Founded in 2001, MailChimp is an email marketing service provider serving more than 9 million users around the world. Over 10,000 new customers sign up every day to use MailChimp, which is accessed through a web- or mobile-based application. On behalf of its customers, the company sends more than 800 million emails a day, or more than 21 billion emails per month.
Since its founding, MailChimp has grown rapidly. To stay relevant and ahead of the competition, it must ensure its site and services – delivered from three U.S.-based data centers – perform quickly and stay safe from attacks. Early on, the company took advantage of Akamai Web Performance Solutions to ensure fast site delivery. But more recently, MailChimp became the target of Distributed Denial-of-Service (DDoS) attacks that plague many large online businesses. While the email marketing service provider had mitigation in place, it needed a partner with a comprehensive setup that could be used to better protect its delivery infrastructure and entire address space. Such a partnership would free MailChimp up to do what it does best: provide innovative marketing solutions to its users.
MailChimp needed to meet two key requirements to support its objectives:
Turning to a Trusted Partner
As a long-time, satisfied customer of Akamai Web Application Accelerator to ensure fast delivery of its site around the world, MailChimp naturally turned to Akamai to assist with its security needs. Akamai quickly deployed Kona Site Defender and Prolexic Routed. “As an email service provider, we must be transparent about our IP space for reputation reasons, so we needed both Kona Site Defender and Prolexic Routed,” explains Joe Uhl, VP of Operations for MailChimp. Kona Site Defender combines automated DDoS mitigation with a highly scalable and accurate Web Application Firewall to protect websites from a wide range of online threats. Prolexic Routed provides protection against DoS and DDoS attacks for Internet-facing applications, network, and data-center infrastructure.
Taking Advantage of Outsourced Security Expertise
When Akamai launched a managed version of its Kona Site Defender service, MailChimp quickly signed up. “The managed service provides us with 24/7 security expertise,” explains Uhl.
Through the managed service, MailChimp took advantage of attack readiness, working with Akamai’s security experts. According to Uhl, this was extremely helpful in ensuring Kona Site Defender was best configured to protect the MailChimp service and application. The company also benefited from security monitoring and attack support, which kept MailChimp up to date on all new attacks.
Gaining New Levels of Detection and Protection
MailChimp also chose to take advantage of the Kona Client Reputation service. Client Reputation enables the company to automatically block requests from IP addresses that Akamai has rated as malicious, based MailChimp on dozens of heuristics Akamai runs against a database of more than 20 TB of daily attack data. As Uhl explains, “Most of the tools out there to detect and thwart threats are lacking. Client Reputation is unique because of the amount of data that Akamai collects, providing a layer of attack prevention that we can’t get anywhere else.”
Ensuring Uninterrupted Business
Though MailChimp may continue to be the target of attacks, its site and application will remain available with the Akamai solutions and other security measures in place. “We don’t generally work with third-party vendors. But it doesn’t make sense for us to build out the global infrastructure and staff to handle large, frequent attacks. Partnering with Akamai on attack prevention allows us to move fast and focus on pushing out new product features to our customers,” concludes Uhl.
More than 9 million businesses around the world use MailChimp to send, test, and track email campaigns, marketing automation, and transactional messages. Self-funded and independent, MailChimp has been helping small businesses grow since 2001.