Securing and safeguarding Bidvest’s employees, customers and partners from email phishing, spoofing and impersonation attacks

With the rise of impersonation and phishing attacks, Bidvest Services needed to take every measure to ensure our employees, customers and supply chains were protected from cybercriminals.

Gareth Burmeister
Chief Financial Officer - Bidvest FM Cluster

Business-to-business services, trading and distribution group

9.2bn

Revenue in ZAR

132k

Employees

25

Companies

300k

Customers

Operations in the areas of:
  • Consumer
  • Pharmaceutical and industrial products
  • Financial Services
  • Freight Management
  • Office & Print Solutions
  • Outsourced hard & soft services
  • Travel services
  • Automotive retailing

 

Listed on the JSE,South Africa. Trading on 4 continents

Cyber criminals are becoming increasingly adept at sending emails from any email address, using the brand name of any company they pick and with all the correct styling, making it virtually impossible for receivers to spot the fraudster.

The security and safeguarding of Bidvest stakeholders and the brand is a priority for the company, and “significant attention has been given to the identification and management of cyber security risks” across the Group’s 25 companies.

Stopping the fraudulent use of Bidvest’s brand identity, the impersonation of employees, and the cloning of its website was identified as a risk at Bidvest. To ensure that the highest security standards for email security and safeguarding were in place across its entire email environment, the company brought in Sendmarc and its implementation partners Executive Solutions, BUI and Cube IT.

Bidvest’s email real estate is vast with 140 registered names, 85 of which are actively in use. Each year over 132,000 employees on four continents send over 15 million emails bearing a registered Bidvest name, and over 300,000 customers receive email from the company annually.

Bidvest’s Requirements

header-image-card-bg

Fast & efficient implementation

The security and safeguarding of Bidvest’s large cyber real estate and extensive stakeholder groups was identified as a priority.

header-image-card-bg

Technical capability and qualifications

Email is the Group’s most used business communication tool, and the highest security standards and protocols needed to be implemented.

header-image-card-bg

Expertise, experience, dedication

Criticality of ensuring the Group’s email environment is protected from fraudulent
use. Ensuring employees, customers and partners can be confident that emails with a Bidvest company name are the real thing required specialist skills in this area.

We chose Sendmarc, an experienced security services provider, and managed services provider Executive Solutions to ensure timeous and cost-effective DMARC compliance across all our domains.

Gareth Burmeister
Chief Financial Officer - Bidvest FM Cluster

Complexities of the Bidvest’s environment

  • Diversified group with multiple stakeholders
  • Hundred of active and dormant domains and subdomain names
  • Limited to zero visibility of their email ecosystems
  • Breadth of orchestration and coordination required across all group companies
  • Significant number of third- party email service providers sending emails on behalf of group companies
  • Multiple levels of email security across the group and inconsistent application of SPF and DKIM protocols

Technical Solution

DMARC: Domain-based Messaging Authentication, Reporting and Compliance

Implementation

SENDMARC + ES + BUI + CUBE IT

Results achieved with Sendmarc solutions

  • 85 active domains now at the highest compliance standard: P=Reject
  • 15 million emails sent annually authenticated as the real thing with all others rejected
  • Environments secured and safeguarded (P=reject) within 90 days
  • Full visibility of entire email environment (active and inactive domains)
  • Employees, customers and partners protection from brand name abuse
  • Reporting and IT dashboards providing real time view for real-time action and prevention
  • Training for IT team to ensure familiarity with Sendmarc’s platform
  • Lower costs and reduced time to implementation compared to other providers due to Sendmarc platform and automation
  • Email environment derisked and fully compliant with highest protocols
  • Automation and intelligence maintaining P=reject status
  • Proactive management of environment
  • Reputation of Bidvest group protected from email fraud
  • mail-share