The US government has suffered from several security breaches over the past few years, and now things are starting to change. The US government will now require federal agencies to implement basic email security measures. According to a new report from Reuters, Homeland Security’s deputy undersecretary for cybersecurity Jeanette Manfra states that the agency will soon require other federal agencies to adopt DMARC and STARTTLS.
DMARC assists in detecting and blocking spoofed emails to prevent impersonation of government officials. On the other hand, STARTTLS prevents emails from being intercepted when they’re en route to the recipient. Both of these have been adopted by companies such as Google and Microsoft, and are a decade old.
Manfra said that Department of Homeland Security will issue the new directive soon. After that, agencies will have 90 days to implement the new requirements. The issue here is that some government officials are already using at least one or both of these protocols, but some others aren’t.
Sit down because this will surprise you: Pentagon has only started using STARTTLS to protect the military’s mail.mil email accounts in July. The new directive will make sure that all agencies are protecting themselves properly.