Mimecast’s 5 steps to stop brand impersonation
Top Business Tech takes a closer look at Mimecast’s The State of Brand Protection 2021 and its key steps to mitigating against brand impersonation.
Mimecast’s The State of Brand Protection 2021 outlines a five-point strategy to assist marketing and security teams in collaborating to develop a brand safety strategy that can meet evolving threats head-on:
1. Bridge the marketing and IT security Siloes
Mimecast shared the story of one interviewee who said: “I only had a suspicion, but it turns out there’s a lot more than we would have ever anticipated — we take down an average of about 10 or 11 fraudulent sites every month, usually within 48 hours of notification.” After this, the interviewee reported that his marketing colleagues then became active partners in combatting impersonation.
2. Use proof of concepts (PoCs) to extend brand protection awareness to all stakeholders
The second point that Mimecast outlines is the need to ensure that the entire organisation educates themselves on the problem through proof of concept. By explaining DMARC in a more simplified manner, instead of relaying its technical complexities, the idea of threat is understandable to a much wider audience, especially that of the c-suite.
3. Use third-party brand protection services
Though many companies have security divisions to mitigate against impersonation, the threats are often fast-moving and hard to track. Given this, Mimecast advises the implementation of a third-party service to protect a brand. Automated services can detect malicious activity in a matter of seconds, as opposed to a manual, in house team, which will take several weeks or months to see a threat.
4. Enforce DMARC
According to Mimecast, Less than a third of SOES 2021 respondents use the DMARC email authentication protocol to stop bad actors from delivering harmful emails that appear to come from their brand’s domain. SMARC requires monitoring, strategic analysis and planning to roll out, which is why Mimecast suggests three phases to its deployment:
1. Monitor: discover the source of the impersonating emails;
2. Analysis: security and marketing teams need to work together to identify illegitimate senders and by setting their DMARC policy to “quarantine” suspicious emails by sending suspicious emails into the recipient’s spam folder.
3. rejection Implementation of a reject policy that will prohibit emails sent from unauthorised senders using the brand’s domain.
READ MORE:
- Inside Mimecast’s The State Of Brand Protection 2021
- ServiceNow delivers new security integrations with Microsoft
- Microsoft and Darktrace join forces to provide self-learning AI cybersecurity to users
- What can corporates learn from digital transformation in the COVID era?
5. Be transparent with customers
As this is an issue that is not likely to go away anytime soon, customers must be educated on the threats that a company faces and the improvements it undertakes. A prime example is the US Internal Revenue Service (IRS), which continuously informing citizens that it will never call to request personal information.
For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!
Follow us on LinkedIn and Twitter
