Book a demo

Month: December 2024

Trustify announces landmark partnership with IONOS

Posted on by Trustify

A game-changer for SMEs seeking comprehensive cybersecurity solutions

Trustify is proud to announce its new Platinum Partnership with IONOS, Europe’s largest hosting provider. This partnership marks a significant step forward in Trustify’s mission to deliver robust, accessible cybersecurity solutions to businesses of all sizes. With IONOS’ unrivalled global reach and Trustify’s technology, this collaboration is set to transform the landscape of cybersecurity for SMEs across the UK.

Real Cyber Resilience for Smaller Organisations

The partnership enables Trustify to offer its complete suite of cybersecurity products and services to a broader audience, giving smaller UK organisations affordable access to enterprise-grade cyber resilience. By integrating services such as:

  • All-in-one, always-on cybersecurity
  • Cyber risk insurance
  • Data breach recovery
  • Penetration testing
  • Secure email
  • SSL certificates

SMEs can now secure their operations with a unified service that combines all their cybersecurity needs in one place.

John Madelin from Trustify’s Advisory Board commented:

“This partnership is a game-changer for smaller UK organisations.”

Trust365 on the IONOS DCD Platform

As part of the agreement, Trustify’s flagship solution, Trust365, will be hosted on the IONOS DCD (Data Centre Designer) platform, making it available to all IONOS customers. Trust365 provides organisations with an all-in-one cybersecurity and cyber insurance solution designed to combat the evolving threat landscape.

Sab Knight, Head of New Markets at IONOS Cloud, shared his thoughts:

“At IONOS Cloud, we are excited to announce our partnership with Trustify. As Europe’s largest hosting provider, IONOS Cloud offers 100% data sovereignty and full GDPR Compliance, being completely exempt from the US Cloud Act. Trustify’s advanced security solutions that enable businesses to better protect their data and navigate increasingly complex digital threats from a single source and needed a provider that could also offer total data sovereignty to make sure Trustify could be a totally locked down data zone. We are pleased that IONOS Cloud has been chosen to be the trusted platform provider for Trustify and their clients.”

Strengthening cybersecurity for a digital future

This partnership aligns with Trustify’s commitment to providing end-to-end cybersecurity solutions. By leveraging the power of IONOS Cloud, Trustify ensures its clients benefit from a fully locked-down data zone, helping them navigate increasingly sophisticated threats with confidence.

To explore how this partnership can enhance your organisation’s cybersecurity, visit our solutions page or book a free demo of Trust365 today.

Enhancing email security and brand value with BIMI

Posted on by Trustify

In the ever-evolving digital landscape, ensuring email security and building brand trust are essential for organisations. BIMI (Brand Indicators for Message Identification) is a groundbreaking email authentication standard that enhances security while increasing brand visibility and trust. Built upon the foundational email security protocol, DMARC, BIMI adds an additional layer of protection while showcasing verified brand logos in email communications.

This article delves into what BIMI is, how it works, and why it’s a game-changer for both security and brand management.

What is BIMI?

A New Standard for Secure Email Authentication

BIMI is an emerging email specification designed to enhance both security and brand visibility. It allows organisations to display their verified logo next to their email messages on supported platforms. By ensuring these logos are authenticated and protected, BIMI builds trust and ensures consistency in branding.

When implemented correctly, BIMI ensures your logo is securely verified through DNS TXT records, preventing unauthorised use and reinforcing your organisation’s credibility.

How does BIMI work?

BIMI integrates seamlessly into existing email authentication protocols. Here’s how it operates:

  1. Email Authentication: The sender’s email must first pass SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance) checks.
  2. BIMI Text File: A BIMI-specific text file, stored on the sender’s server, includes information about the logo and its storage location.
  3. Verification: Once authenticated, the recipient’s email service retrieves the sender’s verified logo and displays it alongside the email.

Requirements for BIMI:

  • A DMARC policy set to quarantine or reject.
  • Verified logo files in SVG (Scalable Vector Graphics) format.
  • A Verified Mark Certificate (VMC), which, though optional currently, will become mandatory in the future.

How is BIMI built on DMARC?

DMARC serves as the backbone of email security, ensuring that only authenticated emails are delivered to recipients. BIMI builds on this foundation, requiring organisations to implement DMARC policies that reject or quarantine unauthorised emails.

By leveraging DMARC, BIMI creates a robust framework that not only prevents phishing and spoofing attacks but also reinforces trust in email communications by displaying authenticated brand logos.

