How are you handling 3rd party services sending email "as" the corporate domain, to internal and external recipients, from a cosmetic perspective (from address / reply-to address) and from an email transport integrity perspective (e.g., DMARC Reject configuration), in order to maintain trust with the recipients while minimizing risk to the organization in the event the 3rd party is compromised?
Are you using alternative domains (edwardslifesciences.com), or are they using subdomains (qualtrics.edwards.com) for a domain like Edwards.com.
We are mooking to minimizing risk to our organization in the event the 3rd party is compromised.
... View more