ondmarc-gartner-market-guide-for-email-security

Red Sift’s OnDMARC is a Representative Vendor for its DMARC Solution in Gartner’s 2020 Market Guide for Email Security

As the adoption of cloud office systems from Microsoft and Google continues to grow, forcing security and risk management leaders to re-evaluate their email security against a modern threat landscape, Gartner has released their Market Guide for Email Security and Red Sift is included as a representative vendor for DMARC and Brand Protection for its OnDMARC solution.

What does this mean?

According to the report, a differentiating capability is “Domain-based Message Authentication, Reporting and Conformance (DMARC) on inbound email. When enforced, it protects internal users from receiving spoofed external messages from domains that have implemented DMARC in rejection mode. This also checks the alignment of the domains used in message header FROM and SMTP envelope MAIL FROM email addresses.”

Why does it matter right now?

Gartner’s Market Guide for Email Security clearly outlines a number of factors related to the market’s direction that IT, security, and risk management leaders should consider in the face of remote working and more socially engineered and targeted attacks on organizations.

“Business email compromise (BEC), the takeover or fraudulent use of a legitimate account to divert funds, continues to grow, and simple payroll diversion scams accounted for $8 million in 2019.”

GARTNER 2020 MARKET GUIDE FOR EMAIL SECURITY

How can DMARC protect against BEC?

With DMARC correctly implemented for your domain(s), you can stop spoofing attacks and shut down email impersonation. 

Gartner mentions, there are two key elements to DMARC.

The first key element is to check DMARC for inbound messages and to honor the response, especially if it is ‘reject’ or ‘quarantine’. This should be implemented as a SEG or MTA as a simple way of preventing spoofed emails from organizations that have implemented DMARC.

The second element is for organizations to implement DMARC for their own email domains. This can be a complex process, and less than 30% manage to get to the point of ‘reject’ or ‘quarantine.’

DMARC implementation essentials 

It might seem quick and easy at first to cover the basics of DMARC for a very basic price, but it may slow you down later if your provider doesn’t go beyond reporting, provide advanced automation, thoughtful design, or innovative tools to help fast track you confidently through your DMARC journey.

Gartner states, “DMARC vendors provide automated tools to overcome the limitations in SPF records as well as being able to identify which services may be sending emails from your domain, streamlining and monitoring the journey to DMARC enforcement. A number of SEG vendors are also offering this capability, often by licensing from a specialist vendor.”

Why OnDMARC by Red Sift?

Our award-winning cloud-based application enables organizations to utilize fast automated business email protection by quickly configuring SPF, DKIM and DMARC for all legitimate email sources in weeks, not months. This is thanks to intelligent automation from internet-scaling databases to surface known and bad senders.

67% of users got to full protection (p=reject) without consulting our support team thanks to the power and sophistication of OnDMARC.

If you’d like to see our clear actionable next steps for yourself you can start reporting for free today simply by signing up and adding a domain here.

Psst… Are you BIMI ready?

At Red Sift, we’re helping our customers prepare for BIMI (Brand Indicators for Message Identification) because DMARC is an essential prerequisite.

According to Gartner’s guide “Brand Indicators for Message Identification (BIMI) builds on DMARC to allow organizations to provide a visual indication that the message comes from a specific brand.” Google supports the standard in G Suite / Gmail and so we’re already working closely on product interaction and partnerships with leading VMC providers to ensure their customers have a head-start on implementing BIMI.

Gartner, Market Guide for Email Security, September 2020
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

PUBLISHED BY

Red Sift

24 Nov. 2020

SHARE ARTICLE:

Categories

Recent Posts

VIEW ALL
Email

The best tools to protect yourself from SubdoMailing

Francesca Rünger-Field

In late February 2024, ‘SubdoMailing’ became a trending search term overnight. Research by Guardio Labs uncovered a massive-scale phishing campaign that had been going on since at least 2022. At the time of reporting, the campaign had sent 5 million emails a day from more than 8,000 compromised domains and 13,000 subdomains with several…

Read more
Product Release

Red Sift’s Spring 2024 Quarterly Product Release

Francesca Rünger-Field

This early into 2024, the cybersecurity space is already buzzing with activity. Emerging standards, such as Google and Yahoo’s bulk sender requirements, mark a new era of compliance for businesses reliant on email communication. At the same time, the prevalence of sophisticated cyber threats, such as the SubdoMailing campaign, emphasizes the continual hurdles posed…

Read more
Email

Navigating the “SubdoMailing” attack: How Red Sift proactively identified and remediated a…

Rebecca Warren

In the world of cybersecurity, a new threat has emerged. Known as “SubdoMailing,” this new attack cunningly bypasses some of the safeguards that DMARC sets up to protect email integrity.  In this blog we will focus on how the strategic investments we have made at Red Sift allowed us to discover and protect against…

Read more
Email

Where are we now? One month of Google and Yahoo’s new requirements…

Rebecca Warren

As of March 1, 2024, we are one month into Google and Yahoo’s new requirements for bulk senders. Before these requirements went live, we used Red Sift’s BIMI Radar to understand global readiness, and the picture wasn’t pretty.  At the end of January 2024, one-third of global enterprises were bound to fail the new…

Read more