Leveraging DMARC as a Key
Component of a Comprehensive
Fraud Program
Summary:
Fraudulent messages and orchestrated attacks have eroded trust in email
as a communications medium to such an extent that it is nearly impossible
for major financial institutions, retailers and marketers to authentically
reach their customers. Fortunately, the DMARC draft specification,
created by a group of leading email providers, shows great promise for
securing email channels, reducing the amount of spoofed email that gets
received and improving threat intelligence and visibility around targeted
attacks. This white paper explains the DMARC draft specification, and how
to leverage it to reduce phishing attacks and strengthen customer trust in
your email communication.
<
Table of Contents
1
2
3
4
5
6
Why Email is Worth Saving
Email as a global communications medium has become so polluted that companies and individuals
are moving to other channels such as social media to regain the ability to have a trusted
conversation. But email is worth saving because it is still the most efficient and effective way to
communicate with customers and other businesses.
An Introduction to DMARC
While email authentication is not a new idea, DMARC is a technical specification that has been
developed by leading email providers to deliver an Internet-scale, federated policy, authentication,
and enforcement framework for trusted email delivery. As such, it has the potential to transform
email security as we know it.
Why DMARC Matters, and Who Can Benefit
DMARC's rapid and widespread adoption is finally standardizing efforts to verify that emails are
actually from who they say they're from. This has positive implications for any organization that
seeks to securely correspond and interact with their customers, which is to say, all organizations.
Challenges with Standalone DMARC Solutions
DMARC is a huge step forward for message authentication, but there are other email security issues
that DMARC doesn't address. Standalone DMARC solutions are often inefficient, incomplete and
expensive, since they only solve a portion of the fraud problems plaguing the email channel. A much
more comprehensive anti-fraud strategy is necessary to protect your brand and customers.
DMARC Compass ™ with Detect Monitoring Service: Compliance and
Attack Takedown
DMARC Compass from Easy Solutions directly integrates DMARC reporting data to quantify email
abuse, facilitate attack deactivation, and to protect users. When combined with Detect Monitoring
Service (DMS), your organization receives phishing attack takedowns, compromised card
monitoring, brand intelligence and much more to give you a truly comprehensive anti-phishing and
fraud protection solution.
About Easy Solutions
Easy Solutions is the only security vendor focused on the comprehensive detection and prevention
of electronic fraud across all devices, channels and clouds.
2
Why Email is Worth Saving
1
Phishing attacks are wearing away trust in the email channel
as a means to communicate with customers, and are often
at the root of major data breaches. To cite just one example,
the Target breach was set in motion by a phishing attack
launched against a third-party vendor that worked with
Target, starting the chain of events that led to the theft of
the credit cards and personal information of 110 million
customers. And that's just the beginning of the problem;
100 billion spam e-mails are sent around the world every
day,1 resulting in over 2 billion dollars a year in losses due to
phishing attacks.2
Email as a means to correspond globally has become so
corrupted that organizations are starting to move their
communications to other channels like social media, in the
hopes that they can once again regain the ability to have a
trusted conversation. This just opens up a new set of risks
and privacy concerns. In fact, we are already seeing phishing attacks being launched through social media and mobile applications.
Cybercriminals will always try attacks wherever potential victims might be lurking. Changing the communications channel only
briefly postpones the new wave of attacks.
So let's not declare that using email to communicate with customers and other businesses is dead just yet. Email is an overlooked
hero of the global economy, a medium of communication that may not be glamorous but remains the best way to stay in contact.
Facebook, Snapchat, Whatsapp, and other supposed email replacements are simply not adequate substitutes for personal
business-to-customer communication and sensitive peer-to-peer messaging, let alone robust, secure communication between
businesses. Email is worth saving and protecting because it remains the best way for companies to communicate with clients and
other businesses.
But something effective must still be done to stop phishing; over 120,000 phishing attacks were launched in the first half of 2014
alone.3 The Anti-Phishing Working Group reported that unique phishing attacks are launching at the highest level in five years, even
with all of the varied security solutions that are available purporting to solve this problem.
Emerging standards of email authentication and encryption offer the best hope yet for making email communication more secure.
These are not new ideas, but the problem with most forms of email authentication that have been developed up until now is that
they depend on non-technically savvy end users to make those systems function and keep them working. A system that has a
chance of succeeding has to be intuitive or most email senders and receivers just won't use it.
