A project-based approach
Each project maintains the necessary education, training and policy enactments to ensure you can be self-sufficient in managing your domain catalog and email footprint when the project comes to conclusion.
Deployment projects commence with education and training modules to ensure you understand the entirety of the program scope and can take action with the appropriate context. Sessions take the form of weekly meetings championed by the Deployment Manager and include a screen-share meeting room, option to record, and leave-behind assets.
dmarcian’s project-based approach begins by collecting a list of all domains (both active and parked) to build a complete domain catalog. The full benefit of DMARC deployment can only be achieved if deployed across all domains for an organization. This protects the parked (inactive) domains from abuse, and makes managing future domains and vendors much easier.
Once all domains are collected, DMARC records are published with a policy set to p=none. This “monitoring mode” collects data for each domain so that Sources of legitimate email can be identified. A “Source” is any infrastructure that is capable of sending emails on behalf of a domain (this can include third-party services like newsletters, hosted infrastructure like MicroSoft O365 or G Suite, or your own infrastructures).
Sources come in different shapes, sizes, and levels of DMARC preparedness. By leveraging our relationships with senders, email service providers, and an organization’s vendor management staff, dmarcian has the ability to identify, onboard, manage, and integrate with as many Sources as possible to perform an impact analysis and create an accurate implementation plan.
The goal of deploying DMARC is to control the use of an organization’s email domains; beyond that, dmarcian’s deployment work also creates new business processes by creating checklists and escalation paths to manage vendors. Our vendor management process can identify DMARC maintenance issues whenever vendors are onboarded, services are terminated, or if a change in a vendor relationship causes a shift in how the vendor sends email on behalf of the organization (e.g. a vendor may have improved their ability to support DMARC).
To execute this deployment and management work, dmarcian requires minimal support from the organization. We will need access to the vendor management process to identify contacts and coordinate changes; in addition, we will need the organization to review and approve DNS changes.
Once support for DMARC is successfully folded into your existing processes, ongoing management and monitoring of your domain catalog and DMARC compliance will become a much more assured concept.