Security Through Marketing?
Need extra sponsors to drive your email security program? Want to see your logo in certain mail clients like gmail? If so, then you need BIMI.
So what is BIMI? Brand Indicators for Message Identification or BIMI is a way to add brand recognition to emails in supported email clients like Gmail. More information on BIMI is available at https://bimigroup.org/.
So, a quick TL;DR - Setup SPF, DKIM and Dmarc and as an added bonus you can change the icon in certain mail programs. This helps with brand recognition, fighting spoofing (here's my logo to prove its from me) and it makes it more difficult for the spoofers to keep up.
Is this going to fix all my issues with email? Well, no. If someone wants to impersonate you, they will. This is just an extra step they need to go through. The issues with look-a-like domains still exist. There is also a major hold out as well - Microsoft.
How much is this going to cost? Well, if you go with Digicert, the price on their website is an eye-watering $124 / domain / month. Entrust's current price is $1,299 for the year. Fortunately, this cost is entirely optional. While I can see how the independent verification of a logo would be helpful, this feels a bit like the certificate authorities still trying to get money for what is essentially a digital certificate.
So what benefits do I get? First off - Marketing driving email security. This is another chance to get your logo in front of a potential customer. Why not take it? The majority of this is free, although it does require some time to set up.
Hopefully, this will help with protecting email and raising the bar to performing attacks. Also, it brings support, in the form of marketing who traditionally only get involved in security when something has gone wrong and you need to spin it.