How BIMI Avoids Unauthorized (or Fraudulent) Use of Logos

BIMI

BIMI provides email security that stands for Brand Indicators for Message Identification which displays the brand logo next to authenticated emails and allows the email users to recognize and avoid fraudulent messages. There is a type of email authentication protocol named DMARC (Domain-based Message Authentication Reporting, Reporting & Conformance) that is used to ensure that the organization’s domain has not been spoofed.

BIMI is built on DMARC which is used with SPF and DKIM. DKIM stands for DomainKeys Identified Mail works on cryptography and ensures that the email messages you send are not modified in transit whereas SPF stands for Sender Policy Framework which is a form of email authentication that checks and specifies that the email servers from where they are being sent with their domain originate from a specific IP address.

A BIMI checker is easy to use where your domain name is the input and you get the results instantly.

Although it is not mandatory to use BIMI, it’s a good practice and your domain is protected which gives the users or recipients peace of mind about their messages which are authenticated.

With BIMI security in place, there is no way that cyber-attacks which consist of Phishing, or Spear-Phishing attacks would jeopardise the system. In July 2021, the search giants Google with their Gmail service in place had officially rolled out BIMI for all Gmail inboxes.

Currently, BIMI is supported by the following mailbox providers:

  • Fastmail
  • Proofpoint
  • Verizon Media (Yahoo!, AOL)
  • Google

If the email is legitimate inside an email inbox where a company logo is displayed with the help of a BIMI record which is a type of DNS TXT.

How BIMI works

The organizations which use the BIMI for authentication of their emails have to use Sender Policy Framework (SPF) or Domain Keys Identified Mail (DKIM) and apply DMARC which provides their validated trademark logos to the organization via a Verified Mark Certificate (VMC).  BIMI makes sure that your organization has adopted DMARC, and that you have validated your logo with a VMC. VMCs are being issued by two BIMI-qualified Certification Authorities i.e. DigiCert and Entrust Datacard.

Requirements to join BIMI

There is a brand trust developed with BIMI and to be a part of the BIMI there are the following conditions which need to be met:

•             The recipient’s domain needs to be DMRAC authenticated.

•             The recipient’s owner needs to obtain the right certification.

•             A standing history needs to be maintained.

Frequently Asked Questions (FAQ)

Ques 1. What is BIMI?

Ans 1. BIMI provides email security that stands for Brand Indicators for Message Identification which displays the brand logo next to authenticated emails and allows the email users to recognize and avoid fraudulent messages.

Ques 2. Why it is important to have BIMI?

Ans 2. To protect your brand and consumers from fraudulent messages it is important to have strong email authentication and identification.

Ques 3. What is the BIMI record?

Ans 3.  It is a type of DNS TXT that is used to record and display the band logos within recipients.

Ques 4. What is BIMI Radar?

Ans 4. BIMI Radar is used to track the DMARC readiness and the adoption of BIMI with companies and organizations’ domains worldwide on a daily basis.

Ques 5. How to set up DMRAC?

Ans 5. To understand how to setup DMRAC, you need to click here

Ques 6. How to set up a BIMI txt record?

Ans 6.  To understand how to set up a BIMI txt record, you need to click here

Ques 7. What are the steps to implement BIMI for your emails?

Ans 7. The steps involved in implementing BIMI for the emails are:

1.            Implement SPF and DKIM

2.            Implement DMARC with the enforcement policy

3.            Publish a BIMI record

Ques 8. Which tools are used to check BIMI?

Ans 8. The easiest way to check the BIMI is with a BIMI lookup tool which can be chosen from BIMI Group, MX Toolbox, Agari and Valimail.

Ques 9. To which email providers does BIMI is supported?

Ans 9. BIMI is supported by the following mailbox providers:

•             Fastmail

•             Proofpoint

•             Verizon Media (Yahoo!, AOL)

•             Google

Ques 10. What is the reason for BIMI Logo Not Appearing in Emails?

Ans 10. To make sure that the BIMI logo appears in emails first make sure that you have an enforced DMARC Policy (p=quarantine or p=reject) and for Gmail, make sure you have a valid VMC.

If you want to more about it, then just drop an email to info@doctoolss.com or contact the undersigned.

