“Just when you thought it was safe to go back in the water...”
― Peter Benchley, Jaws
It is a scary world out there. We know that upwards of 70% of network breaches start with phishing attacks coming from emails.
I can assure you that right now fraudulent emails are traveling around the world using your domain name. No one is immune.
Over and over I am contacted by districts about phishing emails that "got through" or emails purporting to be from the district being received by people inside the district trying to compromise your networks.
This is a whole lot like trying to hold back the ocean, but we have to do all that we can do and the definition of "all" is a moving target. Cybersecurity insurance companies are getting more and more stringent about acceptable risk in their renewals. You need to be able to demonstrate that you are doing everything that you can reasonably do in protecting your district.
One area that can be complicated to fully understand is making sure your SPF and DKIM and DMARC external DNS records are properly configured.
We have talked about this over the last few years in various ways. However, the industry's best practices guidelines have evolved. Also, some recommendations were flat out wrong as industry experts have contradicted themselves in understanding the requirements for SPF.
We are going to revisit those topics with some fresh information such as:
- Setting DMARC from report to quarantine
- The SPF rule of 10 and how to properly work around it.
- The emerging BIMI standard
- Alignment
- Spam filters and how they interact with your in-district phishing education
- Email Encryption
- The murky world of sender reputation
To watch this recording click here.
-Scott Quimby |
|
You must be logged in to post a comment.