Easy (and Cheap!) ways to secure your corporate email domain

04 Oct / 2021

Cyber Security

Email is such a critical business tool for many businesses. And the massive shift to a “Work from Anywhere” model has led to an increased risk of breaches and/or exposure of sensitive information outside your traditional corporate infrastructure.

With email still one of the top attack surfaces for a business and the cost of phishing attacks almost quadrupling in recent years, you need to be doing everything you can to secure your users and the data used in email.

It is crucial, now more than ever, to ensure email security protocols are properly implemented. The trio of protocols known as SPF, DKIM, and DMARC can safeguard your email presence by implementing protection mechanisms to stop domain spoofing and email tampering. These three protocols complement each other and should be implemented in conjunction with one another.

Sender Policy Framework (SPF) hardens your DNS servers and restricts who can send emails from your domain. SPF can prevent domain spoofing, where an attacker can register domains that look similar to yours and start masquerading as you to your users or downstream customers. SPF enables your mail server to determine when a message came from the domain that is authoritative for it and if it is allowed to forward mail on your behalf.

DomainKeys Identified Mail (DKIM) ensures that the content of your emails remains trusted and hasn’t been tampered with or compromised.

Domain-based Message Authentication, Reporting and Conformance (DMARC) ties the first two protocols together with a consistent set of policies and reporting features.

Guidance on creating and configuring the above three protocols can be found below:

Significant changes in working patterns demand that cyber security be front and centre in your IT planning. Reach out to Team Cythera should you have any questions or need assistance in securing your business.


You may be interested in

Retail Resilience in the Digital Age: Conquering Cyber Challenges with SASE

Retail Resilience in the Digital Age: Conquering Cyber Challenges with SASE Technological advances along with changing customer expectations ar…

Read More arrow_forward

Why You Shouldn’t Be Reusing Passwords In 2020

Who out there has been guilty of reusing a password? We’re all guilty of it! Results from a recent Google survey discovered that at least 65% …

Read More arrow_forward

OpenSSL v3.0.x Buffer Overrun Vulnerability

CVE-2022-3602 – OpenSSL v3.0.x Buffer Overrun VulnerabilityCVE: CVE-2022-3602 and CVE-2022-3786What Is Vulnerable?: OpenSSL versions 3.0.0 or …

Read More arrow_forward