Users

What are DMARC & DNS and how can they protect my business?

Introduction.

Web browsing and email are perhaps the two oldest elements of the internet. As such many of the protocols developed to make them work come from a more innocent time when cybercrime wasn’t a constant, incessant, multi-million dollar global business.

As such efforts are now being made to upgrade those protocols, or reshape them to offer more protection for businesses seeking to become more cyber secure.

DMARC is a new protocol that sits on top of some older protocols to help my email more secure, whereas DNS is an ancient protocol that, nevertheless, can be used in new ways to make web browsing more secure.

In this module, we look at both and how they can help protect your business.

What is the DMARC?

Domain-based Message Authentication, Reporting & Conformance (DMARC) is an email authentication protocol that aims to stop or reduce email spam and phishing attacks by creating a feedback loop back to the domain owner from any email purporting to be from that domain.

DMARC effectively allows organisations to publish information on how to deal with suspicious emails, or any emails claiming to be from their server.  This enables the sender much greater visibility and control over the emails that are being sent out from their server or in their name, even if they didn’t originate with them. It also builds trust for your key domains with email service providers and security companies, as emails from your domain are much more likely to be genuine than from those without DMARC applied.

DMARC is also a key tool in helping to prevent brand impersonation attacks, one of the most common forms of spear-phishing attack.

How to set up DMARC Authentication.

Your IT administrators may be able to set up DMARC for you if they have access to your DNS server and are used to setting up SPF, DKIM, CNAME and A-records.  However, setting up DMARC is only part of the job. The main point of DMARC is to have a constant feedback loop between email recipients and your email server and to allow you to take intelligent action based on the information that comes back.  If you set this up manually, then you will also need to manage all this information manually, and even for a small organisation, this can be a lot of work.

A better solution is to use an email service, like our Total Email Protection solution, which will help you to both set up and manage your DMARC authentication. This allows you to set up alerts so you only need to deal with the feedback that relates to the suspicious email you want to stop.

What is DNS?

DNS, or Domain Name System, is what allows you to use memorable words, like Amazon or Google, to find a website instead of having to input a string of numbers known as an IP address.

Here’s a great explanation of DNS basics:

DNS has been used since the very start of the internet, and it’s still fundamental to everything now. However, it can also be used to reduce cyber security risk, and improve productivity within your business with the use of DNS filtering.

What is DNS filtering?

DNS is responsible for routing internet traffic and can be used to apply controls on what websites can be accessed across your business. No one wants to restrict the freedom of their employees, but restricting access to non-core websites – like gambling or dating sites – your potential attack vector (the total possible chances for you to be attacked by hackers) can be greatly reduced. In some instances productivity may also be improved.

I now understand…

• What DMARC and DNS are.
• How DMARC and DNS can be used to protect my business.