Benefits of BIMI implementation

Enhanced Security

BIMI significantly reduces the risk of impersonation and phishing attacks. By requiring DMARC authentication and verified logos, BIMI helps businesses safeguard against Business Email Compromise (BEC) and unauthorised use of brand assets.

Strengthened Brand Trust

Displaying a verified logo in emails assures recipients that the communication is legitimate. This not only builds trust but also enhances the credibility of your organisation.

Increased Visibility

With a standardised logo appearing in email inboxes, your brand stands out among thousands of messages, increasing engagement and awareness.

How to implement BIMI

BIMI implementation requires a structured approach:

  1. Set Up DMARC: Ensure your organisation has SPF, DKIM, and a DMARC policy enforced to quarantine or reject unauthorised emails.
  2. Prepare Your Logo: Create a verified logo in SVG format. It must be square, free of additional text, and securely stored via HTTPS.
  3. Get a Verified Mark Certificate (VMC): While currently optional, acquiring a VMC will soon be mandatory for BIMI compliance.
  4. Update DNS Records: Publish your BIMI text file on DNS to complete the setup.

Why BIMI is the future of email security

BIMI represents a major step forward in email security and brand management. By combining robust authentication with enhanced visibility, it bridges the gap between trust and engagement in email communications.

As adoption grows, BIMI is poised to become an essential tool for organisations looking to secure their email channels and boost brand recognition. Early implementation ensures you’re ahead of the curve, ready to adapt to the evolving landscape of email communication.

Final thoughts

The integration of BIMI with DMARC is a significant development in email authentication. By offering enhanced security and strengthening brand identity, BIMI empowers organisations to combat sophisticated cyber threats while increasing their visibility.

As email remains a critical communication channel, BIMI provides a vital solution for organisations prioritising both security and brand value in today’s digital world.

Datasurance gains FCA approval: A game-changer for SME cyber risk insurance

Posted on by cmamedia
Trustify is proud to announce that Datasurance, our revolutionary Cyber Risk Insurance solution, has achieved FCA (Financial Conduct Authority) approval. This milestone marks a significant step forward in making comprehensive cyber protection accessible to small and medium-sized enterprises (SMEs).
Working alongside Marsh, one of the world’s leading insurance brokers, Datasurance is designed to close the cyber maturity gap that often leaves SMEs vulnerable to cyber threats. Many smaller organisations lack the awareness, resources, or protections required to qualify for traditional cyber insurance policies. Datasurance changes this landscape, providing an affordable, straightforward solution to help SMEs build resilience against cybercrime.

Why Datasurance is essential for SMEs

SMEs are increasingly targeted by cybercriminals, yet many lack adequate defences or financial safeguards. Traditional insurance products often require a high level of cyber maturity, leaving many SMEs unable to secure coverage.
Datasurance addresses this gap by integrating cyber risk insurance with Trustify’s cybersecurity solutions. This unique combination ensures businesses not only gain financial protection in the event of a cyber incident but also receive proactive support to prevent breaches and minimise risks.

Levelling the playing field for smaller businesses

Trustify’s mission is to democratise cybersecurity and insurance, making advanced protections available to businesses of all sizes. By combining affordable premiums with practical, real-world solutions, Datasurance enables SMEs to:
  • Achieve cyber maturity: Gain access to tools, resources, and guidance to strengthen defences.
  • Meet insurance criteria: Built-in protections ensure eligibility for coverage, even for businesses new to cyber resilience.
  • Secure peace of mind: Protect finances and reputation with a safety net that reduces the impact of cyber incidents.

What our FCA approval means

FCA approval ensures that Datasurance adheres to the highest regulatory standards, offering SMEs a trusted, transparent, and effective insurance product. This achievement reflects Trustify’s commitment to delivering solutions that are both innovative and reliable.
We will be launching Datasurance in the near future and look forward to having you onboard.

Time for public institutions to shape up and shake up their cyber awareness

Posted on by Trustify

Museums, galleries and archives have been urged to tighten their cyber security following the massive ransomware attack on the British Library.

Museums, public archives and galleries are among the latest organisations to be hit by the cybercriminal group Rhysida, with the British Library suffering a ransomware attack in October. The now notorious group threatened to dump nearly 600 gigabytes of leaked data online, including personally identifiable data traceable to customers and staff, a threat which it carried out after demanding £600,000 payable in bitcoin to halt the attack.

