Key results achieved
60%
of PageGroup’s unique sending sources were sending malicious emails before OnDMARC
96
of their domains have now been fully configured and protected with DMARC
16M
PageGroup protects its domains from mass malicious email attacks with OnDMARC
Industry
Recruitment
Employees
7,000+
Locations
37
Meet the company
Employing over 7,000 people in 37 countries across the world, PageGroup’s four key brands provide recruitment services and career opportunities on a local, regional and global level.
OnDMARC rounds out PageGroup’s email security infrastructure
Juan Manuel Merino, Head of Cyber Security Operations, and his SecOps team at PageGroup had become aware of a huge amount of malicious activity happening across a large number of their domains, including the main domain, page.com.
In addition, hackers were also impersonating them via their trusted third-party contacts, so Juan actioned an urgent deep-dive into their email security. While they already had Mimecast set up as their Security Email Gateway, Juan “knew that implementing DMARC would give them visibility into who was impersonating them” and quickly took steps to get an implementation project off the ground.
![[object Object]](https://red-sift.cdn.prismic.io/red-sift/07450bf0-7008-41f5-91a9-0ca31822d3da_Quote+Open.svg)
What Page Group say about us
“Now that we have woven OnDMARC into our email security stack, we have gone 6 months in a row without a security incident.”
Juan Manuel Merino
Head of Cyber Security Operations
“Now that we have woven OnDMARC into our email security stack, we have gone 6 months in a row without a security incident.”
Juan Manuel Merino
Head of Cyber Security Operations
Autonomy, full visibility and comprehensive support
Owing to a cyber-first mindset across the organization and knowing that an attack could potentially cause huge technical, economical, and reputational damage, Juan had unquestioning support from his CISO to secure a DMARC solution. Together with his team, he identified Red Sift’s OnDMARC solution as being the ideal candidate for their needs as it offered them:
Instant autonomy
Dynamic SPF, part of OnDMARC’s Dynamic DMARC functionality, allowed Juan and his Security team to work without dependencies on other members of the wider IT team - a key factor in their quest for a DMARC solution.
Visibility into their third-party network
It was imperative for Juan’s team to have visibility into who was impersonating them so that they could quickly secure authorized senders and subsequently enforce a policy of p=reject.
On-demand implementation support
Juan and his team worked closely with Red Sift’s Customer Success team who provided guidance and answers at every step.
Dynamic SPF brings independence and saves time
During Juan’s selection process for a DMARC provider, his team considered a number of DMARC solutions. However, it quickly became clear that OnDMARC’s Dynamic SPF feature stood out amongst the competition. Dynamic SPF automatically ensures every record for all third-party services is up to date at the point of query, so there is no static code to become outdated or obsolete - a significant advantage over static flattening that is the common technique adopted by other vendors.
The feature also enabled PageGroup to easily overcome the SPF 10 lookup limit for their many sending services, and Juan was able to take care of DNS changes within his own team. Juan noted: “We wanted to give ourselves autonomy. We did not want to embark on a project with dependencies on other IT colleagues in the company. In that sense, Dynamic SPF was a welcome addition.”
Enabling a confident security culture
The speed and efficiency with which OnDMARC was implemented meant that Juan and his team had newfound confidence in their email security infrastructure. More specifically, Juan noted: “Now that we have woven OnDMARC into our email security stack, we’ve gone 6 months in a row without a security incident.”
The level of satisfaction in the DMARC project also extends beyond Juan’s direct team: “Everybody in the IT team is very happy, even outside of the team. By implementing DMARC, we were able to do a lot of cleanup of rules and domains, even domains we were not using. In general, all the feedback has been positive about the project, from IT people to C-level.“
