Greenhill makes email for financial matters trustworthy by securing their domain

Learn more about OnDMARC
Greenhill logo

Industry

Banking

Employees

400+

Locations

15

Meet the company

Greenhill is a leading independent investment bank focused on providing financial advisory services. The firm operates globally with 15 different offices and over 400 employees, sending over 7 million emails a year.

Financially-driven email matters make tasty phish bait

Chief Information Officer (CIO), John Shaffer, hired a third-party cybersecurity rating company to review the organization’s cybersecurity. The audit flagged DMARC as failing and therefore a priority initiative to focus on. However, like most organizations introduced to DMARC by consultants, Greenhill was left with a sense of urgency to implement the email authentication protocol without any internal expertise or visibility of their email security landscape to know-how.

[object Object]

What Greenhill say about us

Greenhill logo

“It’s rare we need to go into OnDMARC and check anything, but shortly after deployment we discovered we were close to the 10 SPF lookup limit. By switching on OnDMARC’s Dynamic SPF feature we were able to configure it all directly inside OnDMARC’s portal versus going into our DNS manually and altering it”.

John Shaffer Greenhill
John Shaffer
CISO
Greenhill logo

“It’s rare we need to go into OnDMARC and check anything, but shortly after deployment we discovered we were close to the 10 SPF lookup limit. By switching on OnDMARC’s Dynamic SPF feature we were able to configure it all directly inside OnDMARC’s portal versus going into our DNS manually and altering it”.

John Shaffer Greenhill
John Shaffer
CISO

Full visibility, clear direction, and ongoing guidance

Faced with choosing between taking the plunge themselves and risk blocking legitimate emails, or hiring an expensive consultant, CIO John Shaffer looked for a DIY DMARC solution. After comparing multiple vendors John found “OnDMARC was reasonably priced and very easy to use”. With OnDMARC’s tools John successfully tackled three key areas:

  1. Visibility

    Greenhill uncovered 2,734 unauthorized email sources sending 671,000 fake emails from a parked domain, all of which were blocked using OnDMARC. OnDMARC also provided a clear visual of each legitimate email source’s DKIM and SPF status which had once been a challenge for the firm.

  2. Expertise

    Expertise With Mimecast already in place, DKIM and SPF settings were available, but it simply wasn’t apparent to Greenhill’s team where to begin. CIO John Shaffer explained, “we didn’t know much about DMARC or how to configure it properly but OnDMARC gave us instructions on how to configure Mimecast”.

  3. Ongoing protection

    With their domains in reject, Greenhill still continues to have visibility of ongoing protection with OnDMARC which is actively blocking unauthorized email activity. As one example, over 640,000 spoof emails were blocked in just 3 months successfully protecting themselves, their clients and their prestige reputation.

Confidently transitioning to full protection

One of the common challenges when dealing with email security is the fear that changes may affect the entire organization by blocking legitimate emails. John Shaffer Greenhill admitted that “this can make it scary“.

Thanks to OnDMARC, this wasn’t the case. John noted, “we’ve been able to take a cautious approach which OnDMARC has enabled us to do by clearly seeing the extent of the issue and then making it relatively easy to transition into full protection. We know we can lean on the OnDMARC folks and their easy-to-use technology”.

Since using OnDMARC, the financial institution has put all four domains into reject. After flicking the switch, they observed from their reports after flicking the switch that large phishing campaigns being targeted at their domain weren’t successful as they were blocked from being delivered.

LinkedInInstagramTwitter