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | Website: www.doctoolss.com| Tumblr: https://www.tumblr.com/blog/doctoolss | Medium: https://medium.com/@doctoolss| Facebook: https://www.facebook.com/DTdoctoolss/| Linkedin: https://www.linkedin.com/in/doc-tools-a302311a9/ | WordPress: https://doctoolss.wordpress.com/

Knowledge Management …!!!

Knowledge Management

What is Knowlege Management?

It is the collection of methods relating to creating, sharing, using & managing the information & knowledge within an organization.

It refers to a multidisciplinary approach to achieving organisational objectives by making the best of knowledge.

KM

Types of Knowlege Management

  1. Explicit Knowlege : Knowledge i.e eazy to write down & share
  2. Implicit Knowledge: Applied Knowledge
  3. Tacit Knowledge: Knowledge i.e. gained through personnal experience

Knowledge Management Process

  • Knowledge Creation: It starts with knowledge that may come from many sources, including employees within an organization or outside individuals.
  • Knowledge Storage: The knowledge must then be structured in a knowledge management system for future use. This knowledge must not only be organized, but it also needs to include security features so that knowledge can be accessed by authorized personnel when needed.
  • Knowledge Sharing: The knowledge organization process is completed by knowledge sharing. This knowledge sharing includes everything from knowledge training to knowledge exchange, where knowledge can be acquired or enhanced through knowledge discussions.

Examples of KM: CMS, Wiki, Data Warehouse, DMS etc.

Source: https://www.ibm.com/cloud/learn/knowledge-management

If you want to more about it, then just drop an email to info@doctoolss.com or contact the undersigned.

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | Website: www.doctoolss.com| Tumblr: https://www.tumblr.com/blog/doctoolss | Medium: https://medium.com/@doctoolss| Facebook: https://www.facebook.com/DTdoctoolss/| Linkedin: https://www.linkedin.com/in/doc-tools-a302311a9/ | WordPress: https://doctoolss.wordpress.com/

Cryptocurrency heard a lot but what is it ???

Blockchain

Today when we all are trying to get back to our normal lives after the struck of the pandemic COVID19, there is still something more which we are reading daily but not understanding it i.e. Cryptocurrency.

Although Cryptocurrency is an ocean itself, here we are trying to understand the basis of it, lets see some technical terms related to cryptocurrency.

What is Cryptocurrency?

Cryptocurrency is a type of digital currency which uses digital files as money.

What is BitCoin?

Bitcoin is the best known cryptocurrency.

What are the Types of Cryptocurrency?

There are many types of cryptocurrency such as BitCoin, Ethereum, Ripple, Tether, Shiba, Sandbox etc.

Bitcoin is the best known cryptocurrency whereas a cryptocurrency is a medium of exchange.

What is Blockchain Technology?

Blockchain is a type of security in cryptography where it uses cryptography encryption to protect every transaction.

In technical terms, blockchain is a system of recording information in a way that makes it difficult or impossible to change, hack, or cheat the system. Each block in the chain contains a number of transactions, and every time a new transaction occurs on the blockchain, a record of that transaction is added to every participant’s ledger.

What is the role of Blockchain in cryptocurrency?

Blockchain forms the bedrock for cryptocurrencies like Bitcoin. By spreading its operations across a network of computers, blockchain allows Bitcoin and other cryptocurrencies to operate without the need for a central authority, by this, it not only reduces the risk but also eliminates many of the processing and transaction fee.

If you want to know more about it, then just drop an email to info@doctoolss.com or contact the undersigned.

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | Website: www.doctoolss.com| Tumblr: https://www.tumblr.com/blog/doctoolss | Medium: https://medium.com/@doctoolss| Facebook: https://www.facebook.com/DTdoctoolss/| Linkedin: https://www.linkedin.com/in/doc-tools-a302311a9/ | WordPress: https://doctoolss.wordpress.com/

Azure vs AWS (Battle for the No.1 Spot)…!!

AWS vs Azure

Day in day out we talk about the cloud and the services provided by them. The market today is led by AWS followed by Azure and catching up are GCP (Google Cloud Platform).

There are around 160+ services provided by AWS and counts are adding up whereas in Azure the services are lesser than AWS but are also getting added up with time.

