Bird & Bird achieve full compliance with a managed service to protect clients

Bird&Bird logo







Meet the company

Bird & Bird is an international law firm with a focus on helping organizations being changed by technology and the digital world. With over 1,300 lawyers in 29 offices, they send in excess of 600,000 external emails per month.

Clients must be able to trust legal communications

As DMARC became more widely adopted, the Infrastructure and Infosec teams at Bird & Bird were finding that more and more clients were requesting a p=reject policy. Jon Spencer, Infrastructure Manager at Bird & Bird, led the DMARC initiative with an understanding that this would not only protect their clients, but also the firm’s reputation by actively blocking email impersonation.

OnDMARC’s support team manage the DMARC journey to full protection

Due to rapid growth within the firm, everyone understood the need for DMARC, the challenge then was in internal resourcing to manage the project itself. This meant ensuring DMARC was correctly configured so that no legitimate emails were blocked along the way. OnDMARC provided ongoing managed support throughout the process for Bird & Bird. Here are some of their achievements:

  1. Cleaning up traffic

    Bird & Bird discovered 200+ illegitimate sending sources, successfully blocking them in the process of configuring DMARC for the domain.

  2. Shutting down spoofs

    By investing in DMARC for email security and getting to a p=reject state, the firm noticed that 2% of their external email traffic was being spoofed and successfully blocked by DMARC.

  3. Eradicating shadow IT

    OnDMARC automatically surfaced a number of sending services that weren’t malicious, but in use by the firm without IT’s knowledge. With a clear view of all mail being sent, Bird & Bird were able to identify what traffic was genuine and sign it correctly.

OnDMARC deliverability, location and senders report

Safe in the knowledge that all threats were identified and rectified

Bird & Bird already had Mimecast in place as a foundational secure email gateway. However, the IT team understood the benefits of DMARC for preventing email impersonation outside of their network boundary and explored the email security protocol only to find the project seemingly too broad and difficult to execute independently. This is a very common reason why organizations hesitate to adopt DMARC due to a lack of internal expertise and knowledge, which also explains the 6.5% adoption rate this year (2022) based on research powered by the Red Sift platform.