Get free DMARC visibility with Valimail Authenticate and Microsoft Office 365
This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA.
Phishing and email spoofing not only erode brand trust but also leave recipients vulnerable to financial loss and serious invasions of privacy. These tactics have been around for years, but their breadth and sophistication today pose a formidable threat. According to the FBI, fraudulent emails sent under the guise of their own domains cost companies over $13 billion between 2016 and 2020.1
Microsoft has industry-leading solutions for protecting customers from such attacks. Recently, Microsoft was named a leader in the 2021 Enterprise Email Security Wave2, with Microsoft Defender for Office 365 receiving the highest possible scores in categories like incident response, threat intelligence, endpoint detection and response (EDR) integration, product strategy, and customer success. This acknowledgment is the latest testament to Microsoft’s continued innovation as a best-of-breed solution for email and collaboration security.
Valimail joined the Microsoft Intelligence Security Association3 (MISA) to transform Domain-based Message Authentication, Reporting, and Conformance (DMARC), one of the most reliable—yet often incredibly complex—ways to successfully strengthen email security. Valimail Authenticate, the first true DMARC-as-a-service offering, gives Microsoft Office 365 users free visibility into every service sending emails under their domains, plus additional tools to achieve DMARC enforcement faster than with any other solution.
Instead of struggling to set up DMARC or hiring expensive consultants to reach enforcement, Microsoft customers can use Valimail Authenticate to automate the process of DMARC enforcement using simple, guided workflows.
The combined power and deep integration of these two technologies is in the results: Microsoft users, such as the MLB, Uber, Citgo, Nestle, and the Department of Transportation currently reduce email fraud, increase deliverability across every domain, and protect their brands’ reputations.
DMARC-as-a-service: A new approach to email security
For those who have only heard of DMARC in passing or not at all, it might sound like just another enterprise email acronym. However, DMARC enforcement has already proven to be a valuable protector of enterprise email. According to Gartner®, DMARC is one of the top 1o security projects4, based on Gartner forecasts and adjusted for the impact of COVID-19. The problem with most approaches to DMARC, however, has been in the tenuous implementation.
Here is some quick context on what DMARC is, and how many cycles IT has had to spend working with it in the past. At its most simple definition, DMARC is a way to tell other email servers that messages coming from your domains are legitimate. Typically, IT would insert a line of code in a text record under DNS settings for each domain, which triggers recipient servers to send a report of every IP address claiming to be valid senders from your organization.
v=DMARC1; p=reject; rua=mailto:dmarc_agg@vali.email
Someone would then need to read through sender lists in XML, confirm that each IP address is connected to an approved service, set up DomainKeys Identified Mail (DKIM) and Send Policy Framework (SPF) individually for each, and check back regularly to see if new suspicious senders have appeared.
This process can be tedious. That’s why many companies are genuinely concerned about email fraud and deliverability never finish the DMARC projects they start. Last year alone 53,000 companies added a DMARC record, with only 10 percent successfully getting themselves to enforcement. Valimail Authenticate removes the significant manual upkeep from email security workflows, making the whole process seamless for Microsoft Office 365 users. Microsoft Office 365 users can get free visibility into their environment and turn on Valimail Authenticate with a single click.
How Microsoft Office 365 and Valimail Authenticate work together
Microsoft launched Office 365 to drive an industry-wide shift toward cloud-based services and API-driven integrations. As cloud became the norm for even the most security-conscious enterprises, companies authorized more and more vendors to send an email on their behalfs—such as Salesforce, Marketo, Splunk, Workday, DocuSign, Twilio SendGrid, and more.
Valimail built Authenticate to address this new, cloud-connected landscape. By automating the identification of email senders and the subsequent policy-setting needed to keep domains protected, Valimail Authenticate offers users a modern, efficient path to DMARC enforcement. Native integration to Microsoft Office 365 ensures Microsoft customers don’t have to worry about configurations, manually identifying senders, or pulling in extra resources to get DMARC done right.
Here’s how Microsoft Office 365 customers can get started with Authenticate and reach DMARC enforcement in just a few minutes:
Figure 1. Microsoft users can get started with one click. Authenticate configures DNS settings for DKIM and SPF automatically behind the scenes.
You’ll then run through a few steps that help Authenticate enforce your DMARC policy. First, Authenticate will automatically match all your known email senders with its existing catalog—you won’t see IP addresses, you’ll see the names of services you know.
Figure 2. Get free visibility into the services sending email under your domain.
For unrecognizable or possibly fraudulent services, quickly mark them to be blocked or quarantined. You’ll be notified if any new ones are found later, so you’ll never wonder if you’ve caught everything.
Figure 3. Guided task lists make Authenticate easy for anyone to use; work through each task to authenticate domain services in a simple, intuitive workflow.
Authenticate will ensure your SPF and DKIM records stay up to date. If you ever need to check the logs or do a technical deep-dive, you can access detailed information on your DMARC settings whenever you wish.
Figure 4. Authenticate shows you what’s happening for every domain and service at every stage of the process.
Together, Microsoft’s unparalleled protection through Microsoft 365, coupled with Valimail Authenticate, makes protecting your domain globally as easy as 1, 2, 3. It starts with Microsoft 365 users getting free visibility into DMARC enforcement, plus a free trial of all the features of Valimail Authenticate. Get started today.
About Valimail
Valimail is the global leader in Zero Trust email security. The company’s full line of cloud-native solutions authenticate sender identity to stop phishing, protect brands, and ensure compliance; they are used by organizations ranging from neighborhood shops to some of the world’s largest organizations, including Uber, Splunk, Yelp, Fannie Mae, Mercedes Benz USA, and the US Federal Aviation Administration. Valimail is the fastest-growing DMARC solution with the largest global market share and is the premier DMARC partner for Microsoft 365 environments. For more information visit their website.
Learn more
To learn more about the Microsoft Intelligent Security Association (MISA), visit our website where you can learn about the MISA program, product integrations, and find MISA members. Visit the video playlist to learn about the strength of member integrations with Microsoft products.
To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.
1Internet Crime Report, Internet Crime Complaint Center (IC3), Federal Bureau of Investigation, 2020.
2Forrester names Microsoft a Leader in the 2021 Enterprise Email Security Wave, Rob Lefferts, Microsoft 365 Security, 6 May 2021.
3Valimail Joins Microsoft Intelligent Security Association, Cision, PR Newswire, 25 September 2018.
4Smarter with Gartner, Gartner Top 10 Security Projects for 2020-2021, Kasey Panetta, September 15, 2020. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
READ MORE HERE