ADS Group is a UK‐based trade organisation that represents the aerospace, defence, security and space sectors, with membership made up of over 1,000 UK businesses.
Maintaining high security standards
As a representative of such high‐value industries, ADS sets the highest bar for secure communications and operations, especially important when maintaining direct channels with the government. ADS is proud of its accreditation for ISO9001:2015 & Cyber Essentials Plus, both internationally recognized standards that demonstrates the organization’s ability to deliver services that meet best‐practice customer and regulatory requirements. Additionally, ADS holds the UK government‐backed Cyber Essentials badge, further demonstrating its ongoing focus on keeping systems and staff secure against the threat of cyberattacks.
Cybersecurity challenges
Farnborough International, a subsidy of ADS Group Ltd is the home of the bi‐annual Farnborough International Airshow. As one of the leading global aerospace trade shows the organization is exposed to varying levels of cyber security attacks on a global level. From simple email spoofing to highly dangerous spear‐phishing campaigns, ADS’s email systems have to be configured and secured correctly.
“Not only do we need to prevent dangerous content being delivered internally to the business, like any organisation, but we also want to prevent messages that are purporting to be from our domain and containing potentially dangerous content delivered to our client and partner mailboxes,” says Matt Towell, group senior IT engineer.
“As a business, securing our email real‐estate is as paramount as ensuring the deliverability of our legitimate mail.”
Taking these nuances into careful consideration, ADS reviewed its security measures to take advantage of the latest technologies to set a new standard for its email security and resilience.
“On average, we send out 50,000 emails a month and receive 5‐6x more – email is paramount to all aspects of our organisation and any breach via email, or major issues with deliverability, would be detrimental to our reputation as well as that of our membership. When I joined 2 years ago, my first priority was to undertake a review to get a better grasp of the vulnerabilities and evaluate best‐of‐breed email security options.”
Combating phishing attacks
Due to the nature of ADS’s relationships with aerospace, defence and security organisations, the ADS domain, like other organisations operating in these sectors, faces the risk of email fraudsters looking to gain access or to disrupt the business in its dealings with the UK government.
Matt’s team has seen a number of spear‐phishing attempts– a simple yet effective trick employed by scammers preying on the unquestionable relationship of employer/employee.
“We use Mimecast for inbound email protection,” continues Matt.
“The solution sits between the public internet and our mail servers and provides a strong threat detection service with granular filtering and threat management.”
In today’s security landscape, having just one method of protection is not enough. Due to threats getting ever more complicated, spam houses using newer and different techniques to bypass filtering systems.
“Coupling the OnDmarc service with our public DNS records for email authentication, as well as the usage of Mimecast, we are able to prevent a majority of the different attacks getting through to our users and also protect anyone whether inside the organisation or externally from being able to spoof our domain,” continues Matt.
“This is particularly important with our position as a Trade Organisation as the service allows us to look into reports sent back from the receiving servers to alert us to any potential attack or problems with deliverability.”
Exploring DMARC
The company tell us that Matt had been aware of the DMARC protocol since its ratification in 2015, mainly due to the discussions amongst the Internet Engineering Task Force community, so was familiar with its unique ability to fully authenticate email senders. However, all of Matt’s dealings with DMARC to date had shown the protocol in a complex light, with the suggestion that DMARC reports could take as long as three to four hours to translate and synthesise for board members.
“I knew government bodies including the MoD and HMRC were using DMARC, and this prompted me to look into this as an option for ADS. When I started to consider providers that could support our implementation and management, OnDMARC came out top of my searches.
OnDMARC’s approach was professional, sleek and its technology offered excellent visibility of all the DMARC records. It was just the kind of detail we needed to present to our board of directors – with enough clarity to make it easy to understand.”
Speed of deployment
OnDMARC provides users with simple actions to setup DMARC based on their organisations unique email configuration. In doing so, it significantly reduces both the cost and complexity of achieving full DMARC protection with confidence, irrespective of internal resources or levels of expertise.
“OnDMARC was unbelievably quick to install, and within 15 minutes the solution was configured and collecting information. We haven’t really needed to refine the system either; it’s been smooth sailing in terms of publishing records, logging into the portal and watching the reports roll in. Using this information has helped with several routing and delivery issues we had relating to SPF and DKIM records and authorised senders.”
Achieving impressive business results
In June 2017, of the 24,000 emails being sent out by ADS, 22,000 were failing validation, but by August with OnDMARC deployed, over 62% were passing validation and being properly authenticated and 6,000 potential phishing attacks had been stopped from making it through to users’ inboxes.
In August 2017, OnDMARC was able to instantly block and reject 90,000 of 300,000 emails, based on the SPF, DKIM and DMARC records, with a further 15,000 held back as spam.
“In the first month since implementing OnDMARC, we have been able to tighten down on our public email record, we know who is sending emails as ADS, and we can stop mailshots from systems that my team aren’t aware of. OnDMARC lets us see the transfer of emails – most other providers can’t report on this.
Previously, our teams couldn’t understand why their emails were being returned as spam, but now, OnDMARC generates a report within 24 hours of emails being sent, providing us with details on which emails failed. This level of reporting is hugely significant to our business, and we can identify which email systems are sending these messages. I’ve worked in IT for nearly 15 years and OnDMARC is the first product to offer such a fantastic level of detail.”
ADS is working with its external bulk email suppliers to align their SPF and DKIM records before Matt’s team pushes for full reject mode on the organisation’s DMARC record.
“Since implementing DMARC, we’ve been inundated with messages from our members and partners asking for our advice on email security. I strongly advocate DMARC as an essential addition to an inbound/gateway solution, such as Mimecast, to provide complete protection. ADS Group wants to play a leading role in promoting email security excellence and we’re closer to achieving this thanks to OnDMARC’s pioneering technology solution.”
OnDMARC is a security product created by Red Sift, a new London startup from two ex-Shazamers.