Message Systems is pleased to announce today that we have qualified for the Online Trust Alliance’s 2014 Email Integrity Honor Roll. The audit evaluates a company’s adoption of email authentication practices and focuses in particular on email authentication that helps detect and block spoofed and forged email such as Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM) and Domain-based Message Authentication, Reporting & Conformance (DMARC) practices.
Companies are recognized as leaders in the space of email security and brand protection if they have:
- Implemented SPF and DKIM at the corporate or top-level domain
- Have a DMARC record published
As part of this audit, the Online Trust Alliance reviewed over 800 companies and brands, out of which only 12% passed, and Message Systems is honored to make the list!
From the positive effects we’re seeing across the industry, it’s clear that DMARC is succeeding as intended in deterring malicious email attacks – which is great news. Message Systems will continue to provide the technologies our customers need to quickly implement SPF, DKIM and DMARC to protect their brands and customers.
– Phillip Merrick CEO, Message Systems
Earlier this year, we also qualified for the Online Trust Alliance’s 2014 Online Trust Audit and Honor Roll – this latest honor further recognizes our commitment to educating the industry on email security for online brand protection through leading by example.
Here’s the Good News
The 2014 Email Integrity Audit had several key findings, both positive and negative, on the state of email authentication in the various industries. As always, let’s start with the good:
- Adoption of SPF and DKIM is rising across all the industries. The Internet Retailer 100 had an 88% adoption rate, while the Internet Retailer 500 had the largest growth, rising from 56% to 74% adoption.
- Adoption of DMARC is increasing slowly but steadily, and the top social sites had the highest score for DMARC adoption at 36%.
Among the list of companies that made the 2014 Email Integrity Honor Roll, many were our customers and partners, and we’d like to offer everyone a hearty congratulations!
Internet Retailer Top 500
Social Top 50
DMARC allowed us to dramatically reduce the number of forged emails sent to our users. DMARC was a direct benefit to our users by blocking these impersonations.
– Josh Aberant Postmaster, Twitter
SPF and DKIM are vitally important for email senders to implement today, but they are merely table stakes in an escalating battle against email fraud. DMARC is a powerful solution empowering senders who are prone to brand infringement and malicious attacks.
– Robert Holmes General Manager, Fraud & Brand Protection Services, Return Path
… And Now for the Bad News
While adoption rates for SPF, DKIM and DMARC continued to grow, the news about the state of email authentication in the industry wasn’t all quite as rosy:
- Of all the consumer domains sampled, only 8.3% have implemented SPF, DKIM and DMARC.
- Brands are failing to authenticate at top level domains; SPF and DKIM adoption only grew at the level of sub domains, thus leading to limited brand and consumer protection.
- While DMARC adoption is growing, it still remains low.
- Top FDIC insured banks had the highest failure rate compared to all sectors due to a lack of email authentication – only 17% passed the audit.
- The top 50 federal government sites consistently scored at the bottom of all email authentication metrics – only 4% passed the audit.
The 2014 Email Integrity Audit findings revealed that consumers are at a higher risk of receiving forged and spoofed email from major banks and federal government sites – a scary thought as these are institutions that generally command the trust of the public. The 2014 Email Integrity Audit report also specifically called out the security weaknesses in email infrastructure in enterprises and commodity message/mail transfer agents:
Unfortunately, in many enterprises the email infrastructure does not natively support outbound signing or inbound checking for SPF, DKIM or DMARC. Equally as concerning is the lack of support for inbound authentication from leading MTAs (Mail Transfer Agents), the hosting community and email technology providers.”
– 2014 Email Integrity Audit report
The report points to the inconsistency of email authentication in organizations due to email marketing being outsourced to disparate third party systems. We’d like to point out that our email infrastructure platform, Momentum, (available in on-premise and managed cloud versions) fully supports both inbound and outbound email authentication – one of the many reasons why the world’s largest senders choose us to send 20% of global legitimate email through Momentum.
Finally, we’d like to end with a note of caution from the audit report: a lack of email authentication exposes businesses to the risk of liability and class action suits in the event of a data breach. If you’re interested to find out whether your email service provider is authenticating your mail, test it with our email Validator – it checks for DKIM, SPF and DMARC email authentication.
It’s our great pleasure to announce that we will be hosting the Online Trust Alliance’s Email Security Training Academy on July 9 at our San Francisco office. As a member of the OTA, Message Systems has made it our mission to continuously educate and promote the adoption of DMARC email standards among our clients and the industry as a whole. We were honored to be placed on OTA’s honor roll for two years in a row, and happy to support OTA’s goal of enhancing online trust in the industry and among organizations.
Covering the fundamentals of DMARC, SPF and DKIM, OTA’s full-day intensive training will include case studies from Microsoft, Facebook, Twitter and American Greetings, as well as best practices for implementing, managing and optimizing email and domain authentication. During training, technical details about deploying SPF, DKIM and DMARC will be discussed and attendees will also come to understand the importance and benefits of implementing and managing email authentication.
We believe that online businesses have a responsibility to protect users from phishing and other email abuse. OTA’s training and guidance has been invaluable to our team and ultimately our customers, said Within 90 days of implementing we were able to block over 100,000 deceptive emails targeting our customers.
Sal Tripi Assistant Vice President of Digital Operations & Compliance, Publishers Clearing House.
Whether you’re an IT or security professional, an email administrator, email marketer or a brand owner, OTA’s email security training offers knowledge for everyone such as:
- Enhancing brand reputation
- Communicating with ISPs on what to do with malicious mail
- Receiving email intelligence reports from ISPs and receiving networks
- Reducing malicious mail
- Optimizing email deliverability and clickthrough
If you’d like to learn more about why protecting customers and your brand from abuse is so important, have a look at the 2014 Data Protection & Breach Readiness Guide released by OTA earlier this year. According to the report, 2013 was the worst year for data breaches with 740 million records being exposed. Sadly, 89% of these incidents could have been avoided with simple security best practices such as DMARC email authentication.
