Covanta Enhances Email Security with Bolster’s Domain Protection
“It’s a constant battle when it comes to phishing. We get malicious emails and need to think ahead about how we want to protect against them.”
Senior Manager IT Security and Risk Management
Covanta is a leader in sustainable materials management providing environmental solutions to businesses and communities. Through its network of facilities and state-of-the-art services, Covanta is a single-source partner in solving today's most complex environmental challenges. Each year, Covanta diverts more than 20 million tons of waste from landfills, produces enough green energy to power a million homes, and recycles over 100 million gallons of water and more than 550,000 tons of metal. Headquartered in Morristown, New Jersey, Covanta is a privately held company with more than 4,000 employees.
“We were notified of a fraudulent job post, which ended up being a scheme to get victims to pay money as part of their onboarding. The perpetrator had even created a fake CaptivateIQ domain.”
Every month, Covanta issues a phishing awareness training to their employees to ensure that the company stays vigilant about potential phishing threats. Phishing is a concern for the organization and being proactive about phishing threats is core to the Covanta security strategy. Covanta chose Bolster to harden their email security strategy by feeding all potentially malicious domains into their Office 365. Because Covanta’s ecosystem of partners and vendors leverage each other’s logo for legitimacy, tracking how these logos are used across the open web was critical to protecting their employees from being duped by attackers. When emails are being sent via relay through a legitimate domain, Bolster’s patented detection capabilities that are run in a headless browser can see up to 32 redirects to the final URL destination. Bolster’s detection capabilities that can counter relay attacks and find potentially malicious sites has been a needed addendum to Covanta’s email security.
“When suspicious domains come up on our Bolster reporting, we add those domains to our Office 365 portal and block email from those same domains.”
Automating the workflow between the detection of suspicious domains to integrating them into the Office 365 platform has been mission critical to Covanta’s security strategy. The organization has invested heavily into the Microsoft suite and needed to ensure that they optimized security capabilities on the platform. Bolster was able to give Covanta both the email security workflow and the easy reporting that they were looking for. Each month, Covanta can see Bolster data on the various domains that were detected and being added to the Office 365 email solution. The automated reporting is simple and give Covanta the visibility they need into the efficacy of their anti-phishing strategy.
“I like the fact that Bolster is automated and has reports that are ready out of the box. Bolster’s reports tell you what’s going on and if there is anything that I should be concerned about.”
Currently, Covanta is leveraging Bolster to enhance their email security capabilities so that employees do not fall prey to phishing attacks. Looking into the future, Covanta is considering implementing domain management to be more proactive about the possible typo squat variants of their domain to prevent attackers from registering certain URLs. Domain protection is simply the beginning of Covanta’s journey with Bolster, and they are excited to see all the possible ways Bolster can help protect their ecosystem of employees, partners, and contractors.
“Bolster is very good, domain security is a real thing and with Bolster, it definitely opened our eyes to anything that comes up [….] Now we know how much [the attackers] can do with certain information and simply track registered domains mimicking our brand.”