Easy (and Cheap!) ways to secure your corporate email domain

04 Oct / 2021

Cyber Security

Email is such a critical business tool for many businesses. And the massive shift to a “Work from Anywhere” model has led to an increased risk of breaches and/or exposure of sensitive information outside your traditional corporate infrastructure.

With email still one of the top attack surfaces for a business and the cost of phishing attacks almost quadrupling in recent years, you need to be doing everything you can to secure your users and the data used in email.

It is crucial, now more than ever, to ensure email security protocols are properly implemented. The trio of protocols known as SPF, DKIM, and DMARC can safeguard your email presence by implementing protection mechanisms to stop domain spoofing and email tampering. These three protocols complement each other and should be implemented in conjunction with one another.

Sender Policy Framework (SPF) hardens your DNS servers and restricts who can send emails from your domain. SPF can prevent domain spoofing, where an attacker can register domains that look similar to yours and start masquerading as you to your users or downstream customers. SPF enables your mail server to determine when a message came from the domain that is authoritative for it and if it is allowed to forward mail on your behalf.

DomainKeys Identified Mail (DKIM) ensures that the content of your emails remains trusted and hasn’t been tampered with or compromised.

Domain-based Message Authentication, Reporting and Conformance (DMARC) ties the first two protocols together with a consistent set of policies and reporting features.

Guidance on creating and configuring the above three protocols can be found below:

Significant changes in working patterns demand that cyber security be front and centre in your IT planning. Reach out to Team Cythera should you have any questions or need assistance in securing your business.

Resources

You may be interested in

What is Endpoint Protection?

What is Endpoint Protection? With modern business practices requiring an increased amount of network and cloud based operations it’s rare for…

Read More arrow_forward

Why You Shouldn’t Be Reusing Passwords In 2020

Who out there has been guilty of reusing a password? We’re all guilty of it! Results from a recent Google survey discovered that at least 65% …

Read More arrow_forward

The Perfect 10 - Remote Code Execution in Apache Log4j Requiring Emergency Patching

CVE: CVE-2021-44228 CVSS Score: 10 (Critical)What Is Vulnerable?: Apache Log4j Version 2.15-rc1 or prior. (All version prior to 2.15-rc1 are vu…

Read More arrow_forward