Welcome!

News Feed Item

Study Shows 75% of Large Enterprises That Attempt Email Authentication Fail, Leaving Internet's Top Global Domains Vulnerable

First-ever examination of S&P 500, Nasdaq 100, FTSE 100, and Alexa 1 million reveals majority of top businesses are at risk for data breaches and compliance lapses, regardless of company resources.

SAN FRANCISCO, Dec. 1, 2016 /PRNewswire/ -- ValiMail, the leader in automated email authentication, today released research indicating that most of the world's largest businesses fail at attempts to use open industry standards to control which email is sent using their names. The report reveals that three quarters of large businesses attempting implementation of the DMARC email authentication standard are not presently capable of using it to block unauthorized email, to the detriment of their own security, compliance, and brand protection.

435395LOGO

ValiMail performed a wide-ranging examination of email authentication policies for more than one million business domain names, including those for the S&P 500, Fortune 1000, NASDAQ 100, and FTSE 100. These policies are published using a specific syntax in DNS records so that receiving mailboxes can determine which messages are authorized and which are not.

"Our investigation showed that using email authentication to monitor and control unauthorized email is extremely difficult for the majority of global companies," said ValiMail CEO Alexander García-Tobar. "You might expect larger businesses with more resources to do a better job of governing the email going out under their names, but we found that most of them still miss the mark."

The study revealed that large enterprises are considerably more likely to attempt email authentication but that their success rate at managing and enforcing these complex open standards is nearly identical to far smaller, less-capitalized companies.

Email authentication is a foundational element in controlling how a company's identity is used online and protecting it from misuse. Problems stemming from unauthorized email include "Shadow IT" services inside the enterprise, brand damage from phishing, and the advanced attacks responsible for the vast majority of today's major security breaches.

ValiMail's study reveals large gaps in how corporations manage their online identities in email. Study highlights include:

  • Among companies attempting to implement email authentication, nearly 75% have not gotten all the way to enforcement.
  • The percentage of sites attempting email authentication varies directly with size. The NASDAQ 100 lead the way with 43% attempting authentication. Smaller companies are decreasingly likely to do so.
  • However, the likelihood of failure is remarkably consistent across all measured groups, regardless of size. The failure rate ranges from 62% to 80%, with most indexes clustering right around 75%.

Attempted authentication (of total)

Successfully protected (of total)

Protection failure rate (of those attempting authentication)

NASDAQ 100

43.0%

12.0%

72.1%

FTSE 100

25.0%

5.0%

80.0%

S&P 500

23.8%

6.1%

74.4%

Fortune 1000

16.2%

3.8%

76.5%

Alexa 10,000

14.2%

5.3%

62.3%

Alexa 100,000

5.9%

1.7%

71.1%

Alexa 1 million

2.3%

0.6%

74.6%

ValiMail analyzed the Domain Name System (DNS) records for every company in the Alexa 1 Million, the Fortune 1000, the Nasdaq 100, the S&P 500, and the UK's FTSE 100. By examining the record in DNS for each domain regarding DMARC (Domain-based Message Authentication, Reporting & Conformance), ValiMail was able to determine which businesses actively authenticated emails attempting to use their domain names.

ValiMail further determined which companies were performing this authentication correctly and which had failed to protect their domains. If a company fails at DMARC authentication, then unauthorized parties can use its domain names in email with impunity. That might be employees improperly sending email from cloud services or phishing attacks that can easily lead to data breaches.

"These results illustrate the difficulty in implementing email authentication correctly," said García-Tobar. "Though the DMARC, SPF, and DKIM standards that enable email authentication are highly effective when done right, they're poorly understood, counterintuitive, and syntactically exacting. That leaves industry with the very high failure rate measured in our research."

ValiMail provides a free domain check tool indicating whether a domain is authenticating properly and how exposed it is to phishing attacks and other misuse.

ABOUT VALIMAIL

ValiMail, the world's first provider of Email Authentication as a Service™, enables automated email authentication for 2.7 billion email inboxes globally. Using the DMARC, SPF, and DKIM protocols, ValiMail gives enterprises full visibility and control over who sends messages using their domains, eliminates phishing impersonation attacks, and improves email deliverability. For more information visit www.ValiMail.com.

Logo - http://photos.prnewswire.com/prnh/20161102/435395LOGO

To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/study-shows-75-of-large-enterprises-that-attempt-email-authentication-fail-leaving-internets-top-global-domains-vulnerable-300371175.html

