DMARC Processing and Visualisation
DMARC is part of a portfolio of tools recommended by the NCSC that improves email security and can prevent your domains being spoofed. Netcraft’s DMARC service will provide the information you need to confidently move to a reject policy to prevent abuse, whilst not interfering with legitimate mail delivery.
Features
- Processing of DMARC Forensic Reports
- Processing of DMARC Aggregate Reports
- Web interface that visualises the DMARC reports
- Monitoring of the SPF and DMARC status for your domains
- Alerts when SPF and DMARC policies are invalid
- Alerts when new trends are identified
- Detailed view of all your email domains
Benefits
- Web based with 24/7 access
- Prevent spoofing of your domains
- Detection of phishing attacks spoofing your domains
- Detection of malware attacks spoofing your domains
Pricing
£36,000 an instance a year
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
8 9 0 9 3 2 0 8 7 7 3 9 4 4 7
Contact
Netcraft
Robert Duncan
Telephone: 01225 447500
Email: rad@netcraft.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- All modern web browsers supported.
- System requirements
- Web Browser
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Support is available 24/7
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- Support is provided by electronic mail and telephone.
- Support available to third parties
- No
Onboarding and offboarding
- Getting started
- We provide online documentation, and also can provide a video call demonstration of the portal to answer any questions.
- Service documentation
- Yes
- Documentation formats
- HTML
- End-of-contract data extraction
- N/A
- End-of-contract process
- N/A
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Responsive Design
- Service interface
- Yes
- User support accessibility
- None or don’t know
- Description of service interface
- Web based interface
- Accessibility standards
- None or don’t know
- Description of accessibility
- N/A
- Accessibility testing
- N/A
- API
- No
- Customisation available
- No
Scaling
- Independence of resources
- We scale our applications to account for load placed by all customers.
Analytics
- Service usage metrics
- No
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- None
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- No
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- Less than once a year
- Penetration testing approach
- In-house
- Protecting data at rest
- Other
- Other data at rest protection approach
- We physically secure access to our data centre and backup media.
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- N/A
- Data export formats
- Other
- Other data export formats
- None
- Data import formats
- Other
- Other data import formats
- Not Applicable
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- If the Service is unavailable continuously for 3 (three) days or unavailable for an aggregate of 120 (one hundred and twenty) hours within the Subscription Period the customer may terminate the Service and receive a pro-rata refund for the unused period.
- Approach to resilience
- Available on request
- Outage reporting
- Email alerts
Identity and authentication
- User authentication needed
- Yes
- User authentication
- Username or password
- Access restrictions in management interfaces and support channels
- User Account Authentication, Multi Factor Authentication, IP ACLs
- Access restriction testing frequency
- At least once a year
- Management access authentication
- Username or password
Audit information for users
- Access to user activity audit information
- You control when users can access audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- You control when users can access audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- Risk based approach.
- Information security policies and processes
- Defined in our internal Policies and Procedures document
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- We have an internal change management process
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Netcraft is a PCI approved scanning provider, and tests its own infrastructure. Patches are applied as appropriate.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- Netcraft has a Security Incident Detection and Remediation programme.
- Incident management type
- Supplier-defined controls
- Incident management approach
- We have an internal policy for handing incidents.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Social Value
- Tackling economic inequality
-
Tackling economic inequality
Netcraft recognises the problem of economic inequality, and where it is possible and reasonable seeks to address it through 1) the creation of new jobs and skills and 2) by increasing its supply chain resilience and capacity:
Netcraft is proud of the employment opportunities it creates and the training it provide its employees to address the skills-gaps in the cybersecurity sector.
As an equal opportunities employer, the employment opportunities Netcraft creates are open to those who historically have faced barriers to employment, or come from deprived areas.
Netcraft supports innovation throughout their supply chain such that they can deliver higher quality goods and services.
Netcraft conducts all its business in an honest and ethical manner, and are committed to acting professionally, fairly and with integrity in all their business dealings and relationships.
Netcraft takes action to identify and manage any cyber risks that arise in the delivery of the services it provides.
Pricing
- Price
- £36,000 an instance a year
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
- We can offer a 14 day trial of the service.