Lhasa Limited is a not-for-profit organisation that builds software to support critical decisions around chemical safety. As a trusted partner to regulators and research institutions, its reputation for credibility is central to its mission. Now, as the organisation grows globally, protecting that trust across its digital footprint has become just as vital.

For Zain Ahmed, Lead Cloud and Infrastructure Engineer, ensuring that trust extends to every email and domain was a top priority. As the organisation adopted more SaaS tools and expanded communication channels, Zain saw growing risks: domain spoofing, brand impersonation, and an increasing reliance on third-party services that introduced additional complexity and potential misconfigurations.

Although Lhasa hadn’t yet experienced an incident, Zain knew that waiting for one wasn’t a viable strategy. “We needed to protect our brand from day one and leave nothing to chance,” he explains. “Reputation is critical in our field, and we weren’t willing to wait for an attack to justify action. Taking control of our brand before someone else did was key.”

While Microsoft 365 offered some foundational controls, the team still lacked centralised visibility into senders, had no way to monitor impersonation, and knew that manual upkeep wouldn’t scale.

To shift from manual oversight to proactive control, Lhasa adopted Red Sift OnDMARC to bring visibility and automation to its email authentication setup.

With OnDMARC, Zain and his team were able to bring all of the company’s domains into full enforcement—the only way to protect a domain from exact domain spoofing. Every legitimate sender, whether internal or third-party, was identified, classified, and monitored. 

“OnDMARC gave us a clear path to achieving DMARC enforcement,” Zain explains. “We now have a complete picture of what’s sending on our behalf, and we can onboard new services with full confidence.”

Red Sift OnDMARC’s integrated LLM assistant, Red Sift Radar, adds another layer of efficiency. Embedded directly in the platform, Radar helps Zain investigate authentication failures without needing to dig through headers or switch between tools. Zain notes: “If a message fails, I can ask Radar what happened and get a clear, actionable explanation. It’s saved me hours I used to spend manually troubleshooting.”

With email authentication under control, Lhasa turned to Red Sift Brand Trust to strengthen its external defence against impersonation. As the organisation grows its global presence, the risk of malicious actors registering lookalike domains or spoofing its brand increases. Brand Trust now provides continuous visibility into these threats, surfacing domains that resemble Lhasa’s and prioritising those with indicators of potential abuse.

Zain says the value goes beyond just operations: “Brand Trust has given us confidence on two levels,” he explains. “Operationally, the IT team now has the visibility we need to monitor risks in real time and act if anything suspicious appears. But just as importantly, it gives our leadership team peace of mind that our brand is being actively protected, not reactively managed. That level of assurance is hard to put a price on.”

With Red Sift in place, Zain and the Lhasa Limited IT team have replaced a manual, reactive approach with a security model that delivers control and clarity. What started as a hands-on effort to manage DNS records and keep up with misconfigurations is now a fully enforced, transparent setup that runs with minimal effort.

Beyond email, the team now has visibility into how the Lhasa Limited brand appears across the internet—something they’d never had before. With early warning for suspicious domains and logo detection active, Zain knows they’re ready if and when impersonation attempts arise.

The greatest shift, however, is in mindset. “We’re no longer chasing issues,” says Zain. “With Red Sift, we’re running a security program that’s designed to stay ahead.”