Never fall foul of phishing emails and keep your firm’s sensitive information safe.

91% of phishing attacks start with email as end users continue to be the weakest link in the cyber security chain.

With email being the primary way most organisations communicate, it is vital to protect against the fundamental flaw in email that leaves you and your clients open to an attack.

Most email security solutions focus on emails that cross a company’s network, stopping attacks getting in, but what they do not prevent is the attacks that originate
outside the company. These emails have no intention of ever passing through your firm’s systems and instead go straight to your clients, suppliers and other key contacts. Your brand, reputation and relationship can be used and exploited.

By impersonating a respected firm’s email identity, cybercriminals are able to trick recipients into handing over money, data or clicking on infected attachments or links.


This is where DMARC comes in. Domain-based Message Authentication, Reporting and Conformance (DMARC) is an email authentication protocol built on SPF1 and DKIM2 security protocols that stops criminals being able to fake an email. By adding a reporting and enforcement function DMARC enables domain owners to block fraudulent senders from using their domain.

With DMARC fully configured on your domain, your clients’ security systems can detect an email spoofing your domain and reject it without the intended recipient even knowing that it was there. Your client and your reputation are protected.

Getting DMARC fully configured on your domain can, though, be a daunting process. This is why only 10% of firms have managed to successfully implement it. It requires technical ability, focus and dedication to unravel the complex set of information reported by the protocol and implement the domain changes required. Worse, the process is not a one off exercise, there is a requirement to continually monitor reports and react to them.

OnDMARC from Red Sift

OnDMARC is a cloud-based DMARC service that helps organisations secure their domains against impersonation. It is built on an AI cyber security platform which makes the implementation of protection clearer, simpler and more secure. Firms can take back control of their email security with no need for expensive consultants. OnDMARC  implements, configures and maintains DMARC in a simple and effective way through:


  • Analyse and interpret DMARC reports from their configured domains and identify authorised and unauthorised traffic.
  • Use simple dashboards to easily spot any misconfigurations and analyse the scale and frequency of spoofing attacks.


  • OnDMARC gives you specific actions to configure your email and gets your domain ready for full DMARC protection
  • Block the fraudulent sources of email or generate an updated SPF and DKIM record based on simple ‘yes or no’ responses to actions.
  • Enable firms to overcome the 10 SPF look up limit that’s a common cause of email authentication failure.


  • Continually monitor and report on any security or configuration issues.
  • Easily update DMARC configuration to include new services.
  • Ongoing protection. Once your domain is protected, OnDMARC will continue to monitor and report any security issues to you

OnDMARC is the only solution of its kind with ISO27001:2013 accreditation, a UK datacentre and no email content ever visible to OnDMARC or the firm’s IT team. Red Sift is a member of ADS, CyberExchange and the Global Cyber Alliance as well as being the winner of Anti-Phishing Solution of the Year at the 2017 Computing Security Awards.

Click here to see how ONDMARC fits in to Tikit’s marketing and business development ecosystem.

Book a demo of ONDMARC