1 / 2

Are you still waiting for DMARC enforcement_ Perhaps your DMARC system is not cloud-ready.

Many companies are increasingly aware of the threat posed by phishing attempts that spoof the sender's identity. To defend oneself from email spoofing, almost one million domain owners have begun to deploy DMARC email authentication.

rawatnimisha
Download Presentation

Are you still waiting for DMARC enforcement_ Perhaps your DMARC system is not cloud-ready.

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Many companies are increasingly aware of the threat posed by phishing attempts that spoof the sender's identity. To defend oneself from email spoofing, almost one million domain owners have begun to deploy DMARC email authentication. Setting up a DMARC policy that truly protects you is a totally different issue. Before you can implement DMARC, you must first understand the entire scope of your email ecosystem. Which cloud services are sending email on behalf of your domain, and which attackers may be utilizing your email to launch phishing attacks. Then you must take action, blocking the malicious actors and ensuring that lawful services are properly approved. However, cloud services can occasionally obstruct this process by making it difficult to know which services are sending emails on your behalf. This is one of the reasons why DMARC enforcement might be more difficult than it appears. Email Visibility Matters To get things done properly, email authentication has always necessitated meticulous planning. However, doing so was less risky prior to the migration of business software and on-premises mail exchanges to cloud platforms. Today, many SaaS services employ email to increase engagement, conversion, and retention, as well as to offer notifications and updates. You may, of course, arrange for them to send emails ‘from’ your domain, making it appear as though the emails are originating from your organization rather than ‘cloudprovider.com’. Only around 2% of the hundreds of cloud apps in the market (now much more than 100) are well-known and frequently utilized, accounting for 90 to 98% of the email traffic sent by a typical organization. However, there are thousands of different services available, each with its own set of SPF and/or DKIM setting requirements. Many DMARC solutions can identify and assist you in configuring the top 2% of cloud services. But what about the remaining 98%? How do you track them down? DMARC Reports Analysis DMARC aggregate reports are massive XML data dumps that use IP addresses to identify transmitting services. To get the most out of these reports, you'd have to figure out which cloud services the addresses correspond to at the time the report was performed. You'll then need to ensure that your SPF record includes the services you wish to allow, without exceeding the 10 DNS lookup limit or resorting to risky tactics like SPF flattening (basically, listing all those IP addresses numerically instead of referring to the service with a domain name). Assume you wish to DMARC-enforce a very big domain, such as a state government domain or a major retail domain with hundreds of subdomains, each with its own administrator and a separate set of cloud services that use that subdomain to send an email. You must now resolve the cloud visibility issue for each of those subdomains, as well as deal with SPF and DKIM setup for each of those apps in each subdomain. It's no surprise, therefore, that the total DMARC enforcement rate for major firms is so low—around 30% for most industries. The Right Way Out

  2. To solve the cloud visibility problem definitively, you must be able to identify every cloud service by name. Instead of parsing through XML DMARC reports and mapping IP addresses to cloud services, it’s much easier if you can actually see what cloud services your domain uses, by name. Once you have that visibility, it’s easier to create an optimal SPF record, set up DKIM, and apply a DMARC policy across your entire domain and all of its subdomains. Ideally, you’d also want to enable role-based access control for each subdomain, so each of those administrators can manage their own subdomain. Imagine never having to touch DNS again. And imagine automating all the steps needed to validate the legitimate email services—checking SPF records, validating DKIM encryption keys for each service, and making the necessary updates to DMARC records in DNS. That’s the promise of EmailAuth, which is used today by some of the world’s biggest enterprises to gain DMARC report visibility and get to DMARC enforcement. Original source: https://www.evernote.com/shard/s333/sh/54a195c8-f028-daf5-ce57-383b72840fe5/38f3bac0f23b575a1da06e1 cca9d382a

More Related