Need another reason to register? Here’s one: The early bird discount ends this Friday, July 4, so be sure to sign up before then. Only 10 seats remain at the moment, so the sooner you act, the better!
Find out about DMARC, DKIM and SPF before you attend OTA’s workshop with the How DMARC Is Saving Email E-Book.
In 2014, the Online Trust Alliance increased weighting on phishing and fraudulent email protection at the top-level domain, and implementation of Domain-based Message Authentication, Reporting & Conformance (DMARC) policies in scoring websites for the annual Honor Roll. After earning this honor last year, we wanted to strive for “valedictorian” this year by continuing to stay on top of these security upgrades.
- We made our Privacy Policies a bit clearer, and we’re already planning on improving them further for next year’s awards.
- We took our website’s score from a 95/100 to a perfect 100 by upgrading our SSL Certificates to TLS 1.2.
- We even strove for extra credit above and beyond the norms by having our product teams work toward perfecting all of our DMARC policies.
We’re also always working toward improving the experiences of all users of our products and sites. In the coming year, we’re adding several awesome new features to the websites and upgrading them to be fully responsive! These things aren’t required by OTA’s Honor Roll this year, but we feel that they may be in the near future. In fact, the 2014 Trust Audit now evaluates variances between websites and their mobile apps on the iOS and Android platforms, in the interest of security controls and privacy best practices.
Thank You to the Online Trust Alliance
Message Systems strives toward a more trustworthy internet. Receiving this honor from the OTA is a welcome pat on the back for those efforts and a significant achievement. Overall only 30.2% of the 800+ sites made the Honor Roll, with 22% making the Honor Roll for the past two years. Conversely, nearly 53% failed in one of the three categories. With this in mind, we will continue to push the envelope year after year.
In addition to reaching this goal ourselves, several of our clients have also been awarded Honor Roll status in 2014. They include:
Congratulations to all our clients, especially Twitter and American Greetings for achieving the best Honor Roll scores!
For more information about the Online Trust Alliance Honor Roll, check out our press release. You can also read the 2014 OTA Honor Roll Report here. For a visual summary of top takeaways from this year’s report, check out the following infographic.
Find out more about how you can better protect your brand with DMARC email authentication. Watch The Benefits of Adopting DMARC Email Authentication webinar today!
News just in!
Message Systems has just been named a top trusted website in the OTA’s 2013 Online Trust Honor Roll for demonstrating exceptional data protection, privacy and security best practices.
We have more details about the Online Trust Alliance and the criteria for qualifying for the honor roll in our official press release, if you are interested in learning more about the background of this recognition.
But today’s post is really in honor of the Message Systems website that was updated with a fresh new look in 2012.
Here’s Message Systems in 2011…
And here’s the website in 2012.
So what’s changed between 2011 to 2012 website-wise?
- Cleaner look and feel, with much stronger branding. The logo and company colors have been updated to translate better from our live and print identity to our digital identity.
- Full systems integration allowed Message Systems to track, score, and analyze every lead that came through the site.
- More consistent calls to action and results for clicking on them across the site. No one should be taken off guard by where they end up after clicking on a link.
- New videos page to display client testimonials and other features that were integrated with our new corporate YouTube channel. In addition, the webinar pages have been upgraded for better usability and consistency with the new video format.
- The upgraded careers section of the site drives recruitment efforts and showcases the excellent company culture.
- New social media sharing features for targeted outlets (including Facebook, LinkedIn, and Google Plus) using the ShareThis service combined with selective PHP insertion.
- Tons of new SEO features like schema tagging, tracking tokens in URLs, and dynamic meta tag generation. All coded in a user friendly way for content managers to easily use.
- Rolled back several “form walls” where we required users to provide their contact information to view certain collateral. Those forms are now only used for “best practices” and other “how to run your business better” kinds of guides that content managers work very hard on, and can greatly benefit the user for free.
- Upgraded the company’s Blog Theme (WordPress based) to better suit these website changes and to enable several of its new features into the blog portion of the site.
New Video Page for Client Testimonials
Upgraded Careers Section
Interactive Careers Site Map
- Site traffic increased by over 400% 6 months after the redesign.
- Sales Qualified Lead Generation originating from the website increased by 80% in 2012.
- Web-based projects were completed three times faster
- Social media integration throughout the website together with increased social media activity led to 20% more followers on Twitter and LinkedIn.
While the re-launched website made sense from a dollars and cents perspective, its recognition by the Online Trust Alliance also validates the commitment Message Systems has in safeguarding all visitor information and protecting customers from the increased threats posed by cybercriminals.
Being named to the 2013 Honor Roll is a significant achievement considering the large number of companies that received failing marks for inadequate domain and consumer protection (14%), insecure websites (7%) and inadequate privacy policies or data collection practices (36%).
This is especially true since many large e-retailers with significant sales have failed to make the Honor Roll. Message Systems is also the only on-premise email software company to make the list. In short, there’s no better way for the website and Message Systems to be recognized for demonstrating leadership in brand protection, online security and privacy best practices.
As a final note, I would like to thank the OTA and Craig Spiezle, president and executive director of the Online Trust Alliance for their assistance in building the site to achieve this goal. They responded quickly and helpfully to every question I asked them and we couldn’t have done it without them!
We’ve taken you through some of the key features of our website optimization process, why not look at how you can optimize your emails as well? Download the Email Best Practices 101 eBook to increase your chances of getting into your customer’s inbox.