Email security is no longer just an IT task. Cyber insurers ask about it at renewal, supplier assurance questionnaires require it, and Cyber Essentials depends on related controls. This check gives you a documented, plain-English baseline you can put in front of auditors, insurers and clients.
Most insurers now ask specifically about SPF, DKIM, DMARC and MFA. Missing controls are linked to business email compromise claims, and can affect your cover and premium.
Cyber Essentials requires MFA on all accounts and email filtering. It does not mandate SPF, DKIM or DMARC by name, but assessors commonly raise them, and MFA gaps are a hard fail.
Your email carries personal data. GDPR Article 32 expects appropriate technical measures, and a spoof or compromise that exposes client data is a notifiable incident.
Larger clients run due-diligence checks before onboarding suppliers. A spoofable domain is a visible red flag that can cost you the contract.
Run the free check above to get your baseline. Then have your IT team configure SPF, DKIM and DMARC, moving DMARC from p=none to quarantine and then reject, and enable MFA on every mailbox. Keep the before-and-after check results as documented evidence for your insurer, auditor or client. The controls are low-cost and quick to implement.
Not by name. Cyber Essentials requires MFA on all accounts and email filtering. Assessors often raise SPF, DKIM and DMARC as best practice, and the most common actual failure point is MFA. The check covers all three authentication records.
Yes. Insurers ask specifically about SPF, DKIM, DMARC and MFA. A documented check result showing these in place supports your answers and can help your cover and premium.
Yes. The plain-English result gives you evidence of your email authentication status to answer supplier assurance and due-diligence questions, without drowning in technical jargon.
Run the free check above for a documented baseline you can share with auditors, insurers and clients.