Accelerating compliance with Gradian DLP-as-a-Service

The Business

This bold and distinctive International law firm is one of the largest law firms worldwide by global revenue, and employs over 2,000 lawyers. They are ranked by Thomson Reuters in the top 10 strongest global law firm brands.

The Challenge

Data loss prevention (DLP) is a key priority for security leaders across industries, especially in the legal sector which deals every day with regulated data. Legal teams handle a significant amount of highly sensitive information, from medical and financial data to merger and acquisition information. Moreover, everyone in the organisation – from partners and paralegal teams to administrative staff – is responsible for the management of data.

DLP is now a “must-have”

Until recently, the organisation relied on a legacy DLP platform which, according to their CISO, needed replacing. “The platform was effective, but we needed to refresh our approach. We needed a more mature, flexible DLP solution to improve credible alerting and meet client expectations.”

The CISO and his team had two options: operate and maintain a modern DLP platform in-house, or turn to a trusted managed provider to implement and support the solution. “DLP is more strategy than product, so success depends on methodology and execution,” he stated.

The Solution

“Forcepoint offers a top-tier platform to manage the acceptable movement of information based on people’s behaviour. We benefit from visibility and control about how data is handled, irrespective of people’s location,” claimed the CISO.

Gradian led the firm to study Forcepoint. “It’s rare for us to outsource IT support. However, the Gradian team were impressive during the selection phase. We were confident we could trust Gradian to provide insight and guidance in support of our DLP strategy,” he said.

The law firm has standardised on Gradian’s DLP-as-a-Service, powered by Forcepoint, to provide enterprise protection. The approach simplifies compliance whilst protecting both the client and the organisations’ own sensitive data.

The Result

DLP can be a ‘noisy’ environment, with regular alerts on incidents that turn out to be false positives. That’s not the case with DLP-as-a-Service, which is tuned to specific client and firm risks – diminishing false positives and automating the response to other lowgrade alerts. “We didn’t want our Security Operations Centre (SOC) to be overwhelmed with false positive alerts. Gradian understood our requirements and worked with us to tailor the security configuration accordingly.” This client-focused DLP strategy has become a talking point during client meetings. “We can demonstrate to clients how their critical data is transmitted. The clients welcome this trust and transparency – and we have Gradian to thank for that.” Their CISO concludes, “Gradian is one of our trusted partners. Everything about DLP-as-a-Service – the underlying Forcepoint technology, the implementation, and the ongoing management – are highly professional. We’re confident to trust Gradian to help maintain this critical security tool.”

The University of Warwick Builds a Secure Future with Gradian

The Business

The University of Warwick is a public research Russell Group university, located between the West Midlands and Warwickshire, England. Founded in 1965, the University is ranked 61st in the world and 10th in the UK. Some 92% of Warwick’s research has been assessed to be ‘world leading’ or ‘internationally excellent’ in the Research Excellence Framework.

The University and the wider U.K. higher education (HE) community are at a security tipping point. According to the JISC ‘Cyber Impact’ report, it is no longer a case of ‘if’ a security incident will hit institutions – it’s ‘when’. JICS’s Incident Response team, for example, is recording up to 6,000 incidents every year, including more than 1,000 denial of service attacks on the JISC network, targeting 236 members.

Moreover, Microsoft Security Intelligence reports that 87% of all enterprise global malware attacks have been against HE, including malware, advanced attacks, and phishing. Email platforms are under attack too: 96% of all phishing attacks are carried out via email spoofing.

HE institutions are struggling to keep up, JISC reveals. IT staff are being diverted from everyday tasks to resolve data breaches and incident recovery costs are spiralling. Another JISC report finds that recovery is challenging, time-consuming, and expensive. A lengthy rebuild of a digital estate could easily consume several million pounds, according to JISC.

The Challenge

Safeguarding The University of Warwick’s data

Common to the HE sector, the University of Warwick’s email environment is subject to attack by cybercriminals. An abundance of devices, the value of students’ personal identification information (PII), the University’s intellectual property, and the rise of post-pandemic remote learning make the University’s email platform a key target for malicious attacks. “We have approximately 40,000 active accounts, across multiple domains,” explains Des Butcher, Enterprise Application Director, University of Warwick. “Authentication is critical for us – not only to safeguard the email platform, but also to ensure critical emails are not blocked, such as the ones containing financial data or marketing campaigns.”

The challenge for Butcher and his team was to take control of the authentication framework and prevent attacks infiltrating the University’s systems. “SPF management was complex,” he says. “We have many sending services to authorise, ongoing DNS updates, a need to ensure continuity of service and ensure configuration is correctly managed.” Moreover, the team needed to resolve DKIM (domain keys identified mail) lifecycle management. “With no means to authoritatively identify the sender, anyone could easily impersonate sending domains,” says Butcher.