Fortunately, an Internet-scale, federated policy, authentication and enforcement framework for trusted email delivery is already
available, and the skeleton of this system is already deployed and supported by the biggest email receivers on the planet. It's called
DMARC, and it has the potential to greatly reduce the phishing attacks plaguing the email channel.
¹ http://www.esecurityplanet.com/network-security/almost-100-billion-spam-e-mails-sent-daily-in-q1-2013.html
² http://www.mcafee.com/sg/resources/reports/rp-economic-impact-cybercrime.pdf
³ http://www.cbsnews.com/news/apple-users-targeted-in-phishing-scams/
3
An Introduction to DMARC
2
DMARC stands for Domain-based Message Authentication, Reporting & Conformance, and it is an emerging email delivery standard
that improves trust between email senders and receivers while also providing unparalleled external email visibility. DMARC was
developed by a group of primary email receivers such as Gmail, Hotmail, Yahoo and others in an effort to restore trust to the email
sender/receiver relationship by reducing email threats such as phishing, brand impersonation and email-delivered malware. DMARC
relies on senders to provide a method for authenticating messages, and for receivers to check this authentication and follow a specific
enforcement policy provided by the sender to accept, quarantine or reject each message. All of this is done in a completely invisible way
to the people on either end.
DMARC relies on two other standards, SPF (Sender Policy
Framework) and DKIM (DomainKeys Identified Mail), to allow
senders to sign their outbound email and announce authorized
email servers on each domain. SPF is an open standard that
prevents the impersonation of email senders through a record
placed on a sender's domain's public DNS servers. Receiving mail
exchangers can check that incoming mail being sent from a host
authorized by the domain's administrators, and decide what to do
with those messages that fail SPF validation. This standard lowers
spam and messages with forged sender addresses, because those
kinds of illegitimate messages will get caught in spam filters that
check the SPF record. In this way, an SPF-protected domain is less
likely to be blacklisted by a spam filter and legitimate messages from
that domain are more likely to get through.
4
2
An Introduction to DMARC
DKIM is just like SPF, in that its purpose is to allow email senders and receivers to verify the authenticity of a message. But in the case of
DKIM, every email sent from a legitimate mail server includes a digital signature in the header. This digital signature can then be
validated by the recipient through use of the signer's public key in their DNS record. While SPF validates a message's envelope (i.e. the
SMTP bounce address or the header that says who a message is from), DKIM signs a message's contents, including the headers. SPF
validates the sender's address compared to the source server, and publishes a record that authorizes the IP addresses that are
permitted to send on behalf of a domain, while DKIM validates the message header and body through cryptography. Essentially,
DMARC leverages both of these widely used mechanisms to create a transparent handshake between the email and sender via
DMARC policy records presented as DNS TXT records. If a received email fails both DKIM and SPF under a DMARC policy, the sender
will then be asked what to do with the mail (accept, quarantine or reject it).
In addition to unifying policy around SPF and DKIM, DMARC
also provides visibility into the email channel, so that
organizations can see what attacks are being launched and
assess fraud patterns. DMARC-compliant mailbox providers
give feedback about every message that can't be authenticated
in the form of two different reports: Aggregate (RUA) and
Failure (RUF) reports. The RUA report contains consolidated
Number of email messages spoofing PayPal that were rejected
information about all emails processed by destination servers,
during the 2013 holiday buying season thanks to DMARC
arriving in an XML format, usually within a zip file. RUA reports
monitoring.
include information about the IP address of the sending server,
the sender domain, the number of sent messages, whether
the messages passed DKIM and SPF policies, and what action
was taken with the message after it passed or failed. The RUF is only sent after a failed email is detected, with detailed information
about the message including the contents of the body of the email and the phishing domains its links contain, in an .msg attachment.
RUA reports are always sent, but some email providers decide not to send RUF reports. These two reports provide visibility into the
current health of your email channel.
25,000,000
RUA- Report s
Fraudulent email:
Genuine email:
The DMARC standard has remarkable promise, because when it is fully standardized and globally deployed, it can fix a fundamental
flaw in the technology underpinning the Internet: the easy anonymity that allows cybercriminals to impersonate other entities to
launch attacks. While it is not an official Internet protocol yet, DMARC has already shown so much progress and potential in cutting
down phishing and spam that it is already supported by 70% of all email mailboxes around the world, about 2 billion in total, including
the planet's top 10 email receivers. A number of prominent brands have already seen email abuse drop by more than 50% when
DMARC is deployed. ⁴
⁴ http://www.dmarc.org/
5
Why DMARC Matters
3
Counterfeit emails enable the perpetration of phishing, malware and
spam. Established brands are often the lure used to trick unsuspecting
customers. If a brand suffers numerous impersonation attacks, its
communications with customers won't be trusted. Brands need to
protect their businesses and clients with aggressive attempts to reduce
spam, phishing and spoofing that leverage their trademarks and name.
