60%
of PageGroup’s unique sending sources were sending malicious emails before OnDMARC.
96
of their domains have now been fully configured and protected with DMARC.
16M
DMARC authenticated emails were sent and delivered in a 30-day period.
Industry
Recruitment
Employees
7,000+
Locations
37
Key features
Meet the company
Employing over 7,000 people in 37 countries across the world, PageGroup’s four key brands provide recruitment services and career opportunities on a local, regional and global level.
OnDMARC rounds out PageGroup’s email security infrastructure
Juan Manuel Merino, Head of Cyber Security Operations, and his SecOps team at PageGroup had become aware of a huge amount of malicious activity happening across a large number of their domains, including the main domain, page.com.
In addition, hackers were also impersonating them via their trusted third-party contacts, so Juan actioned an urgent deep-dive into their email security. While they already had Mimecast set up as their Security Email Gateway, Juan “knew that implementing DMARC would give them visibility into who was impersonating them” and quickly took steps to get an implementation project off the ground.
Testimonial
Dynamic SPF was a gift that made everything much easier. It gave us the internal autonomy to not have to rely on DNS administrators to make changes. It was one of the main reasons we chose OnDMARC over other competitors.
Autonomy, full visibility and comprehensive support
Owing to a cyber-first mindset across the organization and knowing that an attack could potentially cause huge technical, economical, and reputational damage, Juan had unquestioning support from his CISO to secure a DMARC solution. Together with his team, he identified Red Sift’s OnDMARC solution as being the ideal candidate for their needs as it offered them:
Instant autonomy
Dynamic SPF, part of OnDMARC’s Dynamic DMARC functionality, allowed Juan and his Security team to work without dependencies on other members of the wider IT team - a key factor in their quest for a DMARC solution.
Visibility into their third-party network
It was imperative for Juan’s team to have visibility into who was impersonating them so that they could quickly secure authorized senders and subsequently enforce a policy of p=reject.
On-demand implementation support
Juan and his team worked closely with Red Sift’s Customer Success team who provided guidance and answers at every step.
Dynamic SPF brings independence and saves time
During Juan’s selection process for a DMARC provider, his team considered a number of DMARC solutions. However, it quickly became clear that OnDMARC’s Dynamic SPF feature stood out amongst the competition. Dynamic SPF automatically ensures every record for all third-party services is up to date at the point of query, so there is no static code to become outdated or obsolete - a significant advantage over static flattening that is the common technique adopted by other vendors.
The feature also enabled PageGroup to easily overcome the SPF 10 lookup limit for their many sending services, and Juan was able to take care of DNS changes within his own team. Juan noted: “We wanted to give ourselves autonomy. We did not want to embark on a project with dependencies on other IT colleagues in the company. In that sense, Dynamic SPF was a welcome addition.”
Enabling a confident security culture
The speed and efficiency with which OnDMARC was implemented meant that Juan and his team had newfound confidence in their email security infrastructure. More specifically, Juan noted: “Now that we have woven OnDMARC into our email security stack, we’ve gone 6 months in a row without a security incident.”
The level of satisfaction in the DMARC project also extends beyond Juan’s direct team: “Everybody in the IT team is very happy, even outside of the team. By implementing DMARC, we were able to do a lot of cleanup of rules and domains, even domains we were not using. In general, all the feedback has been positive about the project, from IT people to C-level.“
Find out how OnDMARC can stop your domain from being impersonated and protect your customers, employees, and partners.
