Protecting your company’s email account from spam, fraud, malware and phishing should be a key part of your overall business security strategy. The growing sophistication of malware, ransomware and spear phishing means that small businesses in particular that do not have adequate email security are increasingly vulnerable – especially as they become ever more reliant on email communications. Indeed, according to the technology market research firm The Radicati Group, one in five business emails sent in 2013 were illegitimate. Of these illegitimate emails, 92 per cent contained links to potentially malicious content.
With that in mind, here are three standards that can help businesses boost the security of their email communications.
1. Sender Policy Framework
Sender Policy Framework (SPF) is a standard that helps to manage and prevent ‘sender forgeries’ – as in, spam or malicious emails that are sent in your name, but that did not come from you. The four main sender forgery cybercrimes are spam, fraud, malware and phishing. Sender forgeries can be damaging to your small business as they can cause customers or clients to lose trust in the security of your operations; after all, you do not want your brand to be associated with an aggressive computer virus. SPF is designed to ensure that every single email your customers receive from you is completely authentic and safe.
2. DomainKeys Identified Mail
DomainKeys Identified Mail (DKIM) is designed to verify the identity of the person sending an email. It does this by using public-key cryptography to validate the domain name. Public-key cryptography basically ensures secure communication – the domain owner is the only one that can access messages within their mail server (using the private key), while anyone can send messages to it (using the public key). DKIM ensures that the private key and public key match up, so that the mail server is secure and all emails sent from it are legitimate.
3. Domain-Based Message Authentication, Reporting and Conformance
This standard helps email senders and receivers cooperate to enhance the security of email communications. It lets the sender highlight the email’s compliance with SPF or DKIM, while providing the receiver with a policy to follow if the email ends up being rejected or going into their spam folder – i.e. not passing the server’s SPF or DKIM authentication process.
So, there you have it: three email standards that can help small businesses enhance their email security. For help implementing any of these standards, contact us at Dragon IS today.