Let’s have a sneek peek at some of the important services by these market leaders:

AWS EC2 Vs Azure VM

AWS EC2 Instance Vs Azure VM Scale Sets

AWS S3 Vs Azure Blob Storage

AWS Lambda/Fargate Vs Azure Functions

AWS Beanstalk Vs Azure App Service

AWS SQS Vs Azure Queue Storage

AWS ELB (Elastic Load Balancer) Vs Azure Load Balancer

AWS VPN Vs Azure Virtual Network

AWS DynamoDB Vs Azure Cosmos DB

AWS Shield Vs Azure DDoS

AWS RDS Vs Azure SQL DB

AWS Red Shift Vs Azure Synapse Analytics

AWS Rekognition/Lex/Polly/Transcribe Vs Azure Cognitive Service

For more information on the above AWS services, click here

For more information on the above Azure services, click here

We at DocTooLss are certified by AWS & Azure certificates and day in & day out make ourselves well versed with the AWS & Azure ongoing cloud services.

We can even assist our clients in understanding the cloud & the services provided by them, so no need to go anywhere or pay a huge amount of money on online big educational institutions. Just drop an email to info@doctoolss.com or contact the undersigned .

DocTooLss

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | Website: www.doctoolss.com| Tumblr: https://www.tumblr.com/blog/doctoolss | Medium: https://medium.com/@doctoolss| Facebook: https://www.facebook.com/DTdoctoolss/| Linkedin: https://www.linkedin.com/in/doc-tools-a302311a9/ | WordPress: https://doctoolss.wordpress.com/

Let’s Dig Down in AWS…!!

EC2 by AWS

As we know that there are many services which are offered by AWS , lets pick few and try to understand their usage and utility it has for us:

AWS EC 2 (Virtual Servers on Cloud)

  • EC2 stands for Elastic Compute Cloud
  • It is one of the most famous offerings by AWS
  • It is a IaaS platform
  • It is basically renting of VMs
  • Storing data on Virtual Drives (EBS , ELB) and Distributing load across machines
  • Scaling of service using an auto-scaling group (ASG)

There are wide variety of Amazon EC2 Instance types comprise varying combinations of CPU, memory, storage, and networking capacity that gives you the flexibility to choose the appropriate mix of resources for your applications.

Each instance type includes one or more instance sizes, allow you to scale your resources either up or down and in or out to the requirements of your target workload.

Types of EC2 Instance Types

  • General Purpose
  • Memory Optimized
  • Compute Optimized
  • Accelerated Computing
  • Storage Optimized
InstancevCPU*CPU Credits / hourMem (GiB) StorageNetwork Performance
t2.nano130.5EBS-OnlyLow
t2.micro161EBS-OnlyLow to Moderate
t2.small1122EBS-OnlyLow to Moderate
t2.medium2244EBS-OnlyLow to Moderate
t2.large2368EBS-OnlyLow to Moderate
t2.xlarge45416EBS-OnlyModerate
t2.2xlarge88132EBS-OnlyModerate

T2 instances – General Purpose Instance

Source: AWS Website , for more information, click here

EC2 Purchase Options

  • On-Demand Instance
  • Reserved Instance, Convertible Instance and Scheduled Reserve Instance
  • Spot Instance
  • Dedicated Hosts and Dedicated Instance

For more information on these, contact the undersigned

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | Website: www.doctoolss.com| Tumblr: https://www.tumblr.com/blog/doctoolss | Medium: https://medium.com/@doctoolss| Facebook: https://www.facebook.com/DTdoctoolss/| Linkedin: https://www.linkedin.com/in/doc-tools-a302311a9/

What is Vulnerability Management?

Vulnerability management (VM) which is a program that consists of a variety of technologies that identify, evaluates, treats, and reports on security vulnerabilities in a system. There are tools that are used to identify Cyber Exposure risks across an entire organization, and aligns them with your operational goals and objectives.