SOURCE ValiMail

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
In a recent survey, Sumo Logic surveyed 1,500 customers who employ cloud services such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). According to the survey, a quarter of the respondents have already deployed Docker containers and nearly as many (23 percent) are employing the AWS Lambda serverless computing framework. It’s clear: serverless is here to stay. The adoption does come with some needed changes, within both application development and operations. Tha...
As many know, the first generation of Cloud Management Platform (CMP) solutions were designed for managing virtual infrastructure (IaaS) and traditional applications. But that's no longer enough to satisfy evolving and complex business requirements. In his session at 21st Cloud Expo, Scott Davis, Embotics CTO, explored how next-generation CMPs ensure organizations can manage cloud-native and microservice-based application architectures, while also facilitating agile DevOps methodology. He expla...
Product connectivity goes hand and hand these days with increased use of personal data. New IoT devices are becoming more personalized than ever before. In his session at 22nd Cloud Expo | DXWorld Expo, Nicolas Fierro, CEO of MIMIR Blockchain Solutions, will discuss how in order to protect your data and privacy, IoT applications need to embrace Blockchain technology for a new level of product security never before seen - or needed.
Recently, REAN Cloud built a digital concierge for a North Carolina hospital that had observed that most patient call button questions were repetitive. In addition, the paper-based process used to measure patient health metrics was laborious, not in real-time and sometimes error-prone. In their session at 21st Cloud Expo, Sean Finnerty, Executive Director, Practice Lead, Health Care & Life Science at REAN Cloud, and Dr. S.P.T. Krishnan, Principal Architect at REAN Cloud, discussed how they built...
Sanjeev Sharma Joins June 5-7, 2018 @DevOpsSummit at @Cloud Expo New York Faculty. Sanjeev Sharma is an internationally known DevOps and Cloud Transformation thought leader, technology executive, and author. Sanjeev's industry experience includes tenures as CTO, Technical Sales leader, and Cloud Architect leader. As an IBM Distinguished Engineer, Sanjeev is recognized at the highest levels of IBM's core of technical leaders.
Digital transformation is about embracing digital technologies into a company's culture to better connect with its customers, automate processes, create better tools, enter new markets, etc. Such a transformation requires continuous orchestration across teams and an environment based on open collaboration and daily experiments. In his session at 21st Cloud Expo, Alex Casalboni, Technical (Cloud) Evangelist at Cloud Academy, explored and discussed the most urgent unsolved challenges to achieve f...
Nordstrom is transforming the way that they do business and the cloud is the key to enabling speed and hyper personalized customer experiences. In his session at 21st Cloud Expo, Ken Schow, VP of Engineering at Nordstrom, discussed some of the key learnings and common pitfalls of large enterprises moving to the cloud. This includes strategies around choosing a cloud provider(s), architecture, and lessons learned. In addition, he covered some of the best practices for structured team migration an...
Recently, WebRTC has a lot of eyes from market. The use cases of WebRTC are expanding - video chat, online education, online health care etc. Not only for human-to-human communication, but also IoT use cases such as machine to human use cases can be seen recently. One of the typical use-case is remote camera monitoring. With WebRTC, people can have interoperability and flexibility for deploying monitoring service. However, the benefit of WebRTC for IoT is not only its convenience and interopera...
"WineSOFT is a software company making proxy server software, which is widely used in the telecommunication industry or the content delivery networks or e-commerce," explained Jonathan Ahn, COO of WineSOFT, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Events announced today that Synametrics Technologies will exhibit at SYS-CON's 22nd International Cloud Expo®, which will take place on June 5-7, 2018, at the Javits Center in New York, NY. Synametrics Technologies is a privately held company based in Plainsboro, New Jersey that has been providing solutions for the developer community since 1997. Based on the success of its initial product offerings such as WinSQL, Xeams, SynaMan and Syncrify, Synametrics continues to create and hone inn...
There is a huge demand for responsive, real-time mobile and web experiences, but current architectural patterns do not easily accommodate applications that respond to events in real time. Common solutions using message queues or HTTP long-polling quickly lead to resiliency, scalability and development velocity challenges. In his session at 21st Cloud Expo, Ryland Degnan, a Senior Software Engineer on the Netflix Edge Platform team, will discuss how by leveraging a reactive stream-based protocol,...
Modern software design has fundamentally changed how we manage applications, causing many to turn to containers as the new virtual machine for resource management. As container adoption grows beyond stateless applications to stateful workloads, the need for persistent storage is foundational - something customers routinely cite as a top pain point. In his session at @DevOpsSummit at 21st Cloud Expo, Bill Borsari, Head of Systems Engineering at Datera, explored how organizations can reap the bene...
The past few years have brought a sea change in the way applications are architected, developed, and consumed—increasing both the complexity of testing and the business impact of software failures. How can software testing professionals keep pace with modern application delivery, given the trends that impact both architectures (cloud, microservices, and APIs) and processes (DevOps, agile, and continuous delivery)? This is where continuous testing comes in. D
The dynamic nature of the cloud means that change is a constant when it comes to modern cloud-based infrastructure. Delivering modern applications to end users, therefore, is a constantly shifting challenge. Delivery automation helps IT Ops teams ensure that apps are providing an optimal end user experience over hybrid-cloud and multi-cloud environments, no matter what the current state of the infrastructure is. To employ a delivery automation strategy that reflects your business rules, making r...
Most technology leaders, contemporary and from the hardware era, are reshaping their businesses to do software. They hope to capture value from emerging technologies such as IoT, SDN, and AI. Ultimately, irrespective of the vertical, it is about deriving value from independent software applications participating in an ecosystem as one comprehensive solution. In his session at @ThingsExpo, Kausik Sridhar, founder and CTO of Pulzze Systems, discussed how given the magnitude of today's application ...