Secure Online Communication
Email messaging has per default no mechanism for authentication, and spoofing has become a widespread and increasing problem for companies of all shapes and sizes. We offer several services that enable your emails to become properly authenticated, increasing your general security level.
- Email Fraud Protection: Phishing has become an ever-increasing problem, and the importance of taking the right precautions and educating your organisation cannot be underestimated. We help you implement email security functions such as SPF, DKIM and DMARC, and monitor your email flow using sophisticated tools, in order to detect e.g. fraud attempts, and to make sure that your protection is constantly updated and relevant.
- Client Certificates (Personal ID Certificates): Client certificates enable you to sign and encrypt your emails using the S/MIME protocol. The protocol verifies the sender address, prevents your emails from being tampered with and ensures that no one but the intended recipient is able to read them. Further, the receiver is able to verify that the email is legitimate. The client certificates consist of a key pair – one public and one private. Your private key stays with you and is used to sign outgoing emails and to decrypt incoming emails that have been encrypted with your public key. Your public key is used to verify your signature and encrypt emails sent to you.
Domain Name Watch
Email security services do not prevent ‘non-spoofed’ emails from being sent in your name, e.g. from a misspelled domain name. Our Domain Name Watch service complements Email Fraud Protection by monitoring your domain string (e.g. zacco), informing us of any domain name registrations where your string is included, regardless if it is at the beginning, at the end or in the middle of the domain name, and covers both future as well as past domain registrations. The service can be extended so that it also detects misspellings and other confusingly similar variations, and the number of searches per month customized to your needs.
The primary purpose of the Domain Name Watch service is to detect third party registrations that can be used against you, e.g. for sending false press releases, invoices or harmful material. Misspelled domains, or domains with the same string but with another top-level-domain (e.g. domain.co instead of domain.com), are also widely used in spear phishing attacks, using a method that combines spoofing and cyber/typosquatting, usually in an attempt to retrieve sensitive data or access information from staff in management positions.
SSL – Secure Sockets Layer – has become a fundamental part of web security, and a necessity in the online environment of today. We offer certificates from numerous trusted issuers such as DigiCert, Geotrust and Symantec, among others. Our consultants are able to assist you with all managing aspects of SSL certificates and can guide you through the various options and alternatives, helping you select the certificate best suited for your specific need and situation.
We can also help you analyse, improve and consolidate the portfolio of SSL certificates that you already have, offering you a cost-efficient management that is easy to overview. Furthermore, we assist you in the renewal process, and make sure to inform you in good time before the renewal date for each certificate, helping you avoid the unwanted consequences of an expired certificate.
For further information on our various services within brand protection and trademarks, please visit zacco.com/services or contact one of our consultants.