The time and resources spent on brand awareness and engagement
through email marketing can be undone in an instant with a successful,
massive phishing incident; a recent poll found that 71% of U.S. adults with bank accounts would be at least somewhat likely to change
banks if they became a victim of an online banking fraud attack at their present bank, to cite just one example.⁵ DMARC offers
organizations a way to vastly reduce the possibility of falling victim to such an attack.
“We saw a reduction of 5000% in the amount of
spoofing email claiming to be from a major
corporation during their busiest season after
implementing a DMARC reject policy” – John RaeGrant, Gmail Product Manager
DMARC is important because previous efforts to verify that emails were authentic were not standardized, and tended to try and
authenticate in isolation from every other part of the email chain. Receivers made decisions about how to evaluate email authenticity
on their own, and domain owners could never be sure if receivers were getting messages from imposters. DMARC solves this problem
of many uncoordinated efforts to prove that emails are genuine by bringing them all together under one standard that all email senders
and receivers are invited to use. A reliable way to determine real messages from fake ones is taking shape, which will make the email
ecosystem a little bit safer in the near future and potentially a whole lot safer in the long term, improving the quality of the email
communication that is so necessary for businesses and their marketing teams to thrive.
This means that any organization that relies on or sees value in a trusted email-based communications channel with their customers
stands to benefit from DMARC's implementation. A few examples are illustrated in more detail below:
Banks – If your customers cannot figure out which emails are actually from your financial institution, and which are from phishers, this
dilutes customer confidence in your brand. This is not just an academic question. In the case of Experi-Metal, Inc. v. Comerica Bank in
2011, an employee from a Michigan metal works company clicked on a phishing email that was supposedly from Comerica bank, of
which the company was a customer. Following a link in the email, the employee entered their credentials to enter the banking site,
which was actually a fake site put up by cybercriminals. As a result, the cybercriminals were able to gain access to the company's
accounts with the bank, and fraudulent transfers totaling more than half a million dollars were made and never recovered. Courts later
held Comerica liable for those losses, and now that a legal precedent has been set, there's no telling which bank may be next. DMARC
can make sure the vast majority of fraudulent emails never reach unsuspecting customers in the first place.
Retailers – Recent breaches at a number of prominent retailers, including Target, Neiman Marcus and Home Depot, have shown
vulnerabilities that exist at various points along the payments processing chain. But a breach is not the end of the damage that retailers
and their customers suffer. Information stolen in these breaches is used to launch phishing attacks against the victim, oftentimes with
the brand of the retailer at which the breach happened prominently displayed, offering help to mitigate the damage. But it's not just
companies that have suffered a breach that could be affected. Fake emails leveraging retailer brands offer discounts, promotions,
coupons, promises of salacious content, and any other incentive they can think of to goad users into clicking on what is really a phishing
message. By the time the customer and retailer realize what has happened, cybercriminals have claimed another victim and the
retailer's ability to engage customers through email has been battered. DMARC can maintain retailer brand reputations and their
customers by shutting down these kinds of emails before they ever arrive in an inbox.
⁵
http://blogs.wsj.com/riskandcompliance/2013/08/23/survey-roundup-malware-resurfaces-mobile-app-privacy-worries/
6
Why DMARC Matters
Marketers – Ever wonder why your email marketing campaign doesn't seem to be
showing any results? You've spent the money, collected the email addresses, and
crafted a compelling message, but nothing seems to be coming from it. Before
DMARC, marketers had little idea of the level of risk they might be exposed to from
phishing or spoofed emails. But with all the data DMARC provides about email
authentication, marketers can be more proactive in singling out and stopping attacks
while making sure that their legitimate messages are the ones their targeted
customers actually open. Spam emails don't even get delivered, and open rates for
your email campaigns will go up as your customers will click on fewer spoofed emails
and have more trust in the emails your organization actually does send.
Bottom line: if you communicate with your clients over email, DMARC provides a
clear path to being able to preserve a monopoly on emails being sent in your
organization's name, so that the trust crucial to making thcat ommunication effective
is protected.
