DMARC: Domain-based message authentication, reporting and conformance: The time is now!

Posted by Lucas Oldfield, Advanced Office Solutions 11-10-2022 10:43 AM

The cybersecurity threats of phishing attacks, email impersonation, and ransomware are not new challenges faced by organizations in the Canadian marketplace.

Experience demonstrates that many appropriate cybersecurity measures focused on protecting internal staff including firewalls, training programs, and spam folders are successfully defending organizations today.

Unfortunately, Covid-19 has dramatically changed the overall cybersecurity landscape for organizations. Cyberattacks have increased in both frequency and complexity which results in many organizations being exposed to compromise. While your internal staff may be protected with existing defences, without DMARC compliance an attacker can impersonate your email domain and target your customers and suppliers with malicious cyber-attacks.

Given the new cybersecurity landscape, the Canadian Centre for Cyber Security published Implementation Guidance: Email Domain Protection which GUARANTEES the prevention of email fraud if deployed correctly. Building on existing standards — SPF and DKIM — DMARC is the first and only widely deployed technology that can make the header “from” domain trustworthy.

With DMARC compliance extends existing cybersecurity protection across your customers, suppliers, and broader world as no attacker can impersonate or compromise your email domain.

Sender Policy Framework (SPF) is an email validation protocol that allows an organization to specify who can send email from their domains. Domain Keys Identified Mail (DKIM) is an email authentication protocol that allows the receiver to check that an email from a specific domain was really authorized by the owner of that domain. 

We believe that a DMARC record of p=REJECT will be a mandatory component in cyber insurance policies in the near future as this federal best practice has only recently been published and represents one of the largest cybersecurity exposures in the marketplace.

Our experts have taken the lead to protect the community from email impersonation and make the internet a safer place. Call your local Millenium Micro affiliated reseller today to learn more!

Lucas Oldfield, Advanced Office Solutions.