Note to readers: Please be aware that the following blog post contains quite a few acronyms. We’ll explain them but just a warning of what’s to come…
In the coming weeks, you’ll notice a new company on our Solutions page – OnDMARC.
In their own words, ‘OnDMARC is a cloud-based application that enables organisations to quickly configure SPF, DKIM and DMARC for all their legitimate email sources. This instantly blocks any email impersonation-based phishing attacks.’
And in the words of our very own Stephen Dorling, ‘these guys are an anti-phishing technology and what they specialise in is giving you visibility of what services and servers are using one of your domains to send email so that you can then lock down usage to only legitimate emails sent by your company.’
A Quick Ready-Reckoner of SPF, DKIM and DMARC
SPF – Sender Policy Framework: This is a DNS text entry which shows a list of servers that should be considered allowed to send mail for a specific domain. Incidentally the fact that SPF is a DNS entry can also considered a way to enforce the fact that the list is authoritative for the domain, since the owners/administrators are the only people allowed to add/change that main domain zone.
DKIM – DomainKeys Identified Mail: should be instead considered a method to verify that the messages’ content are trustworthy, meaning that they weren’t changed from the moment the message left the initial mail server. This additional layer of trustability is achieved by an implementation of the standard public/private key signing process. Once again the owners of the domain add a DNS entry with the public DKIM key which will be used by receivers to verify that the message DKIM signature is correct, while on the sender side the server will sign the entitled mail messages with the corresponding private key.
DMARC – Domain-based Message Authentication, Reporting and Conformance: This empowers SPF and DKIM by stating a clear policy which should be used about both the aforementioned tools and allows to set an address which can be used to send reports about the mail messages statistics gathered by receivers against the specific domain.
Clear? Excellent. Let’s continue.
What Does OnDMARC Do?
We know because we don’t stop telling you that phishing emails are one of the biggest root causes of security breaches and attacks on technological infrastructures and there are plenty of ways in which you can prevent them, including email gateway protection from Mimecast (as well as their Awareness Training Platform), specialist anti-phishing services acting as a layer on top of email gateway services such as Tessian and locking down usage of corporate email domains you use every day with OnDMARC (coming soon to a Solutions page near you).
Watch the OnDMARC video here.
‘671,000 fake emails blocked from delivery using OnDMARC in just 30 days’
John Schaffer, CISO, Greenhill
Put simply, it makes securing emails easy.
Put slightly more comprehensively, OnDMARC allows companies to regain control and lock down their domains by applying control of your SPF, DKIM and DMARC settings (see above for acronym descriptions) but their USP (you know this one, surely) is their DynamicSPF capability which automates this with clicks from their admin console.
More About DynamicSPF – It allows you to use only 1 SPF lookup to connects to their system where you will have unlimited lookups. Not only is this much simpler to manage but it prevents your authorised traffic from failing SPF validation.
Not only that but it overcomes the inherent problem with SPF where there is a limit on the number of DNS lookups. For any organisations sending emails from sources that require more than 10 DNS lookups, your SPF will fail for authorised sources.
Most organisation send from multiple third parties such as Gmail (4 DNS lookups) and MailChimp (1 DNS lookup) so it is very easy to quickly go past the lookup limit of 10 and have your authorised traffic failing SPF authentication.
‘Email deliverability doubled from 50% to 100% with OnDMARC’
Nick Kenyon, Head of Operations, NUMED Healthcare
The Benefits Of OnDMARC
The other players in the market offering a similar service give you the necessary information in order for you to manually configure your SPF, DKIM and DMARC settings but require admins to manually update and upload the settings which runs the risk of encountering human error, especially for big companies that can have dozens of different domains.
Insight – Being able to easily visualize your attack vectors gives you a crystal clear idea of the problem you’re facing. Only DMARC gives you insight into what’s happening globally, on your domain, and not just what tries to cross your network boundaries.
Action – Follow simple guided steps to configure all your authorized sending sources for DMARC compliant sending. Once we detect you have 7 days of traffic with no failures of authentic emails, we will provide you with the steps to enable full DMARC protection.
Protection – Now your domains are fully protected, OnDMARC will constantly monitor your domain for any new threats. You will be alerted whenever we prevent a new attack. Our DMARC tool also helps you to keep your DMARC configuration up-to-date as you add new email services.
Not Just a Reporting Tool. OnDMARC provides clear step-by-step instructions on how to fix uncovered issues.
No Need To Wait 24h. OnDMARC’s Investigate feature instantly verifies changes in seconds before you move on.
Overcome SPF Lookup Limit. Manage unlimited email services from directly inside OnDMARC using Dynamic SPF. Best of all, avoid manual DNS updates.
Secure Data Management. OnDMARC is ISO27001:2013 accredited. We have a set of approved procedures, processes, and systems keeping your data safe. They don’t have the facility to reads your email and your data is secured and encrypted with the highest security standards.
Who Owns OnDMARC?
Since you ask, they’re owned by Red Sift, the cognitive data platform who last month closed an $8.8m (£6.8m) investment round from some heavyweight investment houses. You can read the presser here but be in no doubt they are going to become a major player in the market and as we said, in the next month or so we will be adding them to our stable of first-class companies we work with.
Contact us today on firstname.lastname@example.org or call 020 7078 0789 and we’ll talk cloud security, communications platforms, cutting-edge IT solutions or whether snooker is a sport…