7
3
Challenges with Standalone DMARC Solutions
4
Contracting a security provider to help implement a DMARC policy can be helpful, especially during the process to calibrate compliance
with the policy. The process to organize internal email flows to the point where an organization can be confident that its DMARC policy
is only deleting unauthorized messages can take from one to two years for a large company, and adjusting an effective DMARC policy
requires a lot of precision. DMARC compliance encourages a number of excellent best practices regarding hygienic and trusted email
flows, including increased use of email signing and stronger domain management processes. The value of any DMARC analytics
solution is that it provides clients the tools to further adopt DMARC, reach 100% compliance and eventually move to what is called
“p=reject”, where any email sent in the organization's name and domain can be safely rejected without having to worry about genuine
communications being rejected by accident, and permitting a consistent policy to be applied to unauthenticated messages.
But the benefit of a standalone DMARC tool purchased just for this process diminishes sharply once full compliance is reached. When
an organization adopts a policy that can tell the global Internet to delete all unauthenticated emails, the value of a standalone DMARC
tool that offers no further benefits will be called into question, especially if the cost of such a tool is high.
DMARC is not a complete solution to the problem of email-based fraud and phishing attacks. One issue that DMARC doesn't solve is
that cybercriminals could conceivably create domain names that are similar to the target they are attempting to leverage in an attack,
so-called “sister” or “cousin” domains. The deceitful domains could even be DMARC compliant, ironically enough. But because they
are not attempting to spoof the full original name of the organization, DMARC can't catch them. And if DMARC can't catch them, a tool
that only offers DMARC compliance can't stop such attacks either, and your organization can remain vulnerable even while paying an
exorbitant price for a tool that just puts a dent in the amount of attacks.
Another issue is full adoption by all email providers and potential phishing
targets. It is unclear when smaller banks and brands on the sending side of
the equation will comply, or when smaller receiving organizations will do the
same. In the meantime, DMARC can't authenticate what non-compliant
organizations won't allow it to see. There is no way for a DMARC policy that is
not universally adopted to block fraudulent emails unless sending and
receiving organizations make the effort to identify which messages should be
rejected. In addition, there is no standardized way to respond to DMARC
reporting; as noted earlier, compliant organizations may monitor, quarantine
or reject emails, and many organizations worried about rejecting legitimate
messages have not been able to calibrate their policies confidently enough to
go the full “p=reject” route. That means fraudulent messages can continue to
cause trouble, even on DMARC compliant domains.
Standalone DMARC solutions are often inefficient, incomplete and expensive. DMARC compliance is much more valuable as a feature
of a comprehensive threat detection and mitigation approach. DMARC will not be a cure-all that eliminates all attacks, and when
attacks still get through, a standalone DMARC tool will have nothing else to offer.
A more holistic security strategy can comprehensively fight email fraud and phishing attacks however they are delivered. It is helpful to
think of fraud as a concept in three separate stages of its life cycle. The first stage is planning, where a cybercriminal begins searching for
vulnerabilities in an organization's infrastructure to exploit. Then there is the launching stage, where a criminal is able to infect an
unsuspecting user with malware or steals user passwords for access to sensitive information and accounts. Finally, a typical attack ends
with the cashing stage, when a cybercriminal is actually able to remove money from an account.
8
Challenges with Standalone DMARC Solutions
4
If phishing emails are arriving to your customers' inboxes, then cybercriminals are already well on their way to accomplishing the
second phase of the attack cycle. Your customers are only an ill-advised click away from allowing their devices to be infected. DMARC
allows you to remove emails from the Internet before your customers receive them; ultimately stopping attacks at the planning
stages. But as was mentioned before, DMARC can only stop attacks that attempt to spoof your domains. Phishing attacks using sister
domains, or sent through social networks and mobile application stores will still get through to your end users even if your p=reject
policy is calibrated perfectly to stop spoofed domains from sending emails in your organization's name. Rudimentary DMARC
solutions have no way to stop these kinds of attacks, and are only solving a small, if important, part of the phishing and fraud equation.
DMARC is great as a control that can reduce the number of attacks delivered to your customers, but most solutions bolt on thirdparty threat mitigation, and can't handle it strategically. But that's not something you can tell your customers if they get phished using
a spoofed domain outside of DMARC's protective abilities. DMARC is just the beginning of getting control of phishing attacks
targeting your organization; it must be complemented by other multi-layered security strategies that stop attacks that DMARC is not
designed to deal with.
