Book a demo

Author: Trustify

Trustify announces landmark partnership with IONOS

Posted on by Trustify

A game-changer for SMEs seeking comprehensive cybersecurity solutions

Trustify is proud to announce its new Platinum Partnership with IONOS, Europe’s largest hosting provider. This partnership marks a significant step forward in Trustify’s mission to deliver robust, accessible cybersecurity solutions to businesses of all sizes. With IONOS’ unrivalled global reach and Trustify’s technology, this collaboration is set to transform the landscape of cybersecurity for SMEs across the UK.

Real Cyber Resilience for Smaller Organisations

The partnership enables Trustify to offer its complete suite of cybersecurity products and services to a broader audience, giving smaller UK organisations affordable access to enterprise-grade cyber resilience. By integrating services such as:

  • All-in-one, always-on cybersecurity
  • Cyber risk insurance
  • Data breach recovery
  • Penetration testing
  • Secure email
  • SSL certificates

SMEs can now secure their operations with a unified service that combines all their cybersecurity needs in one place.

John Madelin from Trustify’s Advisory Board commented:

“This partnership is a game-changer for smaller UK organisations.”

Trust365 on the IONOS DCD Platform

As part of the agreement, Trustify’s flagship solution, Trust365, will be hosted on the IONOS DCD (Data Centre Designer) platform, making it available to all IONOS customers. Trust365 provides organisations with an all-in-one cybersecurity and cyber insurance solution designed to combat the evolving threat landscape.

Sab Knight, Head of New Markets at IONOS Cloud, shared his thoughts:

“At IONOS Cloud, we are excited to announce our partnership with Trustify. As Europe’s largest hosting provider, IONOS Cloud offers 100% data sovereignty and full GDPR Compliance, being completely exempt from the US Cloud Act. Trustify’s advanced security solutions that enable businesses to better protect their data and navigate increasingly complex digital threats from a single source and needed a provider that could also offer total data sovereignty to make sure Trustify could be a totally locked down data zone. We are pleased that IONOS Cloud has been chosen to be the trusted platform provider for Trustify and their clients.”

Strengthening cybersecurity for a digital future

This partnership aligns with Trustify’s commitment to providing end-to-end cybersecurity solutions. By leveraging the power of IONOS Cloud, Trustify ensures its clients benefit from a fully locked-down data zone, helping them navigate increasingly sophisticated threats with confidence.

To explore how this partnership can enhance your organisation’s cybersecurity, visit our solutions page or book a free demo of Trust365 today.

Enhancing email security and brand value with BIMI

Posted on by Trustify

In the ever-evolving digital landscape, ensuring email security and building brand trust are essential for organisations. BIMI (Brand Indicators for Message Identification) is a groundbreaking email authentication standard that enhances security while increasing brand visibility and trust. Built upon the foundational email security protocol, DMARC, BIMI adds an additional layer of protection while showcasing verified brand logos in email communications.

This article delves into what BIMI is, how it works, and why it’s a game-changer for both security and brand management.

What is BIMI?

A New Standard for Secure Email Authentication

BIMI is an emerging email specification designed to enhance both security and brand visibility. It allows organisations to display their verified logo next to their email messages on supported platforms. By ensuring these logos are authenticated and protected, BIMI builds trust and ensures consistency in branding.

When implemented correctly, BIMI ensures your logo is securely verified through DNS TXT records, preventing unauthorised use and reinforcing your organisation’s credibility.

How does BIMI work?

BIMI integrates seamlessly into existing email authentication protocols. Here’s how it operates:

  1. Email Authentication: The sender’s email must first pass SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance) checks.
  2. BIMI Text File: A BIMI-specific text file, stored on the sender’s server, includes information about the logo and its storage location.
  3. Verification: Once authenticated, the recipient’s email service retrieves the sender’s verified logo and displays it alongside the email.

Requirements for BIMI:

  • A DMARC policy set to quarantine or reject.
  • Verified logo files in SVG (Scalable Vector Graphics) format.
  • A Verified Mark Certificate (VMC), which, though optional currently, will become mandatory in the future.

How is BIMI built on DMARC?

DMARC serves as the backbone of email security, ensuring that only authenticated emails are delivered to recipients. BIMI builds on this foundation, requiring organisations to implement DMARC policies that reject or quarantine unauthorised emails.

By leveraging DMARC, BIMI creates a robust framework that not only prevents phishing and spoofing attacks but also reinforces trust in email communications by displaying authenticated brand logos.

Benefits of BIMI implementation

Enhanced Security

BIMI significantly reduces the risk of impersonation and phishing attacks. By requiring DMARC authentication and verified logos, BIMI helps businesses safeguard against Business Email Compromise (BEC) and unauthorised use of brand assets.

Strengthened Brand Trust

Displaying a verified logo in emails assures recipients that the communication is legitimate. This not only builds trust but also enhances the credibility of your organisation.

Increased Visibility

With a standardised logo appearing in email inboxes, your brand stands out among thousands of messages, increasing engagement and awareness.

How to implement BIMI

BIMI implementation requires a structured approach:

  1. Set Up DMARC: Ensure your organisation has SPF, DKIM, and a DMARC policy enforced to quarantine or reject unauthorised emails.
  2. Prepare Your Logo: Create a verified logo in SVG format. It must be square, free of additional text, and securely stored via HTTPS.
  3. Get a Verified Mark Certificate (VMC): While currently optional, acquiring a VMC will soon be mandatory for BIMI compliance.
  4. Update DNS Records: Publish your BIMI text file on DNS to complete the setup.

Why BIMI is the future of email security

BIMI represents a major step forward in email security and brand management. By combining robust authentication with enhanced visibility, it bridges the gap between trust and engagement in email communications.

