Home / Cybersecurity / Global Cyber Alliance: 18 of White House Email Domains Fail to Deploy DMARC Security Protocol

Global Cyber Alliance: 18 of White House Email Domains Fail to Deploy DMARC Security Protocol

A new Global Cyber Alliance report says 18 of the 26 email domains managed by the executive office of the president have not begun implementing the Domain Message Authentication Reporting and Conformance protocol.

GCA said Wednesday it also found that seven of the White House email domains have deployed the DMARC protocol at the “none” level, which works to facilitate email monitoring but fails to block spoofed emails.

The report noted that Max.gov is the only White House email domain that has deployed the highest-level DMARC policy that works to block email spoofing and phishing activities.

“The lack of full DMARC deployment across nearly every EOP email address poses a national security risk that must be fixed,” said Philip Reitinger, president and CEO of GCA.

“The EOP domains that have recently deployed DMARC at its lowest setting include WhiteHouse.gov and EOP.gov, two of the most significant government domains,” Reitinger added.

EOP oversees email domains such as WhiteHouse.gov, Budget.gov, OMB.gov, USTR.gov, OSTP.gov and EOP.gov.

The Department of Homeland Security released a directive in October 2017 to help federal agencies protect emails and websites from cyber threats through the adoption of DMARC and other security protocols.

Check Also

Air Force to Deliver Satellite, Space Debris Data Storage to Dept of Commerce

The U.S. Air Force is slated to hand over a library of space and satellite debris data to the Department of Commerce to delegate space notification responsibilities to the agency, Spacenews reported Friday. President Trump signed Space Policy Directive 3 ordering the Department of Defense to provide public space situational awareness data to the Department of Commerce.

Leave a Reply

Your email address will not be published. Required fields are marked *