What are the cyber risks to public institutions?

In the initial phases of the attack, basic services such as email became denied, and significant IT infrastructure was rendered inoperable by encryption. While many of these services are now enabled once again, the internationally famous institution is still suffering significant disruption to its online systems and services.

Many institutions such as libraries, museums, and public venues are almost completely reliant on digital systems to manage communications, bookings, payroll, point-of-sale systems, legal services and even management of automation, lighting and sound as it relates to exhibits. Sadly, the reliance on technology by institutions dependent largely on grants or public money is not always matched by the willingness or financial incentive to secure that technology from hostile actors and cybercriminals, and this incident has caused a great deal of alarm in public institutions worldwide, who are now double-checking their systems and doing all they can to ensure they do not suffer a similar fate. In fact, in October, The Public Library of Toronto was the victim of a similar ransomware attack.

Checking your cyber risk

Organisations that perform archival functions on behalf of the public should be showing high awareness when it comes to protecting the data they hold, but generally, investigations after the fact show this not to be the case. A cyber risk investigation using Trust365’s extensive cyber risk toolkit found that the British Library’s cyber posture was one of high risk, well below the standard of public libraries across the UK in general, and a scan of known sources on the dark web found over 4700 compromised credentials relating to the British Library’s domain, and over 151 potential publicly exposed assets relating to network and IT, as well as application security. These ranged from email domains in use by the institution for internal communications having no relevant SPF record, opening up mailboxes to attack through spoofing, to running mail servers internally using server and web technologies with existing vulnerabilities.

How can organisations improve their cyber posture?

Issues like these can be remedied easily in most cases, by migrating to zero-trust cloud technologies for identity management, email and data storage. Websites can be built and managed using platforms with simple automatic security patching and DNS records for domains in use for communications carrying the correct record types to ensure email senders can only come from a range of trusted sources. Movement to reliable, secure systems, such as migrating user identity management and email to the cloud, usually comes with a significant one-time cost that can put organisations off making these changes. This cost however, needs to be balanced against the expense incurred by any organisation that fails to fulfil its duties concerning data protection, and a breach in the case of the British Library is estimated to have a final cost of around £1.5M. A high price to pay indeed. It’s not just a monetary cost either; members of the public have the right to see their data and privacy are being properly safeguarded, and attacks on institutions such as libraries, schools and massive public bodies such as the NHS have shown that when it comes to adhering to GDPR legislation and regulations laid down by the ICO, public institutions in the UK are well behind the curve.

How do I make sure I’m protected against cyber threats?

Cutting-edge security products such as the suite of tools available from Trust365 offer complete protection for vulnerable websites and domains, sometimes in the case of products such as TrustiSite, by ensuring sites are certified, and that plugins, media, connected apps and forms are fully up-to-date and secured against the latest online malware threats, and other products such as TrustiMail, completely remove threats of ransomware, spoofing and phishing, by taking away the vector these threats use. By completely encrypting and routing your Outlook or Google mail through Trust365 servers, TrustiMail ensures that you can communicate securely and with enhanced functionality using your existing cloud or workstation email client, with complete confidence that your messaging is totally secure.
With licensing starting at £7 per user per month for TrustiMail, it’s never been easier to remove the possibility of email-based threats from your business or personal messaging. If you’re worried that you might be vulnerable, or you don’t know where to start with checking the security of your emails or website, there are easy-to-use, free scanning tools available at https://www.trust365.com/products/

Avoiding a costly fate

Whatever the future holds in terms of cyber threats, it seems that for most large, publicly-funded institutions, even grappling with the security issues of yesteryear is proving to be a problem, with organisations commonly still reliant on ageing infrastructure, lacking in expert staff, and suffering from poor security training and awareness. It’s becoming increasingly clear that institutions need to adapt to the acceleration of the cyber threat landscape, and invest in and adopt new technologies and practices before they suffer attacks that will end them.
However expensive it may be to meet their data protection responsibilities, it’s never as costly as failure.

Linkedin X-twitter Facebook

Trustify®, Trust365® & Datasurance® are registered trademarks of Trustify Ltd.
© 2025 Trustify Ltd. All rights reserved.

Trust365
Datasurance
TrustiScan
TrustiMail
TrustiSign
TrustiVault
TrustiSite
TrustiCerts
Who we are
Careers
Partners
Support desk
Contact us

UK: +44 (0)808 502 2350

US: +1 (866) 583-3365

Get our latest insights