PageGroup protects its domains from mass malicious email attacks with OnDMARC

Learn more about OnDMARC
PageGroup logo

Industry

Recruitment

Employees

7,000+

Locations

37

Meet the company

Employing over 7,000 people in 37 countries across the world, PageGroup’s four key brands provide recruitment services and career opportunities on a local, regional and global level.

OnDMARC rounds out PageGroup’s email security infrastructure

Juan Manuel Merino, Head of Cyber Security Operations, and his SecOps team at PageGroup had become aware of a huge amount of malicious activity happening across a large number of their domains, including the main domain, page.com.

In addition, hackers were also impersonating them via their trusted third-party contacts, so Juan actioned an urgent deep-dive into their email security. While they already had Mimecast set up as their Security Email Gateway, Juan “knew that implementing DMARC would give them visibility into who was impersonating them” and quickly took steps to get an implementation project off the ground.

[object Object]

What Page Group say about us

PageGroup logo

“Now that we have woven OnDMARC into our email security stack, we have gone 6 months in a row without a security incident.”

Juan Manuel​ Merino
Head of Cyber Security Operations
PageGroup logo

“Now that we have woven OnDMARC into our email security stack, we have gone 6 months in a row without a security incident.”

Juan Manuel​ Merino
Head of Cyber Security Operations

Autonomy, full visibility and comprehensive support

Owing to a cyber-first mindset across the organization and knowing that an attack could potentially cause huge technical, economical, and reputational damage, Juan had unquestioning support from his CISO to secure a DMARC solution. Together with his team, he identified Red Sift’s OnDMARC solution as being the ideal candidate for their needs as it offered them:

  1. Instant autonomy

    Dynamic SPF, part of OnDMARC’s Dynamic DMARC functionality, allowed Juan and his Security team to work without dependencies on other members of the wider IT team - a key factor in their quest for a DMARC solution.

  2. Visibility into their third-party network

    It was imperative for Juan’s team to have visibility into who was impersonating them so that they could quickly secure authorized senders and subsequently enforce a policy of p=reject.

  3. On-demand implementation support

    Juan and his team worked closely with Red Sift’s Customer Success team who provided guidance and answers at every step.

OnDMARC Dynamic SPF

Dynamic SPF brings independence and saves time

During Juan’s selection process for a DMARC provider, his team considered a number of DMARC solutions. However, it quickly became clear that OnDMARC’s Dynamic SPF feature stood out amongst the competition. Dynamic SPF automatically ensures every record for all third-party services is up to date at the point of query, so there is no static code to become outdated or obsolete - a significant advantage over static flattening that is the common technique adopted by other vendors.

The feature also enabled PageGroup to easily overcome the SPF 10 lookup limit for their many sending services, and Juan was able to take care of DNS changes within his own team. Juan noted: “We wanted to give ourselves autonomy. We did not want to embark on a project with dependencies on other IT colleagues in the company. In that sense, Dynamic SPF was a welcome addition.”

Enabling a confident security culture

The speed and efficiency with which OnDMARC was implemented meant that Juan and his team had newfound confidence in their email security infrastructure. More specifically, Juan noted: “Now that we have woven OnDMARC into our email security stack, we’ve gone 6 months in a row without a security incident.”

The level of satisfaction in the DMARC project also extends beyond Juan’s direct team: “Everybody in the IT team is very happy, even outside of the team. By implementing DMARC, we were able to do a lot of cleanup of rules and domains, even domains we were not using. In general, all the feedback has been positive about the project, from IT people to C-level.“

LinkedInInstagramTwitter