Epsilon Outlines Post-Breach Security Plans
Working with Verizon Business, marketing firm launches new secure services
Three months after disclosing a security breach that affected dozens of companies and millions of customers, email marketing firm Epsilon today unveiled plans for shoring up the security of its systems and rolled out several new secure services.
Working with Verizon Business, Epsilon launched a custom cloud-based service that provides a "significant improvement over conventional methods of breach detection," according to a statement.
Epsilon said it will use Verizon’s ability to track malicious IP addresses to identify and mitigate "electronic crimes in motion" in a way that has not been possible until now. In addition, Epsilon said it is restricting access to its email platform, both inbound and outbound, to white-listed IP addresses.
Epsilon also said it will extend two-factor authentication, currently in place for employees, to all of its clients by the end of the third quarter. The statement does not say what form of two-factor authentication it will use.
Separately, Epsilon said it is working with top Internet service providers (ISPs) to building an anti-phishing strategy that includes "developing an open, rapid communication channel between marketers and ISPs, methods to easily differentiate legitimate communications from fraudulent ones, and a way to monitor brand abuse across email domains."
The anti-phishing solution, currently in development, is anticipated for presentation and release to clients in the fourth quarter, the statement said.
“We have already made significant progress to bolster security measures and remain focused on creating a more secure environment using the most sophisticated resources available in order to protect our clients and their customers from cyber attacks,” said Bryan Kennedy, president and CEO of Epsilon, in the statement.
Epsilon is using Verizon Business services to establish a baseline for normal network behavior, according to Verizon. "With that baseline in place, the company now is alerted by Verizon to incidents that are not normal, and receives near real-time notification of other indicators of behaviors of an attack." This approach eliminates the need to analyze thousands of lines of log data, Verizon said in a separate statement.
Have a comment on this story? Please click "Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author(s)
You May Also Like
Why Effective Asset Management is Critical to Enterprise Cybersecurity
May 21, 2024Finding Your Way on the Path to Zero Trust
May 22, 2024Extending Access Management: Securing Access for all Identities, Devices, and Applications
June 4, 2024Assessing Software Supply Chain Risk
June 6, 2024Preventing Attackers From Wandering Through Your Enterprise Infrastructure
June 19, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024