Select Page

Email security and domain reputationRetarus Protects 100,000 Email Inboxes across 7,000 Subdomains of a Professional Association in Europe

To protect around 100,000 email inboxes, the IT service provider of a large European professional association in the legal sector relies on Retarus Email Security, mastering additional challenges posed by a distributed and particularly vulnerable infrastructure. An impressive 7,000 subdomains must be rewritten to a standardized main domain and protected accordingly.

Initial situation

Statutory Regulations Create Complex Requirements

The internal IT service provider and its 400 employees support the offices of all professional association members and their numerous distributed locations, providing both communication services and email security. Their particular focus is the secure exchange of information in accordance with legal requirements, especially when it comes to communication with clients and authorities such as public administrations, banks, insurance companies, and the real estate sector. As the affiliated offices are free to choose their own local email provider, a robust and centralized solution was sought to ensure the security of the entire network. After all, due to the exceptionally heterogeneous structure, the association was facing an increased risk of cyber attacks.
Objective

Centralized Solution for Greater Efficiency and Security

The IT service provider wanted to implement a standardized and state-of-the-art cybersecurity solution to ensure a consistently high standard across the entire ecosystem moving forward. Moreover, the overarching objective was to centrally secure and efficiently manage all email traffic across all locations. The aim was to find a global solution that would also meet the specific requirements of the individual members, in particular with regard to the ability to configure granularly at the domain, location, or even user level.

As the contract with their previous security provider was about to expire, they began to search for a new, optimized solution. As part of a comprehensive selection process, the association carefully evaluated solutions from all leading cloud email security providers.

“This project demonstrates once again that Retarus provides answers to problems that traditional email security providers can’t. From challenges in distributed, complex infrastructures through to compliance with the strictest data protection requirements.”

Alyn Hockey, Head of Product Management Email, Retarus

Approach

A Holistic View of Inbound and Outbound Traffic

The main requirement was to ensure all email traffic was managed and secure — both inbound and outbound. The latter was particularly important because, due to regulatory requirements, all offices would use the same domain to communicate with the outside world moving forward. This meant that the individual email addresses of each of the professional association’s members had to be automatically rewritten to the same domain without making cumbersome changes to the local infrastructures. As a result, the new main domain’s reputation had to be optimally protected and the outbound email traffic had to be monitored and managed accordingly.

Above all, by implementing a cloud-based gateway solution, the association wanted to benefit from state-of-the-art security technologies and the highest detection rates at all times, regardless of the email technology in use. Be it locally operated MS Exchange servers or cloud services such as Microsoft 365. In addition to anti-virus and anti-spam algorithms as well as AI-based sandboxing, comprehensive filtering would provide protection against new types of malware and phishing attacks. Another requirement was the ability to integrate up to 30 percent more inboxes. In terms of email volume, excellent performance was also key: The new provider had to be able to handle more than one million emails a day with ease.

Retarus Product in Use

Specific challenges

“Address Rewriting” and Adequate Data Protection

During proof of concept, it became increasingly clear that Retarus was the only provider able to cope with the complexity and specific compliance challenges of the project. In particular, neither the email security vendors nor Microsoft as the email provider, were able to deliver the required domain rewriting as needed. The challenge was that several domains had to be managed, while Microsoft 365 only allows one instance (tenant) per domain.

In addition, project managers preferred a provider that could guarantee data sovereignty. And not only one with purely European data centers, but also one with legal headquarters in the EU. The association felt that this was the only way to meet all requirements and adequately protect sensitive data belonging to the affiliated offices and locations.

Another decisive criterion was that service pricing should be as transparent as possible. The internal IT service provider liked the ability to offer customers security solutions with a simple and common pricing scheme based on billing per mailbox.

Advantages

Control and Transparency Throughout the Entire Infrastructure

Choosing Retarus and its Secure Email Gateway has numerous advantages. All email traffic can be centrally monitored, regardless of the size or geographical location of the individual member locations.

myEAS, Retarus’ central administration portal, offers the internal IT service provider a transparent and data protection-compliant view of all email activities. This is particularly important given the sensitive nature of the data transmitted and the strict regulatory requirements.

During the implementation phase, Retarus stood out with its valuable personal expertise and support. The team of experts was aware of the complex requirements and was able to successfully address them step by step throughout the project in close coordination with the customer. An SLA with complex service level objectives and an efficient service management ensure that important support requests are always prioritized and processed quickly, even while systems are running.

Another plus: Retarus’ experience in effectively managing complex multi-domain projects and skill in offering numerous customized outbound filters and functionalities. This not only has increased the security of the messages sent, but also has improved the efficiency and reputation of the professional association. Retarus also provides ongoing support for the creation of new domains with its in-depth knowledge of reputation management, particularly with regard to standards such as DKIM, DMARC, and SPF.

Key Facts

  • Inbound AntiSpam & AntiVirus
  • Outbound filters and rules
  • Domain reputation
  • DKIM, SPF, & DMARC management
  • 100% European solution
  • Compliance in highly sensitive environment
  • Solution for complex requirements
Conclusion

Long-Term Partner with Growth Potential

Retarus Email Security not only earned the trust of the IT service provider itself, but also the approval of the responsible state supervisory authorities, and ultimately successfully won out over the three remaining main competitors. With this project, Retarus has further strengthened its position as the leading provider for the centralization of communication services in regulated sectors. Retarus will continue to work closely with its partner and offer innovative solutions to jointly set new standards in security and efficiency in email communication.

The IT service provider of the professional association can now ensure the security of both the main domain and all other individual domains with a single solution. In the final phase of the project, approximately 10,000 different subdomains are expected to be protected. The project to rewrite addresses is moving forward while at the same time, the legitimacy and security of all messages sent via the single main domain is ensured.

We Are Here for You!

Do you have questions about Retarus, our products and services, or wish to receive further information? Your personal sales representative will assist you with any inquiries. Please contact us!