9
DMARC CompassTM with Detect Monitoring
Service: Compliance and Attack Takedown
5
DMARC Compass gives your organization the power to gain visibility into all message flows, proactively filtering attacks and restoring trust in
your email channel. Your organization can see analytics on all sent email associated with your domain using the intuitive DMARC Compass
portal, which lets you follow up on the results of SPF and DKIM validation tests as they are happening and provides an array of dynamic
charts and graphs that give you an instant snapshot of your current DMARC compliance. With the data-driven DMARC Compass readiness
workflow, you can accurately measure the gaps that your organization must still fill to get to full DMARC deployment, identify any
configuration errors, see which domains sending emails have the most authentication problems and stop any unauthorized 3rd-party
vendors that might be sending emails on your behalf. Integrated policy generation tools let you quickly and easily migrate to global blocking
of fraudulent emails and make sure that your customers only receive genuine messages from your brand. There is no new hardware or
software to install since DMARC Compass runs entirely in the cloud, and it can go live start blocking attacks immediately. Once DMARC
Compass is in place, you will be able to publish a DMARC policy that can parse RUA and RUF reports on a daily basis, leading to a dramatic
reduction in attacks to mitigate and greatly reduced attack takedown times.
How does the calibration of a DMARC policy developed by DMARC Compass work so that your organization is able to block spoofed emails
and enable the sending and receiving of legitimate messages? Easy Solutions initially recommends the deployment of a DMARC “Monitor”
policy when first testing the waters of the standard. This policy only provides reporting and doesn't have any receiver-side enforcement,
which guarantees no interruption of your mail flow, but still allows data to still be collected from participating receivers. DMARC Compass is
still fully operational without 100% DKIM deployment and without SPF, and Easy Solutions recommends that DMARC be deployed first in
order to gain complete visibility into the state of your internal DKIM and SPF policies. As the data shows that legitimate traffic is passing
authentication checks, organizations can change their policy to request that failing messages be quarantined. Then, as organizations grow
confident that no legitimate messages are being incorrectly quarantined, they can move to a "reject" policy, with full DMARC readiness and
100% adoption of SPF and DKIM for all internal and 3rd party senders.
Spam, malware, and
phishing attacks are
eliminate
Your
Organization’s
Email
10
Only genuine messages
arriving to your customers on:
Yahoo, Outlook, Gmail, Hotmail,
LinkedIn, Facebook and more
DMARC CompassTM with Detect Monitoring
Service: Compliance and Attack Takedown
5
DMARC Compass combined with our fraud monitoring solution Detect Monitoring Service (DMS), goes several steps beyond any other
DMARC providers, stopping a wider range of attacks. Other DMARC solutions provide reporting, but DMS offers you the ability to glean
intelligence from that reporting and use it to shut down attacks. Essentially, DMARC Compass limits the attacks delivered, and DMS
cleans up the ones that still manage to sneak through. DMARC Compass with DMS provides complete visibility into email streams, with
real time attack monitoring, reporting and takedown, something other DMARC solutions are not equipped to deliver. Unifying the
compliance of DMARC Compass with the proactive threat intelligence of DMS gives your organization a truly comprehensive way to
combat fraud against your brand.
11
DMARC CompassTM with Detect Monitoring
Service: Compliance and Attack Takedown
5
Additionally, when DMARC Compass parses RUF and RUA reports, which include detailed information about fraudulent emails and/or
phishing attacks, they are sent to the DMS platform for analysis and response. If phishing sites are found in these emails, they are taken
down. This means that DMARC Compass can even stop attacks that DMARC compliance checks miss, either because they are not
spoofing a protected domain or because they are sent to mailboxes that are not using a DMARC policy. In fact, increased use of
maliciously registered domains and subdomains is one of the main reasons that phishing attacks are on the rise.⁶ By taking phishing
sites off the Internet entirely, DMS gives DMARC Compass a set of tools to pull out phishing attacks by the root and stop attacks that the
most properly-adjusted DMARC policies are not meant to shut down. DMS can take down phishing attacks from any domain, not just
those covered by DMARC, in an average of 3.6 hours, with attacks shut down proactively 76% of the time, meaning before our
customers or their clients even knew an attack was happening. The DMS portal also provides advanced analytics to help clients visualize
DMARC aggregate reporting data and work towards full DMARC compliance. No other DMARC platform or vendor can deliver
monitoring of all phishing analytics and complete attack takedown in one place.
