Sonitek

Client Overview

Sonitek is a precision manufacturing company specializing in heat staking, ultrasonic welding, and industrial automation equipment. Their business depends on reliable email and DNS infrastructure to support order processing, customer communication, internal operations, and B2B outreach.

The Engagement

JD Tech was initially brought in to support a DNS migration and website transition. Early in the engagement, it became clear that DNS, email authentication, and security controls were fragmented across multiple platforms — creating unnecessary risk during any migration.

As remediation work began, the organization experienced a live malicious email flooding attack, turning what was planned work into an active incident response.

What We Found

During the initial assessment, several critical issues surfaced:

• SPF, DKIM, and DMARC were misaligned and inconsistent across Microsoft 365, eCommerce systems, and third-party senders
• DNS was hosted in a way that made changes fragile and error-prone, increasing migration risk
• Monitoring existed but lacked actionable visibility — failures could occur without immediate awareness

Before remediation was complete, Sonitek was hit with a high-volume inbound email attack, flooding mailboxes with thousands of messages per minute. Legitimate email was delayed, users experienced mailbox slowdowns, and operational risk increased rapidly.

Incident Response & Remediation

JD Tech shifted immediately from planned migration work to active defense and containment.

• Rapid inbound defense: Deployed Proofpoint as a first-layer email security gateway to absorb and block malicious traffic before it reached Microsoft 365.
• Attack containment: The flood was stopped, mailbox performance normalized, and legitimate email flow was restored without user disruption.
• Employee protection: Controls were put in place to prevent follow-on threats, including business email compromise (BEC) and credential-harvesting attempts often associated with these attacks.

Infrastructure & Migration Work

Once the environment was stabilized, we completed the original scope — this time on hardened ground:

• DNS cleanup and alignment: Standardized SPF, DKIM, and DMARC across all sending sources and domains.
• DNS migration: Successfully migrated DNS to the new provider with zero email downtime.
• Website transition: Supported the website migration as part of the DNS cutover, validating propagation and service continuity.
• Ongoing visibility: Established monitoring and alerting so authentication issues, delivery failures, or anomalies are caught early.

Outcome

• The email flooding attack was neutralized quickly, with no data loss and no ongoing user impact
• DNS and email authentication are now fully aligned and stable
• The DNS and website migration completed cleanly and safely
• A potential business email compromise (BEC) scenario was prevented through layered defenses
• Sonitek now operates with confidence in their DNS and email infrastructure — not firefighting

Why This Mattered

What started as a DNS migration became a real-world test of resilience. By addressing foundational issues and responding decisively under active attack, JD Tech helped Sonitek move forward on a secure, stable platform built to withstand both change and threat.

"John did an exceptional job helping me improve our email security and manage complex conditional access policies. He provided clear explanations, proactively identified potential issues, and quickly implemented effective solutions — significantly reducing spam while ensuring legitimate emails weren't blocked unnecessarily.

He was responsive, knowledgeable, and proactive in addressing problems. He consistently took initiative to troubleshoot, confirm configurations, and provide actionable recommendations, greatly enhancing our infrastructure's efficiency and security. Highly recommend." — Tom Bishop, Sonitek