PowerDMARC Email Spoofing and Impersonation Prevention
PowerDMARC is a SaaS email authentication security platform that leverages protocols like DMARC, MTA-STS, and BIMI to help organizations combat domain spoofing, secure their email channel, and enhance their brand’s reputation.
Features
- DMARC/SPF/DKIM/MTA-STS/BIMI
- DMARC Reporting
- Email Security Threat Intelligence
- Detailed DMARC Aggregate views
- Cloud based GDPR SaaS
- Abuse Reporting
Benefits
- Stop phishing attacks on your domain
- Stop hackers from sending emails from your domain
- Block email and domain spoofing attacks
- Visibility on your mail
- Multi Tenancy for MSSP
- Improve organization security posture with complete DMARC compliance
- Safe movement to p=reject
- Brand Indicators for Message Identification BIMI
- MTA-STS / TLS-RPT
- Email Security Assessment
Pricing
£250 to £32,000 a unit
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
5 2 9 1 9 9 1 7 8 1 9 4 1 3 4
Contact
PowerDMARC Detect and prevent email phishing and spoofing
Faisal Al Farsi
Telephone: +1 217 6507167
Email: faisal.alfarsi@powerdmarc.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- N/A
- System requirements
- SaaS based portal so accessed via web browser
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Within 24hrs
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- PowerDMARC offers standard e-mail support by default in all service plans. Extended premium support can be offered based on client service plan.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Online Training
User Documentation - Service documentation
- Yes
- Documentation formats
- HTML
- End-of-contract data extraction
- At the end of the contract, on request, PowerDMARC can provide the customer with the DMARC XML data
- End-of-contract process
- At the end of the contract users can renew the service or cancel it by notifying PowerDMARC 30 days in advance.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- No
- Service interface
- No
- User support accessibility
- None or don’t know
- API
- No
- Customisation available
- No
Scaling
- Independence of resources
- PowerDMARC scales dynamically with the load since its a cloud platform.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
- Number of emails validated
- Number of unauthorised emails rejected
- Number of forwarded emails
-Number of threats identified - Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- European Economic Area (EEA)
- User control over data storage and processing locations
- No
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Physical access control, complying with another standard
- Encryption of all physical media
- Scale, obfuscating techniques, or data storage sharding
- Data sanitisation process
- No
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- Users can retrieve imported XML data in it's original format per report or request a larger data export.
- Data export formats
- Other
- Data import formats
- Other
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- 99.95%
- Approach to resilience
- Resilient Cloud running on AWS multi regional
- Outage reporting
- Email alerts
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Username or password
- Access restrictions in management interfaces and support channels
- Management interfaces are only accessible for users with specific permissions.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- BQSR QUALITY ASSURANCE PVT.LTD
- ISO/IEC 27001 accreditation date
- 21/02/2022
- What the ISO/IEC 27001 doesn’t cover
- The full SaaS platform is covered by ISO27001:2013.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- No
- Cyber essentials plus
- No
- Other security certifications
- Yes
- Any other security certifications
- SOC2 Type1
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- OWASP standards are followed
- Information security policies and processes
- Defined written information security and policies.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- PowerDMARC uses an internally defined change management process
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Continuous Vulnerability Management approach with quarterly security assessment.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- Quarterly penetration tests with real time security prevention thru Cloudflare WAF.
- Incident management type
- Supplier-defined controls
- Incident management approach
- Our support evaluates incidents using a defined process and escalates to the appropriate team for resolution. Users report incidents through https://support.powerdmarc.com. Incident reports are provided.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Social Value
- Fighting climate change
-
Fighting climate change
We support causes to save climate. - Covid-19 recovery
-
Covid-19 recovery
We take all needed measures against covid-19. - Tackling economic inequality
-
Tackling economic inequality
We tackle economic inequality with all possible support. - Equal opportunity
-
Equal opportunity
We provide equal opportunities to all. - Wellbeing
-
Wellbeing
We ensure our team take good care of their wellbeing.
Pricing
- Price
- £250 to £32,000 a unit
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- 15 Days free trial
- Link to free trial
- https://app.powerdmarc.com/en/members?signup