Government

dmarcian: people helping people with DMARC

DMARC for Government Agencies

How are you protecting public resources from email fraud?

More and more, cyber criminals are employing social engineering to impersonate a government vendor or a government official to redirect payments, gain network credentials, and steal personally identifiable information.

That’s one reason Congress ratified a DMARC mandate in the 2021 National Defense Authorization Act. The mandate requires that all United States-based email providers implement DMARC at scale. In 2017, dmarcian’s experts assisted the Department of Homeland Security in developing Binding Operational Directive 18-01 – Enhance Email and Web Security, which requires federal agencies to adopt DMARC.

California recognized the importance of DMARC to shield the state from email threats and passed SIMM 5315-A – Email Threat Protection Standard. This regulation directs state entities to use the DMARC authentication and policy enforcement protocol to implement appropriate levels of email domain protection.

Implementing DMARC was one of the best things we did for our email security. dmarcian really made the process of setting it up and monitoring it easy. I like that dmarcian provides us with all the tools, such as policy planner, forensic viewer, creating alerts, etc. Since the initial setup and where we are now, I feel dmarcian makes it easy to maintain and provides detailed visibility into where, how and why emails are working or not.

Frank Taormina, Assistant Director of Information Systems. Rockport, MA Government & Educational Services

The parliamentary network is one of the most highly targeted IT systems in the nation. DMARC is critical to preventing cybercriminals impersonating our official site to send phishing emails to constituents and clients and protects the aph.gov.au domain from being used for email spoofing, phishing attacks and cyber crimes. Email is the single most vulnerable pathway to compromise IT systems, and a compromise to the parliament network has significant ramifications for the Commonwealth.

Slade Brockman, Australian Senate President

Get your domains into compliance.

Get started with our free 14-day trial!Contact us

Overview
With a new federal (U.S.) DMARC directive in place, a national laboratory worked with dmarcian under a tight timeline to establish a DMARC record and compliance policy.

Situation
“We knew we had to use a vendor,” says the DMARC project manager. “We conducted vendor comparisons, and pricing and support were major factors. Within three to four months, we had to reach DMARC compliance.”

Challenge
The agency began exploring the scope of the DMARC project and had difficulty assessing and translating the XML data in order to drive decisions. “There were no good reporting structures to follow to discover security issues,” says the DMARC project manager. “Without dmarcian’s dashboard to clarify the data, we couldn’t have fully reached compliance in the short timeframe.”

Result
The agency was under a DHS Binding Operational Directive to deploy DMARC quickly, and they were able to reach full compliance with multiple domains. “The key takeaway from this project was getting your advice in terms of our approach,” says the DMARC project manager. “Without dmarcian’s assistance and support, we would have had difficulty navigating the DMARC deployment process.”

With proven experience as trusted partners in the government sector, dmarcian is here to help state, local, tribal, territorial and international governments deploy DMARC authentication to fight business email compromise, phishing and spoofing with our DMARC Management Platform, educational resources, and expert support.