Easy (and Cheap!) ways to secure your corporate email domain

04 Oct / 2021

Cyber Security

Email is such a critical business tool for many businesses. And the massive shift to a “Work from Anywhere” model has led to an increased risk of breaches and/or exposure of sensitive information outside your traditional corporate infrastructure.

With email still one of the top attack surfaces for a business and the cost of phishing attacks almost quadrupling in recent years, you need to be doing everything you can to secure your users and the data used in email.

It is crucial, now more than ever, to ensure email security protocols are properly implemented. The trio of protocols known as SPF, DKIM, and DMARC can safeguard your email presence by implementing protection mechanisms to stop domain spoofing and email tampering. These three protocols complement each other and should be implemented in conjunction with one another.

Sender Policy Framework (SPF) hardens your DNS servers and restricts who can send emails from your domain. SPF can prevent domain spoofing, where an attacker can register domains that look similar to yours and start masquerading as you to your users or downstream customers. SPF enables your mail server to determine when a message came from the domain that is authoritative for it and if it is allowed to forward mail on your behalf.

DomainKeys Identified Mail (DKIM) ensures that the content of your emails remains trusted and hasn’t been tampered with or compromised.

Domain-based Message Authentication, Reporting and Conformance (DMARC) ties the first two protocols together with a consistent set of policies and reporting features.

Guidance on creating and configuring the above three protocols can be found below:

Significant changes in working patterns demand that cyber security be front and centre in your IT planning. Reach out to Team Cythera should you have any questions or need assistance in securing your business.

Resources

You may be interested in

From COTS to Custom: How Cythera Elevates Cybersecurity with Human-Led MDR

Let’s face it: Commercial Off-The-Shelf (COTS) security solutions have served their purpose well. In the early 2000s, when cyber threats were …

Read More arrow_forward

Achieving Essential 8 Compliance: Why Cythera uses Automox for Patch and Office Macros Management.

At Cythera, we understand the unique cybersecurity challenges faced by Australian organisations. The Australian Signals Directorate's (ASD) Esse…

Read More arrow_forward

Cyber Threats and the Israel-Hamas War

This threat landscape SOC Note does not cover any details of the ongoing ground war. Links to sources that contextualise the Israel-Hamas war ha…

Read More arrow_forward