Question
I am attempting to recall the name of a recently-introduced relatively new type of security measure for email. It uses a brand or logo-based approach to add an extra layer of security protection. Unfortunately, I cannot remember the name of this security system. Does anyone know what this security system is called?
Answer 1
There are several types of email security measures which have been developed in recent years to protect email, so it’s possible that you are thinking of one of a few different options. Here are a few possibilities:
DMARC (Domain-based Message Authentication, Reporting, and Conformance)
DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a security protocol that allows domain owners to publish a policy in the Domain Name System (DNS) specifying which mechanisms are used to authenticate email messages sent from their domain. DMARC helps protect against email spoofing, where attackers send email messages that appear to be from a legitimate sender but are actually fraudulent. It uses authentication technologies like SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) to verify the sender’s identity and ensure that the email is legitimate.
SPF (Sender Policy Framework)
SPF (Sender Policy Framework) is a security measure that allows domain owners to specify which mail servers are authorized to send email on their behalf. This helps prevent email spoofing by allowing email servers to check the sender’s domain and verify that the message is coming from an authorized server.
DKIM (DomainKeys Identified Mail)
DKIM (DomainKeys Identified Mail) is a security measure that uses digital signatures to verify the authenticity of email messages. When an email message is sent, a DKIM-compliant server signs the message using a private key. The recipient’s server can then use a public key, published in the DNS, to verify the signature and determine that the message is legitimate.
PGP (Pretty Good Privacy)
PGP (Pretty Good Privacy) is a type of email encryption that allows users to encrypt and sign their email messages to ensure that they are only readable by the intended recipient. PGP uses a combination of symmetric and asymmetric encryption to secure messages and ensure their authenticity.
TLS (Transport Layer Security)
TLS (Transport Layer Security) is a security protocol that is often used to protect email communications. It works by encrypting the data that is transmitted between email servers, making it difficult for anyone to intercept and read the messages.
S/MIME (Secure/Multipurpose Internet Mail Extensions)
S/MIME (Secure/Multipurpose Internet Mail Extensions) is another standard that is used to secure email communications. It works by using digital certificates and public-key encryption to authenticate the sender and protect the privacy of the message.
OpenPGP
OpenPGP is a standard for encrypting and signing electronic messages and files, used to secure communication over the internet. It is based on the PGP (Pretty Good Privacy) software developed by Phil Zimmermann in the 1990s. OpenPGP is an open standard, which means that it is not owned by any company or organization, and anyone can use it for free.
OpenPGP uses public-key cryptography, which means that each user has a public key that they can share with others, and a private key that they keep secret. When a message is encrypted with a recipient’s public key, only the recipient’s private key can decrypt it. This allows the sender to send a secure message to the recipient, even if the message is intercepted by an attacker.
OpenPGP is supported by a number of different software applications, including email clients, file archivers, and messaging apps. It is often used to secure emails and other types of electronic communication, as well as to protect sensitive data stored on computers or other devices.
Sensitivity label in Microsoft Purview Information Protection
In Microsoft Purview, a sensitivity label is a classification that is applied to data to indicate its level of sensitivity and the appropriate level of protection that should be applied to it. Sensitivity labels can be used to help organizations manage the security and access control of their data, and to ensure that only authorized users have access to sensitive information.
Sensitivity labels are typically used to classify data based on factors such as its value to the organization, the potential impact of a data breach, and the regulatory requirements that apply to the data. For example, a sensitivity label might be applied to data that is confidential, sensitive, or highly regulated, and might require additional security measures such as encryption or access controls to protect it.
In Microsoft Purview, sensitivity labels can be applied to data stored in a variety of different locations, including files in SharePoint and OneDrive, emails in Exchange, and data in Azure SQL databases. Once a sensitivity label has been applied to data, it can be used to enforce security policies, such as data loss prevention (DLP) rules and access controls, to help protect the data from unauthorized access or disclosure.
I hope this information helps! If you can provide more context or details about the type of security measure you are thinking of, I may be able to give a more specific answer.
Answer 2
It’s possible that you are thinking of the brand/logo-based approach to email security called DMARC, or Domain-based Message Authentication, Reporting & Conformance. DMARC is a security standard that helps protect email users from spam, phishing, and other types of email fraud by authenticating the sender of an email message and allowing the recipient’s email server to check the authenticity of the message. The DMARC standard allows the owner of a domain to publish a policy in their DNS records that specifies which mechanisms are used to authenticate email messages sent from their domain, and what to do if a message fails authentication.
