Email Security Update: DMARC For Our Customers
We’re going to implement the DMARC email security standard for our existing customers, free of charge, as part of our ongoing efforts to help create a safer internet.
DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an email authentication system designed to protect an email domain from cyberattackers who may try to compromise the owner, brand, or business through domain spoofing, phishing, or cyber fraud.
Created by PayPal together with Google, Microsoft, Yahoo! and other industry leaders, the DMARC protocol leverages two existing email authentication techniques – SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) – while adding a reporting function that provides visibility into the domain owner’s email ecosystem.
As a domain owner, you want to have peace of mind about the emails that are being sent under your banner. Not only for your reputation, but for the reputation of your business, too. You want to know that your staff, customers, partners, and suppliers are receiving legitimate emails from real representatives of your organisation, not scammers impersonating you or your people. DMARC assures all those who receive your emails that the messages are authentic and trustworthy – and that they originated from your true domain.
There were an estimated 3.9 billion active email users last year – and that number is expected to reach 4.2 billion by 2022. Email is a big part of our personal and professional lives – but it’s also an information-rich environment that attracts malicious actors. For cybercriminals, the ability to mimic a business through email is extremely valuable, and could open the door for data theft, identity theft, and account fraud.
DMARC adoption is increasing worldwide
More than a million organisations – including Amazon, Apple, Cisco, Dell, Facebook, LinkedIn, and Twitter – are already using DMARC to help secure their email. DMARC is considered best practice by industry leaders around the globe. We’ve decided to deploy DMARC for our customers because we want to make sure that they have comprehensive email protection, in compliance with the latest standards.
We’ve enlisted local technology startup Sendmarc to help us do this as seamlessly as possible. The South African company, co-founded by entrepreneurs Keith Thompson, Sam Hutchinson, and Sacha Matulovich, specialises in DMARC implementation and monitoring.
The Sendmarc software gathers, interprets, and analyses DMARC data reports to provide actionable insights for domain owners. It takes a complex collection of technical data and makes it clear, visual, and easy to understand so that domain owners can see exactly what’s happening in their email environments – and then take steps to address any issues detected.
Phishing plays a role in over 90 percent of all cyberattacks – and that’s why it’s critical for domain owners to be proactive about email security. Brands and businesses can’t afford to ignore the fact that cyberattackers are constantly searching for new ways to steal money, personal information, credit card data, and login credentials. Email will remain a target, but the DMARC protocol can help strengthen cyber resilience at the domain level.
Here’s the process for DMARC deployment by BUI
Customers will receive correspondence from BUI, outlining the steps for DMARC deployment and providing additional resources to help them understand the benefits of this email security measure.
The DMARC protocol will then be added to the customer’s DNS, and approximately 4-6 weeks later, the customer will receive a report outlining any issues detected.