CMMC Practice Requirement:
Implement email forgery protections.
CMMC Requirement Explanation:
Sender Policy Framework (SPF) specifices which servers are allowed to send email from your domain (@mycompany.com). Domain Keys Identified Mail (DKIM) verifies the authenticity of an email message to a recipient. Domain-based Message Authentication, Reporting, and Conformance (DMARC) combines SPF and DKIM by specifying policies.
Example CMMC Implementation:
Implement SPF, DMARC, and DKIM on your email domain (e.g. @mycompany.com).
- Scenario 1:
Your company uses Office 365 Exchange for its email services. You visit Microsoft's website and follow the guidance for enabling SPF, DKIM, and DMARC.
Discover Our NIST SP 800-171 Solutions:
For contractors seeking compliance
For IT service providers
Supply Chain Verifier
For contractors seeking to verify partner compliance