Skip to main content
Audit Agent Compliance evidence & audit prep Operations Agent M365 operations & CIS benchmarks Cloud Adoption Agent Azure migration & CAF delivery CyberAware Training Security awareness & phishing sims Remote Support Start a secure support session Helpdesk & SLAs +27 (0)11 731 0600 · response times by plan All Customer Tools Portals, admin consoles & more
Preview Your Audit
Preview Your Audit
Secure

Email Security

SPF, DKIM, DMARC, anti-phishing, and safe attachments — extended with court-admissible proof of encrypted external delivery.

Deployed, encrypted, and court-admissible. Not just filtered.

ISO 27001 Certified 3x Microsoft Partner of the Year 1,200+ Organisations Secured 30+ Years

Your auditor will ask you to prove sensitive email was encrypted, delivered, and received. That proof gap is what even the most comprehensive Purview deployments leave open. We deploy SPF, DKIM, DMARC, and anti-phishing — then extend it with court-admissible proof of every encrypted delivery. The evidence exists before the auditor asks.

Here is the complete email security stack we deploy and operate. Every capability below produces auditable evidence of protection.

Foundation (Plan 1)

  • SPF Configuration — Configure SPF records for email authentication and anti-spoofing
  • DKIM Configuration — Configure DKIM signing for email authentication
  • DMARC Configuration — Configure DMARC policy for email authentication enforcement
  • Email Branding — Configure organisation branding and external sender warnings
  • Email Disclaimers — Configure email disclaimers and transport rules
  • Network Service Security — Email gateway security, Safe Links, Safe Attachments, transport rule hardening, SMTP auth, and mail forwarding controls
  • Safe Links — Microsoft Defender for Office 365 Safe Links URL protection
  • Malware Protection — Microsoft Defender for Office 365 malware protection: Safe Attachments, AV signatures, endpoint security profiles, device compliance

Added in Endpoint (Plan 2)

  • Journal-Based Email Archive — Tamper-proof journal-based email archive capturing every inbound/outbound message via Exchange journalling. Provides WORM storage, jurisdiction-aligned retention, legal hold, and independent auditor access. Vendor-delivered (e.g. MxVault/Cryoserver on AWS) or Microsoft-native (Purview retention + litigation hold) — see Email-Archive-Capability-Matrix.md for the 4-state model (neither / Purview / MxVault / both).

Added in Information Governance (Plan 3)

  • Attack Simulation Training — Microsoft Defender Attack Simulation Training for phishing awareness

What you receive

Delivery PackageDurationStakeholdersKey Deliverables
Email Security Hardening3–8 daysIT Admin, Email AdminSPF/DKIM/DMARC configuration per domain; Safe Links and malware policies; Transport rule review; Email branding templates

Risk impact

RiskBeforeAfterReduction
Communications Interception12283%
Communications Manipulation12283%

Risk scores use a likelihood × impact matrix (1–25). Lower is better.

Ready to see where you stand? Our free assessment benchmarks your email security against these capabilities — in 30 minutes, no tenant access required. Start your assessment.

ISO 27001 controls covered

Evidence browser showing email security configuration and compliance proof
Email security evidence collected and ready for audit