While some identity management protocols such as multi-factor authentication have made modern advancements, email authentication has been stuck in the 90’s but remains to be one of the most common forms of communication for business and personal use. This makes it an easy target for cyber criminals to conduct phishing attacks.
DMARC in turn is an email authentication, policy and reporting protocol which identifies spoofed phishing emails from cyber criminals by validating the sender’s identity. It allows senders to show that their messages are protected, and tells the recipient what to do if an authentication method fails. Started in 2012, it is now used by major organizations and websites including Gmail, Facebook, and Microsoft.
"Over 4.8 billion inboxes worldwide are currently protected by DMARC policies"
- Global Cyber Alliance
DMARC provides the following additional benefits
- Brand protection, by preventing spammers and phishers from using valid organization names
- Increasing deliverability of valid messages
- Visibility, with reports that provide information on unauthorized systems which send emails using the organization’s domain
DMARC is like an identity check for your organization’s domain.
