Epsilon has strengthened its email platform with a cloud-based security solution from Verizon Business that will help identify and mitigate cyber attacks in real-time.
The solution will combine intelligence from Verizon's global-IP network to boost Epsilon's breach detection systems. It uses a baseline for normal network behaviour and generates alerts when unusual incidents occur.
It will also deploy stronger security measures, including restrictive access to its email platform, as well as a second factor "grid pattern" system that ITNews reported was used to complement user names and passwords.
Epsilon was hit by a major breach earlier this year, when two per cent of its email clients' customer information was exposed by an unauthorised entry into its email system.
Rigorous internal and external reviews confirmed that only email addresses and names were compromised. It said at the time that investigations would determine if any additional security safeguards would need to be promptly implemented. It later confirmed that no financial data had been compromised.
Epsilon chief information officer Bryan Kennedy said it had partnered with Verizon to mitigate further breaches.
“Epsilon has already made significant progress in enhancing security measures and remains focused on creating a more secure environment using the most sophisticated resources available to protect our clients and their customers from cyber attacks."
"Unfortunately, these days, data breaches are a very real, ongoing threat and that's why partnering with the best is so critical to us.”
Epsilon is also implementing new access restrictions through its IP certification requirements, with all access to the email platform, both inbound and outbound, restricted to white-listed IP addresses.
It confirmed that it is working with internet service providers to build an anti-phishing solution that will include developing an open, rapid communication channel between marketers and ISPs, methods to differentiate legitimate communications from fraudulent ones and a way to monitor brand abuse across email domains.
This is expected to be presented and released to clients in Q4 2011.