Valimail Enforce – Government Edition
Valimail provides the most efficient and effective way to protect government domains from spoofing and fraudulent use. Valimail delivers the only FedRAMP authorized Domain-Based Message Authentication, Reporting & Conformance (DMARC) cloud solution to protect government domains that provide:
- Worldwide visibility of inbound and outbound phishing attacks using your domain
- Automated and secure management of key standards (SPF, DKIM, and DMARC)
- Centralized management of DMARC reports and one-click sender authorization
Example of a report showing fraudulent email over 30 days originating from foreign countries spoofing the domain of a major US federal agency
Valimail’s Enforce – Government Edition platform is the only DMARC commercial solution to receive FedRAMP, SOC 2, and Privacy Shield certifications. It automates all aspects of DMARC enforcement as described in NIST SP 1800-177, which is recommended for U.S. State, Local, Tribal, and Territorial (SLTT) organizations to implement by the Multi-State Information Sharing and Analysis Center® (MS-ISAC®) and U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA).
The complexities of developing and maintaining DMARC authentication in today’s cloud environments with numerous internal and external third-party services can make DMARC enforcement very difficult to implement and maintain over time. Most enterprises have low success rates in achieving enforcement (typically a 20-40% success rate after 12 months), and mistakes that unintentionally disrupt or block good email are common. To address the needs of today’s complex hybrid cloud environments, Valimail developed a purpose-built Software-as-a-Service (SaaS) to simplify and automate the manually intensive and time-consuming process of configuring, deploying, and maintaining DMARC enforcement. Valimail’s cloud-based solution is hosted in a secure Amazon Web Services (AWS) platform and enables an automated approach to the complexities of DMARC enforcement. Valimail assigns a dedicated DMARC engineer to each customer to understand their email enterprise and handle all nuances of DMARC enforcement. This minimizes the demands on internal IT staff and greatly simplifies achieving DMARC enforcement with an average success rate of greater than 95% in 3-6 months.
Valimail Enforce Platform
Valimail has built the first cloud-based solution to automate the intricacies of implementing DMARC. The platform gives customers control and visibility over who can send an email on behalf of their domain. Specifically, the platform provides insight into all services (entities), both internal and external, sending email using their domain. Using this visibility, customers can authorize/deauthorize services and prevent domain impersonation and phishing attacks. The Valimail platform automatically identifies over 3,000 third-party services for rapid identification and authentication. Through a unique approach, Valimail has abstracted the steps and effort needed to set up DMARC to a simple “point and click” configuration. This automated approach to DMARC implementation has three main benefits:
- Allows for simpler configuration of email authentication, making it accessible even to non-technical users.
- Automates the process to reduce the cost of implementation by several orders of magnitude. This has enabled Valimail to offer a solution that is priced appropriately for any organization that wants a low cost, easy to implement DMARC solution.
- Fixes several existing issues with email authentication, most notably removing the existing restriction on the number of third-party services who can legitimately send emails on your behalf of a single domain (the 10 SPF lookup limit).
Valimail Enforce – Government Edition
Valimail is dedicated to helping federal, state, and local governments achieve DMARC enforcement and restore trust in email communications to the public for which they serve.
In 2017, the Department of Homeland Security (DHS) issued Binding Operational Directive 18-01 (BOD 18-01) mandating all federal executive agencies implement DMARC to protect federal government domains from phishing, spoofing, and fraudulent use. To support federal agencies in complying with the DHS mandate, Valimail worked with the General Services Administration (GSA) to fast-track the Enforce platform to achieve FedRAMP authorization for government use (FedRAMP is a strict set of security and auditing requirements to validate commercial cloud-based services for federal government use). This platform is now available to help protect all state and local domains from spoofing and fraudulent use.
The Valimail Enforce platform is the only DMARC commercial solution to receive FedRAMP, SOC 2, and Privacy Shield certifications. Valimail’s Enforce – Government Edition platform supports and automates all aspects of DMARC enforcement as described in NIST SP 1800-177, which is recommended for SLTT organizations to implement by the MS-ISAC and US DHS Cybersecurity and Infrastructure Security Agency (CISA).
Valimail is available on numerous government contract vehicles, including GSA, NASPO Cloud Services, NIAC, and through major government resellers (CDW-G, SHI, Carahsoft, etc.). Through CIS CyberMarket®, all MS-ISAC and Election Infrastructure Information Sharing and Analysis Center® (EI-ISAC®) members, as well as other SLTT government organizations, associated nonprofits, and public educational and healthcare institutions, can purchase Valimail Enforce – Government Edition at a 5% discount from current commercially available published rates.
For more information, contact:
Director of Public Sector, Valimail