Tuesday, Feb 13, 2024
Unleash the Power of DMARC: Keeping Your Emails as Strong as Your Dental Hygiene!
Hope this news finds you brushing up on your email game, Google has some shiny new email rules just in time for the new year. What changes does Google have for this year? Email security and email verification.
Starting in February 2024, Google (and other email companies like Yahoo) will require your office to use DMARC for emails sent to Gmail users. Think of DMARC (Domain-based Message Authentication, Reporting, and Conformance) as a security guard for your emails. It's here to make sure your messages are as authentic as your dazzling smiles! Google wants us to crank up the security, protect ourselves and our patients.
Email security and verification have been around for years, but in February 2024 Google and Yahoo have announced email sent to Gmail or Yahoo will be rejected if an organization’s email is not set up for verification. The changes are designed for bulk email sending, but other email security systems are starting to reject unverified emails as well. All of this is to reduce the risk of spoofed email messages. These fake emails are intended to get users to fall for bad website links, QR codes, or requests for sensitive personal, medical, or financial information. They say up to 90% of cyber-attacks start from email, and over the holidays, Google ”blocked over 231 billion spam and phishing messages, 10% higher than the average volume”.
What can be done?
For sending emails, we recommend using a DMARC service as the central place to track and control email and monitor changes from vendors, marketing email companies, and to fix errors in other email settings. It's like having a dental hygienist for your emails to ensure they're sparkling clean and healthy!
While that covers outgoing emails, what about incoming emails? We also recommend a spam filter dedicated to protecting your emails from bad links, viruses, or other attacks. It’s an extra layer of security for all inbound emails before they even get to your inbox.
Another key step is training for you and your staff. Cyber awareness and HIPAA compliance training is required now from HHS. This training can be setup to alert everyone about new scams, run phishing messages to see if employees can spot the fake messages, and access overall cyber knowledge. We use a service that utilizes micro trainings, small 2-minute videos and quizzes to keep everyone sharp at spotting phishing attempts.
A quick checklist of cyber hygiene suggestions:
1. Two-Factor Authentication (2FA): 2FA adds an extra step to your login process to prevent anyone from stealing your password and then sending emails as you or your staff.
2. Password Policies: Speaking of passwords, Google wants us to level up our password game. Strong, unique passwords. No more using "1234" as your secret code or the same password for everything, consider using a password manager to use complex passwords and manage and monitors the current one.
3. Email Encryption: Imagine sending patient records in a digital envelope that only the recipient can open – that's email encryption! It ensures that your sensitive information stays secure, for your patients eyes only.
Why Should You Care?
Just like we care about giving our patients the best dental care, Google wants us to provide our emails with top-notch protection. DMARC, Cyber training, Spam filters, all ensure that our digital correspondence is as secure as a vault – no unauthorized entries allowed!
Stay secure and keep smiling!
or follow the URL https://bit.ly/3OoLxga
Article by Dan Mortenson, IT consultant
Hired Geek
949-933-6184(cell#)
dan@hiredgeek.com