Maybe the University could manually attempt to get visibility into the DMARC (domain-based message authentication, reporting, and conformance) standard reports and identify the services that were not authenticated? “Manual DNS changes were an unsustainable approach,” says Butcher. “It would have taken a long time and absorbed a significant amount of our resources – resources that would be better spent on value-add strategic security tasks. We needed a robust, automated DMARC policy without the headaches of the implementation.”

This is where Gradian comes in.

The Solution

This forward-thinking data protection consultancy proposed an innovative new approach to managing the University’s email security. Butcher again: “Gradian was the ideal partner to support our DMARC enforcement. Their managed service approach takes away the risk and the resources needed to implement successful defence against email attacks. Their depth of knowledge, proven track record, and professionalism mean we trust Gradian implicitly.” Gradian deployed a Valimail DMARC enforcement platform at the University to eliminate domain spoofing and phishing. The highly automated solution delivers DMARC enforcement, easily enabling the University to auto-configure thousands of sending services. And integrated SPF technology dynamically overcomes the 10-domain lookup limit for every email – with 100% accuracy.

The Result

Almost eliminated phishing or spam campaigns

The bottom line? The University of Warwick now ensures only authorised senders can use the ‘warwick.ac.uk’ domain in the ‘From’ field of their email messages. “We have almost eliminated the frequency of successful phishing or spam campaigns purporting to be sent from the ‘warwick.ac.uk’ addresses. We have complete visibility into what’s happening, thereby stopping the mis-use of our domain.”

Gradian has also been instrumental in driving agile and effective change management. “Gradian has been vital in the change program. They worked with the different University stakeholders and departments ensuring they were on-board with the change. The Gradian team were proactive and skilled throughout, managing the process so our small team could concentrate on other priorities. With Gradian’s support and the innovative Valimail platform, the University of Warwick has a guaranteed path to fast, safe DMARC enforcement.”

UK Law Firm Extends Technological Leadership with Anti-Phishing Initiative

The Business

Travers Smith is one of the oldest U.K. law firms, founded in 1810. Headquartered in the City of London, it has an additional office in Paris. The award-winning firm prides itself on its client-focused approach and aims to deliver an exceptional experience wherever its clients need it to be. Communication by email is a critical component of that experience. Email is also the biggest attack vector for malicious actors in general. Fake email that appears to come from traverssmith.com but is really from an imposter would not align with the firm’s devotion to exceptional client experience. The company knew it could address this through existing standards, and therefore prioritized email authentication with SPF, DKIM, and DMARC.

The Challenge

The National Cyber Security Centre has provided recommendations to U.K. businesses on email security and anti-spoofing best practices, including an update in 2018 that recommended all domains should use DMARC. In the legal services sector, allocation of resources to cybersecurity has been increasing in recent years, but teams still typically have to make the most of their constrained budgets. Darragh Macken is responsible for information security at Travers Smith and has held positions in information technology and security for more than a decade. Email security was top of mind for Darragh as he set out his priorities for the team. With phishing attacks and spoofing increasing, he knew they needed to prioritize email authentication to protect the firm’s brand and protect its clients, employees, and business partners from malicious actors using the traverssmith.com domain for nefarious purposes.

Darragh was looking for a solution that would:

With the support of management, Darragh set out to research the solutions available to help him. Having a long-standing partnership with local managed services partner, Gradian, Darragh sought its recommendation, as well as those of peers in the industry. With a shortlist of solutions in hand, the evaluation began.

The Solution

Travers Smith chose Valimail for its compliance with GDPR, complete visibility, automation, intuitive dashboard, and guarantee of getting to enforcement. The fully automated solution from Valimail outperformed competitors technically. Along with the managed services from Gradian, it was clear this solution would optimize Travers Smith’s resources. The company began the onboarding process with Gradian and achieved enforcement (p=reject) within about 90 days.

“It’s important when evaluating solutions to look at value add along with the cost. There is a clear price for the solution, and you must also consider the resource cost for a team member to manage the solution,” advises Darragh. “For us, it was clear that Valimail and Gradian would get the job done and give us the confidence to move to reject within 90 days — both providing a solution and enabling us to focus on the rest of our security program.”

The Result

Along with protecting its brand and domain from impersonation, Travers Smith is now a leader among the top 100 U.K. law firms in implementing DMARC at enforcement. Travers Smith clients, employees, and business partners can now trust that any email messages they receive from the domain traverssmith.com are legitimate, not fake. With the Valimail platform and the services provided by Gradian, Darragh is confident that the solution is doing what it is supposed to do. Meanwhile, he can continue to innovate in other ways to keep the business secure.