Red Sift and the BIMI pilot program

Google has announced its pilot for a new standard they’ve been working on: BIMI (Brand Indicators for Message Identification). This brand new standard will help to boost the adoption of authentication, allowing domain owners to send their logos securely, along with email messages.

Here at Red Sift, we’re continuing to explore ways to support the certification process of BIMI when it launches early next year. You may, or may not, know that BIMI actually starts with DMARC. If you’re wanting to take advantage of the BIMI standard, you must first have your domain in a policy of p=quarantine or p=reject. To find out where you’re at on your journey, use our free Investigate tool to check your DMARC status.

In order to get you up and running as seamlessly as possible, we’re joining forces with our technology partners for BIMI, Entrust Datacard. In order to be ready for BIMI, you need to first obtain a Verified Mark Certificate (VMC) from a Certification Authority like Entrust Datacard. Entrust Datacard will then validate ownership of the logo with the relevant trademark office and will then issue you a VMC. The issue of VMCs is limited during the pilot so don’t hesitate to get in touch with Entrust Datacard.

All of us at Red Sift are very excited about the BIMI pilot program and the positive impact it’ll have on the email experience post-delivery.

PUBLISHED BY

Red Sift

23 Jul. 2020

SHARE ARTICLE:

Categories

Recent Posts

VIEW ALL
Cybersecurity

Attackers are abusing Microsoft 365: Here’s how to stay protected

Jack Lilley

Executive summary: Varonis has surfaced an active phishing campaign that spoofs internal users by abusing Microsoft 365’s Direct Send feature. Because Direct Send doesn’t require authentication and is treated as “internal,” these messages often bypass the checks you rely on for outside mail. Microsoft now offers an opt-in switch, RejectDirectSend, to block the pathway,…

Read more
BEC

SVGs with JavaScript are bypassing traditional email security: Learn how to stay…

Jack Lilley

Executive summary: Hackers are hiding JavaScript inside SVG attachments that pass as harmless images, and slipping past Secure Email Gateways (SEGs). To stay secure, organizations need to enforce a DMARC policy of p=reject, easily implemented with Red Sift OnDMARC, to stop compromised SVGs before they reach the end user. Key takeaways: Scalable Vector Graphics…

Read more
DMARC

More than 50% of US banks remain vulnerable to phishing attacks

Stuart Rogers

Executive summary: Over half of major U.S. banks remain exposed to phishing attacks because of weak or absent DMARC enforcement, despite rising cybercrime losses and increasingly sophisticated email threats. Operational challenges, regulatory gaps, and underestimation of risk hinder stronger protections, putting customer trust and financial stability in jeopardy. Key takeaways Email remains the primary…

Read more
Product Release

Stream Red Sift telemetry to Sentinel, Splunk, and more with Event Hub

Francesca Rünger-Field

Event Hub is a new capability that streams real-time, structured security events from Red Sift products into the platforms security teams already use: SIEMs, SOARs, XDRs, ticketing tools, messaging platforms, and cloud storage. It enables faster, more consistent response by pushing telemetry directly into the workflows where detection, triage, and remediation already happen. Whether…

Read more