Changes

Jump to navigation Jump to search
Created page with "<div style="float: right; z-index: 10; position: absolute; right: 0; top: 1;">File:JoinusonGCconnex.png|link=http://gcconnex.gc.ca/groups/profile/2785549/gc-enterprise-secur..."
<div style="float: right; z-index: 10; position: absolute; right: 0; top: 1;">[[File:JoinusonGCconnex.png|link=http://gcconnex.gc.ca/groups/profile/2785549/gc-enterprise-security-architecture-gc-esa]]<br />[[File:ESAcontactus.png|link=mailto:ZZTBSCYBERS@tbs-sct.gc.ca]]</div> [[File:GOC ESA.jpg|center|link=http://www.gcpedia.gc.ca/wiki/Government_of_Canada_Enterprise_Security_Architecture_(ESA)_Program]] <div class="center">
{| style="border: 2px solid #000000; border-image: none;" width="1000px"
|-
! style="background: #e1caf7; color: black" width="20%" scope="col" " width="175px" | [[Government of Canada Enterprise Security Architecture (ESA) Program|ESA Program Overview]]
! style="background: #e1caf7; color: black" width="20%" scope="col" " width="125px" | [[ESA Backgrounder (Strategy)|ESA Foundation]]
! style="background: #e1caf7; color: black" width="20%" scope="col" " width="125px" | [[ESA Requirements|ESA Artifacts]]
! style="background: #C495F0; color: black" width="20%" scope="col" " width="125px" | [[ESA Initiatives|ESA Initiatives]]
! style="background: #e1caf7; color: black" width="20%" scope="col" " width="125px" | [[ ESA Tools and Templates]]
! style="background: #e1caf7; color: black" width="20%" scope="col" " width="125px" | [[GC ESA Artifact Repository|ESA Reference Materials]]
! style="background: #e1caf7; color: black" width="20%" scope="col" " width="100px" | [[ESA Glossary| Glossary]]
|}
{| style="border-bottom: #000000 2px solid; border-left: #000000 2px solid; border-right: #000000 2px solid" width="1000px"
|-
! style="background: #c2c2fa; color: black" width="20%" scope="col" " width="100px" | [[Cloud Security Initiative]]
! style="background: #c2c2fa; color: black" width="20%" scope="col" " width="100px" | [[HTTPS Initiative|HTTPS Initiative]]
! style="background: #c2c2fa; color: black" width="20%" scope="col" " width="110px" | [[Data Loss Prevention Initiative]]
! style="background: #c2c2fa; color: black" width="20%" scope="col" " width="120px" | [[Enterprise Vulnerability Management System Initiative]]
! style="background: #c2c2fa; color: black" width="20%" scope="col" " width="100px" | [[DevSecOps Initiative]]
! style="background: #c2c2fa; color: black" width="20%" scope="col" " width="120px" | [[Integrated Risk Management Initiative]]
! style="background: #9a9af8; color: black" width="20%" scope="col" " width="150px" | [[Domain Message Authentication Reporting and Compliance|DMARC Initiative]]
! style="background: #c2c2fa; color: black" width="20%" scope="col" " width="110px" | [[Zero Trust Security|Zero Trust Security Initiative]]
! style="background: #c2c2fa; color: black" width="20%" scope="col" " width="110px" | [[GC Cyber Security Event Management]]

|}
</div>{{TOCright}}

== Background ==
*Canadians rely on the Government of Canada to provide secure digital services in a way that protects the information they provide to the government.
*By implementing specific security standards that have been widely adopted in industry, departments and agencies can minimize spam and better protect users who might otherwise fall victim to a phishing email that appears to come from a government-owned system.
*This includes implementing Domain-based Message Authentication, Reporting and Conformance (DMARC) which protects government email domains from spoofing and phishing.
*Goal is to reduce the risk posed to Canadians posed by malicious emails impersonating the Government of Canada



<br>

== DMARC Concepts and Architecture ==
[[File:DMARC DIAGRAM2.png|thumb|How does email authentication work?]]

=== How does email authentication work? ===
*An email is sent by a threat actor who is spoofing their email to look like a Canadian Bank.
*The sender receives the email and attempts to forward it to the actual bank.
*The Canadian Bank's email authentication records notices that the sender domain is not recognized as a legitimate domain.
*Malicious email is blocked without reaching the target's inbox.
[[File:DMARC EXPLAINED.png|thumb|How does DMARC work? ]]

=== How does DMARC work? ===
*Author composes & sends an email.
*The sending mail server inserts a DKIM header and heads towards the receiver.
*The email and sender domain is scrutinized and tested based on checks such as IP Blocklists, Reputation, Rate Limits, etc...
*DMARC checks the DKIM header that was inserted by the sending mail server for legitimacy.
*DMARC retrieves an "Envelope Form" via SPF.
*The email then has one of three outcomes.
**Passed - Email gets sent to proper user and goes directly into the inbox.
**Quarantine - Email fails DMARC policy and is send to the user's SPAM/Junk folder.
**Reject- Failed DMARC policy, Email is rejected and the message is dropped before it reaches the user.

<br>

== References ==
*[https://cyber.dhs.gov/bod/18-01/#what-is-email-authentication| What is Email Authentication?]
*[https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-177r1.pdf Trustworthy Email - NIST Publication]
*[https://dmarc.org What is DMARC?]
*[https://internet.nl Netherlands Email and Domain Compliance Tool]
*[https://www.gov.uk/government/publications/email-security-standards/domain-based-message-authentication-reporting-and-conformance-dmarc Using DMARC in your Organization]
*[https://dmarc.globalcyberalliance.org/ DMARC - Email Authentication Made Easier]
*[https://www.gcpedia.gc.ca/gcwiki/images/5/5b/Enhancing_Email_Security_with_DMARC.pptx Enhancing Email Security with DMARC]
*[https://www.gcpedia.gc.ca/gcwiki/images/a/a8/Enhancing_Email_Security_with_DMARC_-_French.PPTX Enhancing Email Security with DMARC - French]
[[Category:Government of Canada Enterprise Security Architecture (ESA) Program]]
[[Category:Enterprise Security Architecture]]
[[Category:GC Enterprise Architecture]]

Navigation menu

GCwiki