• ProgIST CyberSec Division

Gmail integrates BIMI – DMARC being the key for Brand Authentication


Image Source: Google



GOOGLE ANNOUNCES MAJOR SECURITY ENHANCEMENTS

GMAIL TO GET SAFER


In a recent announcement, Google has come up with a bundle of security enhancements for G Suite services, and one of the biggest announcements is about Gmail. Last year, Google announced its alliance with the Brand Indicators for Message Identification (BIMI) group, which enforces an email feature that adds brand logos to authenticated emails.


Google confirmed that their BIMI pilot will enable organizations, who authenticate their emails using DMARC, to validate ownership of their corporate logos and securely transmit them to Google. Emails are authenticated using the existing DMARC system. Once these authenticated emails pass all of the anti-abuse checks, Gmail will start displaying the logo in existing avatar slots in the Gmail UI.


Google said it will kick off a pilot of the technology within Gmail in the coming weeks with a limited number of senders, and with two Certification Authorities to validate logo ownership: Entrust Datacard and DigiCert. Which means we can expect to see those kinds of indicators popping up in the existing avatar box. To prepare for the post-pilot launch of BIMI and to generally help secure the ecosystem, Google encourages organizations to start adopting DMARC.


BIMI facilitates advantages to the entire email ecosystem. By requiring strong authentication, both users and email security systems can improve trust in the source of emails, and senders will be able to boost their brand trust and provide an enhanced immersive experience to their customers.


BIMI is a great opportunity for organizations that want to create a trusted brand presence over email encouraging them to implement strong authentication leading to a more trusted, safer email ecosystem for mail users.


How does DMARC help?


To explain in short, DMARC – developed in 2012, is a protocol that uses both SPF and DKIM authentication to secure email, and additionally has a mechanism that sends the domain owner a report whenever an email fails DMARC validation. This means the domain owner is notified whenever an email sent by an unauthorized third party.


Click here to read our article to learn more about the DMARC deployment roadmap.


Every new invention brings its new challenges. Every new challenge pushes us to find a new way to overcome it. DMARC has been around for some years now, still phishing has existed for much longer. As new organizations are born each day, email security is important and plays a vital role in every organization and there should be necessary actions taken to make sure there is no security breach. It becomes the responsibility of every business to protect themselves, their clients’ and employees' sensitive personal information.


At ProDMARC, we’re here to help you meet this new challenge with ease.! ProDMARC as a product built on a mission to achieve a secure and spoofing free email channels across all of internet space; makes reporting of DMARC, providing volumes and trends of the outbound mails including that of phishing campaigns and yield confirmation for reliability of the outbound mails in terms of SPF, DKIM & DMARC conformance; smooth and uncomplicated.


Summarizing, ProDMARC helps improve customer and third party trust in email communications.


Considering the economy being in slump, ProDMARC announces a limited-time offer during the ongoing pandemic — 15 days of DMARC health assessment report, completely free for all organizations who wish to gain visibility of the mail based phishing threats which are at an all-time high.


Sign up for your 15 day ProDMARC trial by writing to us on info@progist.net.

  • LinkedIn
  • Twitter
  • Facebook

© 2020 by Progist.