Read the Newest Practice Guide: Special Publication 1800-6: "Domain Name Systems-Based Electronic Mail Security"

We are pleased to announce the release of the final version of NIST Cybersecurity Practice Guide, SP 1800-6: Domain Name Systems-Based Electronic Mail Security.  

Email has become the dominant method of electronic communication for both private and public sector organizations, fueled by low costs and fast delivery. Securing these transactions has been less of a priority, which is one reason why email attacks have increased.

To address this cybersecurity challenge, NCCoE security engineers developed an example solution that allows an organization to improve email security and defend against email based-attacks such as phishing and man-in-the-middle types of attacks. Using open source and commercially available technologies, this practice guide demonstrates a security platform that provides trustworthy email exchanges and tools that help organizations to encrypt emails between mail servers, allow individual email users to digitally sign and/or encrypt email messages, and allow email users to identify valid email senders as well as send digitally signed messages and validate signatures of received messages.

The example solution gives companies the ability to reduce risk associated with email and enable the use of existing security protocols more efficiently and with minimal impact to email service performance.

Stay informed about updates, send us an email at dns-email-nccoe@nist.gov.