DMARC Compass™ is a comprehensive tool that provides clear visibility into your e-mail delivery environment. Email is a mission critical channel for most companies, but it has also become a major source of distrust. Most major attacks still use email as a launching pad, and users are taught to be wary of incoming messages. This lack of trust effects your ability to effectively communicate, market and sell via email! DMARC (Domain Message Authentication Reporting and Conformance) stands to change all that by providing visibility into email flows, telling email receivers to delete spoofed messages, and ensuring that only legitimate emails are delivered to inboxes from protected domains. In this presentation, we will cover: - The importance of building trust in your email communications - How to shine a light on all your email servers using the DMARC rails - The best way to consolidate, visualize and make sense of DMARC reporting data Watch the replay here: http://www.easysol.net/resources-who-is-using-your-domain

1. Who is using your domain for phishing & spam?
DMARC Compass™
Dan Ingevaldson
CTO

2. Email is a mission-critical communication channel for most
companies.
Over 205billion emails are sent and received every day (112.5
billion business emails).¹

3. Email has also become an untrusted channel.
Thanks to spam and phishing scams, users are
taught to be wary of incoming messages.
59.2%
2015 Proportion of Spam in Email²
Spam
97% of people globally are unable
to correctly identify phishing
emails³

4. This lack of trust impacts a company’s ability to
effectively communicate, market, and sell to
customers via email.
In 2014, email ROI reached 2,500%.⁴

5. (Domain MessageAuthentication, Reporting and Conformance)
DMARC
…stands to change all that.

6. DMARC
• Provides visibility into email flows
• Tells receiving servers to delete spoofed messages immediately
upon receipt
• Ensures only legitimate emails are delivered to inboxes

7. Getting started with DMARC
is easy. Any email sender and
receiver can use the DMARC
rails provided by the global
community.

8. Free use of the rails provides access to the critical, raw
reporting data that helps you see who is sending email
and who is spoofing your brand.

9. Can be deployed in Monitor,Quarantine or Reject mode.
DMARC

10. Monitor
A domain owner can begin using DMARC in "monitor mode" to
collect data from participating receivers.

11. Quarantine
As the data shows that their legitimate traffic is passing authentication
checks, they can change their policy to request that failing messages
be quarantined.

12. Reject
As they grow confident that no
legitimate messages are being
incorrectly quarantined, they can
move to a "reject" policy.

13. It is impossible for spoofed email to be delivered
to DMARC-protected email servers.

14. “DMARC protects more than 85% of the people who
receive and send e-mail from Facebook”
Michael Adkins, Facebook
“Implementing DMARC stopped nearly 25 million
attempted attacks on our customers during the 2013
holiday season alone” Trent Adams, PayPay / Ebay, Chair of DMARC.org
Does it work?

15. The DMARC Standard
DMARC is an IETF Draft Specification that allows email receivers to determine if
an email is authentic and what to do if it is not

16. DMARC Compass™ a comprehensive tool that provides clear
visibility into your e-mail delivery environment

17. What is needed forCompleteVisibility?
Putting DMARC into Context
% of Incidents from DMARC?
<20%
Hacked
Sites
Social Media
Fraudulent
Domains
DMARC
Malware/MobileApps
Non-spoofed Phish
Active Monitoring
DMARC on its own is not a complete fraud strategy – but anything that provides some visibility is a win.
Make sure that you have other layers in place to protect against these other threats.

18. ProactiveThreat Detection andTakedown
18
DMARC Compass™
Detect Monitoring Service™
Threat Reduction
Attack Deactivation

19. Why from Easy Solutions?
19
* 2014, Top 40 US Bank

20. Differentiators Initiate server takedowns backed
by 24/7/365 Security Operations
Center
Full Restful API to leverage
Compass data elsewhere in your
stack
Customized reporting for
analytics
Shares intelligence with the rest
of our products

21. Determine your server policies through Compass Explorer
Deploy DNSTXT record
Monitor results in Compass portal
Authorize, deauthorize servers as they are identified
Migrate DNS policies for stricter e-mail handling
Deployment

22. Learn more: DMARC Compass
Contact us: info@easysol.net

23. Sources:
1. http://www.radicati.com/wp/wp-content/uploads/2015/02/Email-Statistics-Report-2015-2019-Executive-
Summary.pdf
2. https://securelist.com/analysis/quarterly-spam-reports/69932/spam-and-phishing-in-the-first-quarter-of-
2015/
3. http://www.information-age.com/technology/security/123459514/think-you-can-spot-scam-97-people-
wouldnt-know-phishing-email-if-it-hooked-them
4. http://www.cmo.com/articles/2015/1/6/15_stats_marketing_ROI.html