Imagine you are networking at a cocktail party. While there, you find out that someone at the party is handing out business cards with your name and company logo on them. You have no clue who this person is or what their intentions are. Are they maliciously trying to ruin your reputation or is this some kind of awkward misunderstanding? Luckily, in real life, you could just walk up, confront the individual and find out what’s going on. When the same thing happens online with your company’s email domain, it’s not always as easy to figure out that it’s happening and what to do about it.
Many companies assume that they are the sole users of their own email domain for corporate, marketing and transactional communication – this is almost never the case. There are four main groups of senders that generally use (or abuse) your company’s email domain: your employees & applications using your own email infrastructure, your contracted 3rd party services, benign “forwarders” and, of course, malicious cybercriminals. Do you know how many of each is sending email on your company’s behalf? Do you know what they are saying using your brand and identity? How many of these senders are legitimate and how many are malicious? The answers may surprise you.
True visibility into your email channel is important no matter the size of your company. Whether your company is a Fortune 500 or a scrappy start up, the fact is that when you have different people and departments within the company acting autonomously, you will pretty quickly lose sight of services that are using your domain. In the cocktail party that is the Internet, it’s good to know who’s going around handing out a virtual business card with your company’s logo.
Later this week we will kick off our series on “The Four Types of Senders” starting with the group you might think is the easiest and most likely to be legitimate- the people and services sending from within your corporate infrastructure.