In cyberseuirty terms there are some important good to know what vulnerabilities, threats, and exploits mean:

  • Cybersecurity Vulnerabilities. A vulnerability is a potential weakness in a security architecture that opens an organization or individual to cyberattacks.
  • Cybersecurity Threats. “Cybersecurity threat” refers to a combination of tools and methods involved in a cyberattack. These threats are not inherent to the network. Instead, they leverage vulnerabilities on the network.
  • Cybersecurity Exploits. Exploits are those when a cybersecurity threat is applied to a vulnerability to conduct some form of malicious activity. Impacts of these exploits may vary by threat and vulnerability type.

LifeCycle of VM

Find below the phases of the Vulnerability Management Lifecycle:

PHASE 1 – The Cloud Platform that provides multiple technologies, including scanner appliances, agents, sensors, and connectors to help you detect and discover both on-premise and cloud-based host assets.

PHASE 2 – The scanners, agents, sensors, and connectors work together to identify host assets throughout your entire enterprise architecture.

PHASE 3 – The primary objective of the assessment phase is to find vulnerabilities on the host assets in your VM subscription.

PHASE 4 – Regardless of the data collection techniques you use, all findings are securely stored in the Cloud Platform, where reporting tools and features allow you to identify the vulnerabilities that pose the greatest risk to your organization, and share these findings with your patch and operational teams.

PHASE 5 – The remediation tools and features built-in to the VM application, will help you to prioritize detected vulnerabilities and identify the vulnerabilities that have been successfully mitigated.

PHASE 6 – Verify any vulnerabilities that have been patched or fixed. This task is performed automatically every time a scanner appliance, agent or sensor provides new assessment data to the Cloud Platform.

Note: The above information on VM lifecycle has been taken from Qualys Training sites, for more information , please click here.

To know more about VM or its best practices please connect with us below.

We make Technology Eazy via Docs

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | WordPress: www.doctoolss.wordpress.com | Website: www.doctoolss.com| Tumblr: https://www.tumblr.com/blog/doctoolss | Medium: https://medium.com/@doctoolss| Facebook: https://www.facebook.com/DTdoctoolss/  | Linkedin: https://www.linkedin.com/in/doc-tools-a302311a9/

Let’s understand Microsoft Azure?

Azure from the family of Microsoft

Azure the cloud platform introduced by the software giants Microsoft. Azure the latest cloud platform among the others famous cloud platforms such as AWS (Amazon Web Services) and Google Cloud. Azure was launched a decade ago in the market.

Azure provides a wide variety of services to its users that can be used without purchasing and provisioning your own hardware. Azure provides solution and rapid development to its resources that may not be possible in an on-premises environment. To people who are new to understand the word on-premise meaning services available on your desktop not on the cloud.

Azure provides a variety of services in its kitty such as compute, storage, network, and application services that allow users to focus on building great solutions without the need to worry about how the physical infrastructure is assembled.


Rulers of Cloud


What are the building blocks of Azure?

Azure App Service and Web Apps that consist of Web Apps, Logic Apps, Mobile Apps, API Apps, and Function Apps.

Azure Services includes many services in its cloud computing platform such as:

Compute services – This includes the Azure Virtual Machines—both Linux and Windows, Cloud Services, App Services (Web Apps, Mobile Apps, Logic Apps, API Apps, and Function Apps), RemoteApp, Service Fabric, and the Azure Container Service.

Data services – This includes Microsoft Azure Storage (comprised of the Blob, Queue, Table, and Azure Files services), Azure SQL Database, DocumentDB, StorSimple, and the Redis Cache.

Application services – This includes services that you can use to help build and operate your applications, such as Azure Active Directory (Azure AD), Service Bus for connecting distributed systems, HDInsight for processing big data, Azure Scheduler, and Azure Media Services.

Network services – This includes Virtual Networks, ExpressRoute, Azure DNS, Azure Traffic Manager, and the Azure Content Delivery Network.

These are the following cloud offerings classified in three categories :

  • SaaS
  • PaaS
  • IaaS

For more information on the above cloud offerings, please check our earlier blog “Similarities between Cloud Computing and Pizza“.

We will keep adding more information to our blogs time to time in the meantime if you need to contact us for any business services, please contact below or click here to check our website for any services.

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | WordPress: www.doctoolss.wordpress.com | Website: www.doctoolss.com | Facebook: https://www.facebook.com/DTdoctoolss/

Website Built with WordPress.com.

Up ↑

Create your website with WordPress.com
Get started