Welcome!

News Feed Item

Study Shows 75% of Large Enterprises That Attempt Email Authentication Fail, Leaving Internet's Top Global Domains Vulnerable

First-ever examination of S&P 500, Nasdaq 100, FTSE 100, and Alexa 1 million reveals majority of top businesses are at risk for data breaches and compliance lapses, regardless of company resources.

SAN FRANCISCO, Dec. 1, 2016 /PRNewswire/ -- ValiMail, the leader in automated email authentication, today released research indicating that most of the world's largest businesses fail at attempts to use open industry standards to control which email is sent using their names. The report reveals that three quarters of large businesses attempting implementation of the DMARC email authentication standard are not presently capable of using it to block unauthorized email, to the detriment of their own security, compliance, and brand protection.

435395LOGO

ValiMail performed a wide-ranging examination of email authentication policies for more than one million business domain names, including those for the S&P 500, Fortune 1000, NASDAQ 100, and FTSE 100. These policies are published using a specific syntax in DNS records so that receiving mailboxes can determine which messages are authorized and which are not.

"Our investigation showed that using email authentication to monitor and control unauthorized email is extremely difficult for the majority of global companies," said ValiMail CEO Alexander García-Tobar. "You might expect larger businesses with more resources to do a better job of governing the email going out under their names, but we found that most of them still miss the mark."

The study revealed that large enterprises are considerably more likely to attempt email authentication but that their success rate at managing and enforcing these complex open standards is nearly identical to far smaller, less-capitalized companies.

Email authentication is a foundational element in controlling how a company's identity is used online and protecting it from misuse. Problems stemming from unauthorized email include "Shadow IT" services inside the enterprise, brand damage from phishing, and the advanced attacks responsible for the vast majority of today's major security breaches.

ValiMail's study reveals large gaps in how corporations manage their online identities in email. Study highlights include:

  • Among companies attempting to implement email authentication, nearly 75% have not gotten all the way to enforcement.
  • The percentage of sites attempting email authentication varies directly with size. The NASDAQ 100 lead the way with 43% attempting authentication. Smaller companies are decreasingly likely to do so.
  • However, the likelihood of failure is remarkably consistent across all measured groups, regardless of size. The failure rate ranges from 62% to 80%, with most indexes clustering right around 75%.

Attempted authentication (of total)

Successfully protected (of total)

Protection failure rate (of those attempting authentication)

NASDAQ 100

43.0%

12.0%

72.1%

FTSE 100

25.0%

5.0%

80.0%

S&P 500

23.8%

6.1%

74.4%

Fortune 1000

16.2%

3.8%

76.5%

Alexa 10,000

14.2%

5.3%

62.3%

Alexa 100,000

5.9%

1.7%

71.1%

Alexa 1 million

2.3%

0.6%

74.6%

ValiMail analyzed the Domain Name System (DNS) records for every company in the Alexa 1 Million, the Fortune 1000, the Nasdaq 100, the S&P 500, and the UK's FTSE 100. By examining the record in DNS for each domain regarding DMARC (Domain-based Message Authentication, Reporting & Conformance), ValiMail was able to determine which businesses actively authenticated emails attempting to use their domain names.

ValiMail further determined which companies were performing this authentication correctly and which had failed to protect their domains. If a company fails at DMARC authentication, then unauthorized parties can use its domain names in email with impunity. That might be employees improperly sending email from cloud services or phishing attacks that can easily lead to data breaches.

"These results illustrate the difficulty in implementing email authentication correctly," said García-Tobar. "Though the DMARC, SPF, and DKIM standards that enable email authentication are highly effective when done right, they're poorly understood, counterintuitive, and syntactically exacting. That leaves industry with the very high failure rate measured in our research."

ValiMail provides a free domain check tool indicating whether a domain is authenticating properly and how exposed it is to phishing attacks and other misuse.

ABOUT VALIMAIL

ValiMail, the world's first provider of Email Authentication as a Service™, enables automated email authentication for 2.7 billion email inboxes globally. Using the DMARC, SPF, and DKIM protocols, ValiMail gives enterprises full visibility and control over who sends messages using their domains, eliminates phishing impersonation attacks, and improves email deliverability. For more information visit www.ValiMail.com.

