Ok I admit it – I am a DMARC advocate, evangelist and all round believer in this standard.
Key takeaway – DMARC protocol is FREE and you can implement DMARC whilst you do a review for the best email cloud security/filtering platform – they are independent of each other.
Scenario – I’m at dinner with friends:
- Me: “Yeah, I work in cyber security”
- Friend: “Maybe you can help – we have subscribed to O365, and also use xxxxxx for email cloud filtering but we’re still receiving fake emails that use our own domain.
- Me: Have you implemented DMARC to reject mode ?
- Friend: “What’s DMARC ??”
Across the 30 odd years I’ve been in IT – 3 keys concepts I truly believe in:
- Standardisation – it doesn’t matter what flavour of OS, hardware or software that you use – just pick one and stick with it. Leverage all features.
- Cloud – the adoption of cloud didn’t come without its own issues, but done properly, cloud adoption adds to an organisation’s bottom line !
- DMARC – two major digital entry paths into an organisation – port 80 and email. DMARC fixes a number of issues with the technology of email and hands back control of your email domains back to you, the domain owner.
Specifically on email, organisations spend an enormous amount of resource to protect this space but in many cases fail miserably. Every time I read about a data breach, I quickly scan that organisation for an SPF or DMARC record only to find that I’m shocked at the lack of basic 101 email domain security. Yes, if your organisation doesn’t have an SPF or DMARC record, eventually you will be scammed.
No need for expensive cloud based email security gateways ? – Obviously there’s a caveat with that statement – using an analogy, firstly lock your doors and close your windows before looking to acquire a security guard to sit at your front door. In other words, implement the email service completely by creating an SPF , DKIM and DMARC records are part of that implementation. Subsequently, or in parallel, review services from providers such as Cisco, Mimecast, McAfee, Symantec etc for key features such as email AV filtering amongst others.
Below are important links for either Gmail for business or O365 subscribers.
- Gmail for business users :Enhance security for forged spam (DMARC) https://support.google.com/a/answer/2466580?hl=en&ref_topic=2759254
- O365 – Use DMARC to validate email – https://docs.microsoft.com/en-us/office365/securitycompliance/use-dmarc-to-validate-email
- Other – check the dmarcian channel on youtube for more information – https://www.youtube.com/channel/UCDx8T1JqKRJrlF6_yDGiG7w
Most if not all email filtering appliances or cloud services are DMARC compliant. In other words, if your organisation implements DMARC, you can leverage this protocol when you subscribe to an email filtering service and eventually REJECT fake emails that use your domain both
- inbound towards your employees or
- outbound towards your customers and vendors.
It’s a simple process.
By Con Lokos