How to control Business email data-leak?

emailleakprotection

For most of the companies, over 70% of your business critical information reside in your emails and there are many ways by which mail data can be leaked electronically from a company like inappropriately printed info, copying to pen drive, writing the data to a DVD/ CD or any other portable storage device.

BYOD Smart phones / devices with combination of high storage capacity, high speed data access and loads of apps to leak mail data – email, messaging and social network access are the most dangerous all-time device for stealing or leaking company mail data.

And last but not the least, email data theft also happens inadvertently with loss of company laptop or mobile devices.

Particularly data theft through email is on rise as any sensitive data can be emailed instantly to desired email address and can be accessed from anywhere in the world. Individual’s identity theft via suspicious e-mail or phishing is one such similar attempt made by fraudulent.

Allowing personal email pose a risk for data theft like sending data out via Freemail is difficult to monitor. As personal email account are beyond the control and scope of corporate investigations.

So it is essential to choose a secure business email hosting which provide all granular features like advanced security, administrative privileges, spam protection to manage and control the user accounts across your company.

Few more preventive ways for protecting data include regular restrictive use of storage and portable devices, scan of data stored on internal network, access of document based on confidentiality, educating the employee regarding data theft, encrypting corporate or business data and use of commercial data loss prevention solution.

Discover how Rediffmail Enterprise premium cloud email solutions can provide high security, custom anti-spam & anti-virus controls, data leak protection via restriction of mail & attachment access & flow, Mail monitoring, backup & restoration, Password policy, 2 Factor authentication and many other features.

Is your Business email Spoof-protected?

Email Spoofing complaints are on rise & common methods adopted by scamsters is to send an email to your users from an anonymous proxy using your own domain.

How Email Spoofing is Identified?

Rediff Entperise Mailing make best efforts to track and block such attempts of spoofing through DKIM. All mails sent using Rediff SMTP are signed using DKIM technique If the mail is intended for internal (same domain) users, then DKIM signature can be verified on receipt & delivered in inbox. Mail failing to verify will be considered as SPOOF

DKIM primarily is useful in identifying spoof of same domain mails as it verifies mails sent by Rediff SMTP However there is a possibility some mails are sent using SMTP of other Service provider. For instance, Your domain is used to send some mails using third party system(SMTP) like Payroll, CRM, Email Marketing, etc. Such emails may not be signed using DKIM.

This could create a problem as Legit Mails will be identified as SPOOF, to avoid same SPF record must be added in your DNS wherein if IP address of such systems will be mentioned. We will check the IP from which the mail is sent & once verified we can be sure that the mail is not spoofed.

What is SPF?

SPF (Sender Policy Framework) is a system to help domain owners specify the IP addresses of servers which are authorized to send mail from their domain. The objective is that your recipient’s mail systems can check to make sure that the server sending email from that domain is authorized to do so. This helps in reducing the chances of email spoofing. Mail servers that accept emails do a SPF check by looking up the SPF record of the sender.

How to add SPF record?

SPF record is a Domain Name Service (DNS) TXT record that specifies which mail servers are permitted to send email on behalf of your domain. SPF is added the same way as a regular A, MX, or CNAME record.

If you do not use any third party system to send emails from your domain, then your SPF record should be as follows: “v=spf1 redirect=_spf.rediffmailpro.com”

If you use any 3rd party system to send emails from your domain, then SPF record should also include the IP or subnet of the machine sending those mails as follows:”v=spf1 ip4: include:_spf.rediffmailpro.com -all”

The IP or subnet will be shared by your other service provider & same is to be included with our SPF records as explained above. This will help to identify legit mails & not categorize them as SPOOF

Button-KnowMore

Protect your brand identity using DMARC

Cyber criminals are known to impersonate well known brands and use the brand’s trusted reputation to send emails to recipients and orchestrate an imposture.  The victims end up giving away sensitive information like credit card pins, passwords, or even end up making payments to the imposters.

Domain-based Message Authentication, Reporting & Conformance i.e. DMARC protects your organization against such email threats.

Therefore, for an organization who sends emails to its customers, DMARC ensures that legitimate email is authenticated and the sender’s identity is verified by the recipients’ email service provider. Fraudulent emails appearing to come from domains under the organization’s control is blocked. The organization can even include domains that do not send mails or even defensively registered domains in its DMARC policy.

Inbound emails that fail DMARC authentication do not reach the recipient’s Inbox, thus filtering out phishing mails. So, if you get an email from the Income Tax department with a “From” address having intimations@cpc.gov.in, did cpc.gov.in really authorize that message?

DMARC builds on two existing and widely deployed email authentication techniques, the Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM).

Two key values of DMARC are domain alignment and reporting.

Phishing emails generally abuse the visible “From” header of emails by forging it. DMARC’s alignment feature prevents spoofing of the “From” header address by:

  1. Matching the “From” header domain name with the “envelope from” domain name (also know as the “return-path” address ) used during an SPF check, and
  2. Matching the “From” header domain name with the “d= domain name” in the email’s DKIM signature.

DMARC allows responsible organizations to instruct email providers who receive emails from the domains that they own, on how to handle unauthenticated emails via a DMARC policy, removing any guesswork on how to deal with messages that fail DMARC authentication.

What sets DMARC apart from other email authentication protocols is its reporting function. With DMARC, you can see who is sending email on behalf of your domain, your brand, and prevent spammers from using it to send fraudulent email.

The reporting feature of DMARC means that DMARC enabled receivers will tell you:

  1. How many messages they’ve received using your domains in the From: address
  2. Where these messages came from
  3. Whether these messages passed DKIM and SPF checks.

For Inbox providers, it is easier to determine that messages are not bad. Such emails are more likely to get delivered to the recipient’s mail quickly and without mistakes. Thus setting up a DMARC policy and choosing a right service provider to send your emails only helps in strengthening your brand’s reputation.