" DMARC Archives - Page 2 of 2 - LuxSci

Posts Tagged ‘DMARC’

SPF and DKIM: The State of Domain-based Email Authentication – Part 1

Friday, September 1st, 2017

Recent reports on cyber-security threats in the healthcare sector by Verizon, Symantec and Ponemon consistently make several observations:

  • Email-borne malware is on the rise, with such malware delivered via spam or phishing;
  • Small-to-medium sized businesses (from all sectors) have the highest rate of email-delivered malware;
  • Most breaches are caused by negligent employees or contractors.

These conclusions are hardly surprising as email is now an increasingly common part of communications with protected health information (PHI) frequently exchanged amongst employees and patients within a practice, between medical providers, and medical providers and their business associates. The concern for the healthcare industry is the potential violation of the HIPAA privacy rule caused by email-related (and other) breaches, leading to disruptions from loss of data, compliance audits and possibly hefty fines.

No Phishing

We wrote about obvious measures medical providers can take to avoid HIPAA non-compliance in email exchanges such as opt-out email security. That addresses only one aspect of the threat landscape, though – the protection of PHI in email exchanges. Another aspect is more sinister, as it deals with external, malignant actors. These actors use various spoofing techniques to trick patients or employees of a medical practice to react incautiously, often impulsively, to emails supposedly coming from valid sources. These often lead to identity theft, where the damage is more far-reaching as the information given up is more long-lived and more widely used and cannot just be erased like revoking a misused credit card.

Read the rest of this post »

Email Identity Protection and LuxSci Email Hosting

Monday, March 9th, 2015

We have just completed a long series of articles discussing how attackers forge email messages and what technologies and techniques can be used to counter these attacks.  See: Email Identity and Forged Email.

In this post, we will discuss some best practices when using LuxSci to maximize your protection against forged email messages.

Read the rest of this post »

Stopping Forged Email 3: DMARC to the Rescue

Monday, March 2nd, 2015

DMARCIn our previous two posts in this series, we examined how SPF and DKIM can help limit forged email messages by looking at the IP address and validating if the message was sent by an approved server based on digitally signed messages. We found that while SPF and DKIM can work, they have significant limitations that cause them to be insufficient to stop forgeries in many cases.

However, SPF and DKIM address the forgery problem in different but often complementary ways. For this reason, many organizations use both technologies.

Suppose you are using both technologies and can control where your domain’s messages are coming from. In that case, you can step up your game using DMARC, Domain-based Message Authentication, Reporting, and Conformance.

Read the rest of this post »