Client Story: BCMC Global.

When Gene Brown started BCMC Global a few years ago, he had a vision of being able to connect businesses internationally with event sponsors to identify the best opportunities available for their marketing efforts. With decades of worldwide sales and event planning experience, and former leadership roles at Gartner and WTG Events, Brown was able to capitalize on this unique idea of assessing global event opportunities, make the difficult decisions for his clients, and position them best to reach their desired audience. 

To be most effective, Brown and his team turned to Microsoft 365 email as the primary means of communicating with clients and conducting business in this worldwide market. Managing millions of pounds worth of B2B media and event buys for his clients throughout Europe, it was also very important to him that his email communications were as secure as possible.

The magnitude of the risk to his clients and his own business became apparent when one of his clients received an email purporting to be from him, just as they were discussing payment for their next media spend. The intruder had compromised his client’s network, and was monitoring their discussions for months. Several key domain security features were not configured properly for BCMC Global that allowed this attack to occur, and the intruder capitalized on that.

“We’ve seen a dramatic increase in impersonation attacks over the last twelve months. They’re more sophisticated now than ever before, and virtually indistinguishable from an email originating from the actual sender,” Brown told us. “Relying on the default security provided by Microsoft 365 for these more sophisticated attacks proved to be inadequate, and was costing us the trust of our clients.”

CEO Fraud is a type of business email compromise (BEC) scam where the attacker positions themselves as a CEO or executive and attempts to trick people into acting on the criminal’s behalf. They’re especially difficult to stop because they don’t rely on an attachment or malicious link, but instead use social engineering, where the attacker attempts to ingratiate themselves with the recipient to do their bidding.

“This stealthy attack threatened our sensitive data and hard-earned reputation, and we determined that we couldn’t afford to wait any longer to secure Microsoft 365 email with reputable supplementary cloud email protection,” writes Brown.

After carefully weighing their options, Brown and his company recently partnered with Guardian Digital in securing their business email against the most advanced cyber threats, including BEC scams, which the FBI has stated is the most significant cyber threat businesses face today.

Because of the rapid growth that Brown and his company were experiencing, the company needed an adaptive, scalable solution that could grow and evolve with it and its expanding client base. After thoroughly evaluating their options, implementing Guardian Digital EnGarde Cloud Email Security stood out as the logical decision. EnGarde is a flexible, cloud-based security platform designed specifically to fill the critical voids in built-in Microsoft 365 email protection with advanced phishing, malware and account takeover protection, coupled with the expert, ongoing system monitoring, maintenance and support required for the rapid detection and elimination of potential security threats in Microsoft 365.

By implementing Guardian Digital EnGarde Cloud Email Security, Gene Brown has been able to maintain BCMC Global’s hard-earned client trust and experience the invaluable peace of mind that their users and key business assets are safe from the damaging, costly cyberattacks and breaches that are rampant in Microsoft 365.

Now I can rest easy without C-level colleagues reporting real or perceived attacks. With real-time insights provided by the EnGarde Cloud Email Security Dashboard coupled with the ongoing personalized attention we receive from Guardian Digital security experts, we have gained visibility into domain settings across the organization, enabling us to ensure the integrity of our email communications. We have also seen better results in our content search capabilities for compliance working with Guardian Digital.

- Gene Brown, CEO, BCMC Global

Brown chose to migrate BCMC Global’s business email to Microsoft 365 for the flexibility, availability and cost-efficiency that the immensely popular cloud platform offered. However, Brown and his team quickly discovered that the convenience of using Microsoft 365 did not come without risk. After experiencing a CEO fraud attack firsthand, BCMC Global executives immediately determined that superior email protection was needed to safeguard the company’s critical data and brand image in Microsoft 365. BCMC Global Director of Operations Tagho Avwunu explains, “We recognized that without effective supplementary email protection in place, credential phishing, account takeovers and ransomware are serious threats we face daily, and we weren’t willing to take the risk of suffering the severe, lasting consequences of an attack.” And BCMC Global is far from alone in this realization - 85% of Microsoft 365 users have experienced a data breach over the past year. This statistic can largely be attributed to the critical security gaps that exist in the static, single-layered native email protection provided by Microsoft Exchange Online Protection (EOP) in Microsoft 365. 

Gene Brown recognized that more was needed to defend against dangerous credential phishing attacks and account takeovers in Microsoft 365, and began searching for a supplementary solution that would address the shortcomings in built-in Microsoft 365 email security to protect against future cyberattacks and data breach - over 90% of which are initiated via email - and set the company up to experience safety, operational efficiency and continued growth in the coming years.

One of Brown’s key concerns was the amount of time he previously had to invest in building and maintaining his Microsoft 365 infrastructure for his users. Like many companies, BCMC Global was unaware that not only had it become such a significant target for email attacks, but that they lacked the proper domain security to protect their brand from impersonation attacks.

When BCMC Global transitioned from their previous provider and turned to Guardian Digital, they expected to find some malicious emails being blocked that weren’t previously, but they were shocked when they viewed their Guardian Digital dashboard to see the volume of surreptitious attacks against all levels throughout the organization.

Guardian Digital created multiple layers of intelligent protection to secure BCMC Global. Enabling SPF, DKIM, and DMARC allowed them to take back control of their domain and protect them from brand impersonation attacks. DMARC discovered thousands of IP addresses were sending mail as BCMC Global staff using unauthorized servers. The domain changes that were made put an immediate end to these emails, making it much more difficult for cyber thieves to impersonate senior staff and others across the company.

“We had no idea our brand could be attacked in this way and to this magnitude. Guardian Digital’s security experts took over the entire process so I could focus on growing my business. I felt comfortable with them, as they managed our entire email infrastructure, including our Microsoft 365 tenant, DNS settings, and migration from our old system,” exclaimed Brown.

Guardian Digital’s hand-on, personalized approach to providing support and service meant that virtually all malware was blocked, the BCMC Global brand was fully protected against domain spoofing, and Gene Brown was able to focus on aspects of his business besides email security.

After implementing Guardian Digital EnGarde Cloud Email Security, BCMC Global no longer had to worry about the danger and disruption that malicious and fraudulent mail posed to its users and assets daily in Microsoft 365. BCMC Global CEO Gene Brown proclaims, “One of the biggest benefits of Guardian Digital and their EnGarde cloud email security solution is the comprehensive, adaptive supplementary protection in Microsoft 365. We no longer have to worry about malicious mail making it into our users’ inboxes, or the impact of false positives on our business and the anxiety it caused. It’s a huge weight off our shoulders!”

Gene Brown sought to reap the benefits of Microsoft 365 for his business without sacrificing security, and quickly recognized that proactive supplementary cloud email protection was necessary in order to do so. EnGarde is highly adaptive and designed specifically to close critical security gaps in Microsoft 365 email protection. After implementing EnGarde, Brown and his team experienced enhanced security in Microsoft 365, improved operational efficiency, and invaluable peace of mind that their users, sensitive client data and hard-earned reputation were safe from the most targeted and sophisticated modern cyber threats. Brown attests, “Now I can rest easy without C-level colleagues reporting real or perceived attacks. With real-time insights provided by the EnGarde Cloud Email Security Dashboard coupled with the ongoing personalized attention we receive from Guardian Digital security experts, we have gained visibility into domain settings across the organization, enabling us to ensure the integrity of our email communications. We have also seen better results in our content search capabilities for compliance working with Guardian Digital.”