Never use a condom with a hole — makes sense?
Or to speak in cloud terms: You need to protect your company’s email as much as you would protect your love life.
Together with a good friend and fellow entrepreneur of mine Philip Siefer from Einhorn Condoms I’ve tried to explain this boring topic in a more fun way (Cloud Condoms — check out below). I hope it not only makes you smile, but also saves you a lot of money.
Emails are like an ID or drivers license on the web. We do most communication with clients with emails, we can reset passwords and we even can ask our bank to transfer money. We trust the email — it has been around for so long. It must be a good thing.
And this is why emails are used for a lot of frauds. The 4 typical ones are: SPAM, Malware, Fraudsters, Phishing. To paint a picture: an email that looks like an email from you is sent to a client of you asking him to change the bank account number. Or internal passwords are asked from people who make their emails look like yours. Think this never happens to you. Trust me it happens every day and we’ve seen these cases causing harm up to 50k EUR.
Or put it the other way around: Just think what would happen if your account is used to harm a client of yours? Do you really want your company to be associated with this? Not really.
How to fix it?
There are three initiatives that help you fix the ‘hole in the condom’ and protect your company email: SPF, DKIM and DMARC.
SPF — Sender Policy Framework
Think of it like an address book with all the good guys in it. Anyone who sends a good package needs to use this address book and it would attract attention right away if anyone not authorized would want to send illegitimate packages from your address.
DKIM — DomainKeys Identified Mail
Think of it like: You can see that your package has not been modified during the transport from them to you.
DMARC — Domain Message Authentication Reporting & Conformance
Think of it like an post-office, which records every package and decides what to do with them when they are coming from not authorized addresses or were modified during the transport.
This can be used in combination with standard security settings like 2-factor-authentication that any modern cloud tool and even social media accounts offers.
Not using one of these methods is like using a condom with a hole as we described in the movie. Not smart.
So fix it. I have asked Blackboat Cloud Advisor Michael to explain all of those features in plain English and for Non-Admins. If you have no clue how these settings look like and what I’m talking about I recommend you to watch the whole video because it might prove a good overview if you are thinking about implementing those features and keeping your emails safe.