Glu Chooses Microsoft 365 E5, ATP, and Valimail for Complete Email Security Solution

Challenge

Glu’s security team decided to prioritize an email security solution that is easy to use, automated, and would cover the gamut of ever-changing email threats their organization and customers face on a daily basis.

Solution

Microsoft 365 E5 with Valimail Enforce™ and Defend enabled Glu to achieve its optimal security posture without shifting priorities and without the risk of manual configuration errors.

Results

Glu received immediate benefits from ATP upon configuration. And, within 60 days, Glu reached DMARC enforcement, completely eliminating the possibility of exact-domain phishing attacks against the brand.

woman holding phone

The Business

With a history spanning over a decade, Glu is a leading creator of mobile games. Glu’s diverse portfolio features top-grossing and award-winning titles available worldwide on various platforms including the App Store and Google Play. One of Glu’s core values is ‘Trust Each Other,’ and the company has extended that value by creating a trusted email ecosystem through a layered approach that includes email authentication, a key component of which is DMARC enforcement.

The challenge

Dominic Martinelli, Vice President of Customer and Technical Operations, and John Fox, Senior Security Engineer, lead the team responsible for IT, DevOps, cybersecurity, corporate infrastructure, incident breach management, security controls, and customer care. They were eager to implement a best-of-breed email security solution. They looked at many solutions, but when they scoped the amount of work required, it was clear that it would require re-allocating resources from other initiatives. They needed a solution that was automated, easy-to-configure, and could stop modern email attacks. 

DMARC was frequently a topic of discussion, but the conversation always came back to the amount of work that implementing it and the associated standards would take. “DMARC was pretty challenging to manage with setting up all of the SPF and DKIM rules,” says Fox. “A big fear of ours was that if DMARC was done incorrectly we’d block the spoofed emails — but also block legitimate email and create more pain,” says Martinelli. 

After discovering the integration between Valimail and Microsoft, it was clear that they had found the solution their team needed. It would enable Glu to deploy and maintain an email authentication project quickly without the risk associated with trying to build a workable solution themselves. “The solution itself is solid, and Valimail has been there to provide support whenever needed,” says Martinelli. “It finally felt like we had a safe, effective, and efficient way to upgrade our email security and implement DMARC.”  

Further, Microsoft ATP Safe Links and Safe Attachments gave Glu the peace of mind that it could rely on Microsoft technology rather than people to examine malicious links and attachments. Users are blocked or notified when they click on a link deemed unsafe. And any unsafe attachments are sent to a detonation chamber prior to being passed along to the user.

“The solution itself is solid, and Valimail has been there to provide support whenever needed. It finally felt like we had a safe, effective, and efficient way to implement DMARC.”

Dominic Martinelli,
Vice President of Customer and Technical Operations, Glu

The solution

Within 60 days, Glu was able to achieve DMARC enforcement as well. Without Valimail’s automated platform in place, DMARC projects usually take over 12 months and have only a 20 percent success rate. By contrast, Glu found that even with its complex infrastructure, the implementation process was simple and allowed the team to achieve protection quickly. “It was pretty seamless,” says Fox of the 60-day process. “We immediately improved our visibility and could confidently move to an updated enforcement policy that was applied by our M365 environment.”  

Having already deployed Valimail Enforce at full enforcement, Glu added Valimail Defend to their existing environment. Both products integrate with Microsoft 365 so they work together with a simple configuration change. Glu was able to stop malicious email attacks and see global email data immediately upon configuration

Results

Glu has the certainty of knowing that if bad actors are attempting to send fraudulent emails in their name, they will never reach anyone’s inbox. Employees, customers, and partners can be confident that any email coming from a Glu domain can be trusted. Martinelli says, “With phishing attacks becoming more sophisticated, and email increasing in popularity as an attack vector, it creates a sense of comfort to know that we have mechanisms in place to stop these types of attacks cold.” 

“Valimail Enforce™ just works — and the support is excellent. That’s all you can ask for.”

Dominic Martinelli,
Vice President of Customer and Technical Operations, Glu

Related Case Studies