Important Considerations and Best Practices More advanced or enhanced built-in security may require additional licensing. Built-in email security/filtering tools (e.g., Microsoft 365 or Google) may not provide enough protection. For any email security/filtering system, IT should assess if it is working effectively. Programs may need to consider third-party tools, such as Mimecast, Proofpoint, etc. Additionally, organizations should consider the use of Domain-Based Message Authentication, Reporting & Conformance ("DMARC"), Data Level Protection ("DLP") policies, DomainKeys Identified Mail ("DKIM"), and Sender Policy Framework ("SPF") to strengthen the security of their email systems and verify legitimate emails to prevent fraud. See below for more details: Domain-based Message Authentication, Reporting & Conformance ("DMARC") is an email authentication, policy, and reporting protocol designed to protect domains from unauthorized use. It minimizes the risk of fraudulent emails, such as phishing and spoofing. Data Level Protection ("DLP") policies ensure that files containing sensitive data (i.e., Social Security Numbers) are protected. End users can share any information they like with anonymous links. An organization can consider creating DLP policies in audit mode to start with, which would ensure sensitive files are prevented from being accidentally shared out and if so, the administrator(s) would get notified via alerts. DomainKeys Identified Mail ("DKIM") is an email security standard designed to ensure messages are not altered in transit between the sending and recipient servers. Organizations may want to consider implementing the DKIM standard to improve email deliverability and security. Sender Policy Framework ("SPF") is an email authentication method designed to detect forging sender addresses during the delivery of the email. IT administrators should consider setting their organization's SPF record to a hard fail to ensure that the only servers that can send emails are from authorized servers.
|