DMARC compliance and attack takedown are just the beginning of the fraud prevention capabilities that DMS can provide. DMS also
contains a number of other unique features for stopping cross-channel fraud, including:
Black Market Monitoring – DMS keeps tabs on black markets where stolen credit and debit card
information and credentials are sold, so that organizations have a head start protecting customers after retail
breaches. Once we recover this information, it is immediately relayed to our clients so that they can proactively
safeguard their customers' accounts from possible fraud. By preemptively detecting cards that have been stolen
but not yet used by fraudsters, DMS makes sure that banks can pinpoint the cards they need to reissue and avoid
the customer losses that happen when they are cloned. There is very little banks can do to prevent these
breaches, since they happen on infrastructure out of banks' control, but DMS can give your organization the
tools to insulate your assets from the fallout and reputational damage that usually accompany such breaches.
Brand Intelligence –
Convert brand mentions into strong fraud intelligence. DMS goes beyond phishing,
pharming and malware detection and deactivation, also monitoring mentions of your brand across thousands of
social media platforms, blogs and mobile app stores, giving your business an easy way to comply with FFIEC
guidelines for managing risk in social media. DMS also monitors for malicious sister domains, in addition to
identifying and stopping deceitful activity that aims to goad your customers into clicking on fraudulent websites
or download malicious attachments. By constantly scanning all of these potential fraud environments, you can be
sure that anytime your brand is mentioned you will be aware of it first.
Collaborative Protection –
When DMS is integrated with Detect Safe Browsing (DSB), Easy Solutions'
secure navigation platform, it offers collaborative protection that safeguards your entire customer population.
Information collected from malware detected on customer devices running the DSB client can then be used to
shut down the sites spreading the malware using DMS.
It is not a matter of if your brand will be phished, but when. If you are not protecting your brand with every available tool at your
disposal, you are inviting cybercriminals to phish it. While there is no doubt that the hackers will advance and come up with new social
engineering schemes and methods to continue to perpetrate phishing attacks, DMARC has remarkable promise to shut many of them
down. If and when it is fully standardized and deployed globally, it can fix an underlying defect in the technology that has underpinned
the Internet from the very beginning to let anonymous hackers send spoofed emails from another person's domain. Opportunities like
this do not come along very often, and it is up to the security community at large to rally behind this standard's adoption. Information
security, online trust, and anti-fraud are all adversarial pursuits and, like American football, a game of inches. Any chance we get to
complicate the efforts of our adversaries while simplifying ours -- making theirs more expensive and more time-consuming -- is a small
victory in a long game. The compliance assistance offered by DMARC Compass is the first step on the road to making your organization
a harder target for phishing and other email-based attacks, ensuring reliable risk management no matter how the fraud environment
evolves.
⁶ http://docs.apwg.org/reports/APWG_Global_Phishing_Report_1H_2014.pdf
12
About Easy Solutions
6
Easy Solutions is a leading security provider focused on the comprehensive detection and prevention of electronic fraud across all
devices, channels and clouds. Our products range from anti-phishing and secure browsing to multifactor authentication and
transaction anomaly detection, offering a one-stop shop for multiple fraud prevention services.
The online activities of over 60 million customers of more than 220 leading financial services companies, security firms, retailers,
airlines and other entities in the United States and abroad are protected by Easy Solutions fraud prevention systems.
Easy Solutions is a proud member of such key security industry organizations as the Anti-Phishing Working Group (APWG), the
American Bankers Association (ABA) the Bank Administration Institute (BAI), the FIDO (Fast Identity Online) Alliance and the
Florida Bankers Association (FBA).
For more information, visit http://www.easysol.net or follow us on Twitter @goeasysol
Latin America
– Tel. +57 1- 7425570
Headquarters
– Tel. +1-866-5244782
APAC
– Tel. ++81-90-8349-4073
EMEA
–Tel. +44 (0) 77917-798861
info@easysol.net
Easy Solutions, Inc. All rights reserved worldwide. Easy Solutions®, the Easy Solutions® logo, DetectID, DetectID in the Cloud, DetectID in the Cloud for SugarCRM , DetecTA, DetectCA, DetectID Web Authenticator, Total Fraud Protection, Detect Safe Browsing, Detect ATM,
Detect Monitoring Service, Detect Vulnerability Scanning Service, Detect Social Engineering Assessment, Protect Your Business and Detect Professional Services are either registered trademarks or trademarks of Easy Solutions, Inc. All other trademarks are property of their
respectiveowners. Specificationsand contentin this document are subject to change without notice.
13