Secure
Email Security
SPF, DKIM, DMARC, anti-phishing, and safe attachments for Microsoft 365 email.
Email remains the primary entry point for cyber-attacks, with credential phishing and malware delivery campaigns growing in sophistication daily. Despite robust perimeter defences, a single misconfigured mail flow rule or missing DMARC record can expose the entire organisation to impersonation, data exfiltration, and business email compromise. Establishing SPF, DKIM, DMARC, anti-phishing, and safe attachment policies is foundational — and the first thing an ISO 27001 auditor will verify.
Foundation (Plan 1)
- SPF Configuration — Configure SPF records for email authentication and anti-spoofing
- DKIM Configuration — Configure DKIM signing for email authentication
- DMARC Configuration — Configure DMARC policy for email authentication enforcement
- Email Branding — Configure organisation branding and external sender warnings
- Email Disclaimers — Configure email disclaimers and transport rules
- Network Service Security — Email gateway security, Safe Links, Safe Attachments, transport rule hardening, SMTP auth, and mail forwarding controls
- Safe Links — Microsoft Defender for Office 365 Safe Links URL protection
- Malware Protection — Microsoft Defender for Office 365 malware protection: Safe Attachments, AV signatures, endpoint security profiles, device compliance
Added in Information Governance (Plan 3)
- Attack Simulation Training — Microsoft Defender Attack Simulation Training for phishing awareness
What you receive
| Delivery Package | Duration | Stakeholders | Key Deliverables |
|---|---|---|---|
| Email Security Hardening | 3–8 days | IT Admin, Email Admin | SPF/DKIM/DMARC configuration per domain; Safe Links and malware policies; Transport rule review |