "train[ing] employees to put things in subject lines" and that recipients don't have to use portals. Some of their customers and vendors were even surprised at how simple it was to open emails from Paubox. Once they learned Paubox is also HITRUST certified, they were impressed.
CareM's team also uses Paubox Forms to collect medical information and record it in their electronic medical record systems. Before that, their system was all paper, which could lead to delays and disorganization. With Paubox Forms, every record is sent right where it needs to go. "It doesn't have to go to a person here in our office to scan it, or to forward it, or drag a PDF out of an email into the medical record. It bypasses all of that," Winchester explained.
While Paubox Email Suite, ExecProtect+, and Paubox Forms have been the main selling points for the CareM team, Winchester says his team loves Paubox because of its customer support.
"The people really make the difference." He says. "When I call you guys for help, everyone is competent…You guys help right away. It’s first call resolution, which is a big deal."
On top of customer service, Winchester says using Paubox is straightforward. "Navigating around your website is so easy, so simple. It’s incredible. Out of every vendor I have, from Adobe Sign to Microsoft to Amazon business, you guys are one of my favorite websites."
3 min read