Logo - http://photos.prnewswire.com/prnh/20161102/435395LOGO

To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/study-shows-75-of-large-enterprises-that-attempt-email-authentication-fail-leaving-internets-top-global-domains-vulnerable-300371175.html

SOURCE ValiMail

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
MongoDB Atlas leverages VPC peering for AWS, a service that allows multiple VPC networks to interact. This includes VPCs that belong to other AWS account holders. By performing cross account VPC peering, users ensure networks that host and communicate their data are secure. In his session at 20th Cloud Expo, Jay Gordon, a Developer Advocate at MongoDB, will explain how to properly architect your VPC using existing AWS tools and then peer with your MongoDB Atlas cluster. He'll discuss the secur...
Keeping pace with advancements in software delivery processes and tooling is taxing even for the most proficient organizations. Point tools, platforms, open source and the increasing adoption of private and public cloud services requires strong engineering rigor - all in the face of developer demands to use the tools of choice. As Agile has settled in as a mainstream practice, now DevOps has emerged as the next wave to improve software delivery speed and output. To make DevOps work, organization...
Without a clear strategy for cost control and an architecture designed with cloud services in mind, costs and operational performance can quickly get out of control. To avoid multiple architectural redesigns requires extensive thought and planning. Boundary (now part of BMC) launched a new public-facing multi-tenant high resolution monitoring service on Amazon AWS two years ago, facing challenges and learning best practices in the early days of the new service.
Niagara Networks exhibited at the 19th International Cloud Expo, which took place at the Santa Clara Convention Center in Santa Clara, CA, in November 2016. Niagara Networks offers the highest port-density systems, and the most complete Next-Generation Network Visibility systems including Network Packet Brokers, Bypass Switches, and Network TAPs.
SYS-CON Events announced today that MobiDev, a client-oriented software development company, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place June 6-8, 2017, at the Javits Center in New York City, NY, and the 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MobiDev is a software company that develops and delivers turn-key mobile apps, websites, web services, and complex softw...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm.
What sort of WebRTC based applications can we expect to see over the next year and beyond? One way to predict development trends is to see what sorts of applications startups are building. In his session at @ThingsExpo, Arin Sime, founder of WebRTC.ventures, will discuss the current and likely future trends in WebRTC application development based on real requests for custom applications from real customers, as well as other public sources of information,
DevOps tends to focus on the relationship between Dev and Ops, putting an emphasis on the ops and application infrastructure. But that’s changing with microservices architectures. In her session at DevOps Summit, Lori MacVittie, Evangelist for F5 Networks, will focus on how microservices are changing the underlying architectures needed to scale, secure and deliver applications based on highly distributed (micro) services and why that means an expansion into “the network” for DevOps.
In his session at Cloud Expo, Alan Winters, an entertainment executive/TV producer turned serial entrepreneur, will present a success story of an entrepreneur who has both suffered through and benefited from offshore development across multiple businesses: The smart choice, or how to select the right offshore development partner Warning signs, or how to minimize chances of making the wrong choice Collaboration, or how to establish the most effective work processes Budget control, or how to max...
Interoute has announced the integration of its Global Cloud Infrastructure platform with Rancher Labs’ container management platform, Rancher. This approach enables enterprises to accelerate their digital transformation and infrastructure investments. Matthew Finnie, Interoute CTO commented “Enterprises developing and building apps in the cloud and those on a path to Digital Transformation need Digital ICT Infrastructure that allows them to build, test and deploy faster than ever before. The int...
China Unicom exhibit at the 19th International Cloud Expo, which took place at the Santa Clara Convention Center in Santa Clara, CA, in November 2016. China United Network Communications Group Co. Ltd ("China Unicom") was officially established in 2009 on the basis of the merger of former China Netcom and former China Unicom. China Unicom mainly operates a full range of telecommunications services including mobile broadband (GSM, WCDMA, LTE FDD, TD-LTE), fixed-line broadband, ICT, data communica...
ChatOps is an emerging topic that has led to the wide availability of integrations between group chat and various other tools/platforms. Currently, HipChat is an extremely powerful collaboration platform due to the various ChatOps integrations that are available. However, DevOps automation can involve orchestration and complex workflows. In his session at @DevOpsSummit at 20th Cloud Expo, Himanshu Chhetri, CTO at Addteq, will cover practical examples and use cases such as self-provisioning infra...
SYS-CON Events announced today that Ocean9will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Ocean9 provides cloud services for Backup, Disaster Recovery (DRaaS) and instant Innovation, and redefines enterprise infrastructure with its cloud native subscription offerings for mission critical SAP workloads.
Things are changing so quickly in IoT that it would take a wizard to predict which ecosystem will gain the most traction. In order for IoT to reach its potential, smart devices must be able to work together. Today, there are a slew of interoperability standards being promoted by big names to make this happen: HomeKit, Brillo and Alljoyn. In his session at @ThingsExpo, Adam Justice, vice president and general manager of Grid Connect, will review what happens when smart devices don’t work togethe...
Building a cross-cloud operational model can be a daunting task. Per-cloud silos are not the answer, but neither is a fully generic abstraction plane that strips out capabilities unique to a particular provider. In his session at 20th Cloud Expo, Chris Wolf, VP & Chief Technology Officer, Global Field & Industry at VMware, will discuss how successful organizations approach cloud operations and management, with insights into where operations should be centralized and when it’s best to decentraliz...