As adoption grows, BIMI is poised to become an essential tool for organisations looking to secure their email channels and boost brand recognition. Early implementation ensures you’re ahead of the curve, ready to adapt to the evolving landscape of email communication.

Final thoughts

The integration of BIMI with DMARC is a significant development in email authentication. By offering enhanced security and strengthening brand identity, BIMI empowers organisations to combat sophisticated cyber threats while increasing their visibility.

As email remains a critical communication channel, BIMI provides a vital solution for organisations prioritising both security and brand value in today’s digital world.

Time for public institutions to shape up and shake up their cyber awareness

Posted on by Trustify

Museums, galleries and archives have been urged to tighten their cyber security following the massive ransomware attack on the British Library.

Museums, public archives and galleries are among the latest organisations to be hit by the cybercriminal group Rhysida, with the British Library suffering a ransomware attack in October. The now notorious group threatened to dump nearly 600 gigabytes of leaked data online, including personally identifiable data traceable to customers and staff, a threat which it carried out after demanding £600,000 payable in bitcoin to halt the attack.

What are the cyber risks to public institutions?

In the initial phases of the attack, basic services such as email became denied, and significant IT infrastructure was rendered inoperable by encryption. While many of these services are now enabled once again, the internationally famous institution is still suffering significant disruption to its online systems and services.

Many institutions such as libraries, museums, and public venues are almost completely reliant on digital systems to manage communications, bookings, payroll, point-of-sale systems, legal services and even management of automation, lighting and sound as it relates to exhibits. Sadly, the reliance on technology by institutions dependent largely on grants or public money is not always matched by the willingness or financial incentive to secure that technology from hostile actors and cybercriminals, and this incident has caused a great deal of alarm in public institutions worldwide, who are now double-checking their systems and doing all they can to ensure they do not suffer a similar fate. In fact, in October, The Public Library of Toronto was the victim of a similar ransomware attack.

Checking your cyber risk

Organisations that perform archival functions on behalf of the public should be showing high awareness when it comes to protecting the data they hold, but generally, investigations after the fact show this not to be the case. A cyber risk investigation using Trust365’s extensive cyber risk toolkit found that the British Library’s cyber posture was one of high risk, well below the standard of public libraries across the UK in general, and a scan of known sources on the dark web found over 4700 compromised credentials relating to the British Library’s domain, and over 151 potential publicly exposed assets relating to network and IT, as well as application security. These ranged from email domains in use by the institution for internal communications having no relevant SPF record, opening up mailboxes to attack through spoofing, to running mail servers internally using server and web technologies with existing vulnerabilities.

How can organisations improve their cyber posture?

Issues like these can be remedied easily in most cases, by migrating to zero-trust cloud technologies for identity management, email and data storage. Websites can be built and managed using platforms with simple automatic security patching and DNS records for domains in use for communications carrying the correct record types to ensure email senders can only come from a range of trusted sources. Movement to reliable, secure systems, such as migrating user identity management and email to the cloud, usually comes with a significant one-time cost that can put organisations off making these changes. This cost however, needs to be balanced against the expense incurred by any organisation that fails to fulfil its duties concerning data protection, and a breach in the case of the British Library is estimated to have a final cost of around £1.5M. A high price to pay indeed. It’s not just a monetary cost either; members of the public have the right to see their data and privacy are being properly safeguarded, and attacks on institutions such as libraries, schools and massive public bodies such as the NHS have shown that when it comes to adhering to GDPR legislation and regulations laid down by the ICO, public institutions in the UK are well behind the curve.

How do I make sure I’m protected against cyber threats?

Cutting-edge security products such as the suite of tools available from Trust365 offer complete protection for vulnerable websites and domains, sometimes in the case of products such as TrustiSite, by ensuring sites are certified, and that plugins, media, connected apps and forms are fully up-to-date and secured against the latest online malware threats, and other products such as TrustiMail, completely remove threats of ransomware, spoofing and phishing, by taking away the vector these threats use. By completely encrypting and routing your Outlook or Google mail through Trust365 servers, TrustiMail ensures that you can communicate securely and with enhanced functionality using your existing cloud or workstation email client, with complete confidence that your messaging is totally secure.
With licensing starting at £7 per user per month for TrustiMail, it’s never been easier to remove the possibility of email-based threats from your business or personal messaging. If you’re worried that you might be vulnerable, or you don’t know where to start with checking the security of your emails or website, there are easy-to-use, free scanning tools available at https://www.trust365.com/products/

Avoiding a costly fate

Whatever the future holds in terms of cyber threats, it seems that for most large, publicly-funded institutions, even grappling with the security issues of yesteryear is proving to be a problem, with organisations commonly still reliant on ageing infrastructure, lacking in expert staff, and suffering from poor security training and awareness. It’s becoming increasingly clear that institutions need to adapt to the acceleration of the cyber threat landscape, and invest in and adopt new technologies and practices before they suffer attacks that will end them.
However expensive it may be to meet their data protection responsibilities, it’s never as costly as failure.

Trustify becomes a National Ambassador for NCRCG

Posted on by Trustify

Trustify is proud to announce its appointment as a National Ambassador for the National Cyber Resilience Centre Group (NCRCG). In this new role, Trustify joins an esteemed network of organisations, including Aviva, HP, Microsoft, Mastercard and the NatWest Group, in a collaborative effort to enhance cyber resilience across the UK economy.

Working in partnership with the police, government, and fellow Ambassadors, Trustify will bring its expertise to the forefront of combating cybercrime, particularly within small and medium-sized enterprises (SMEs).

Supporting SMEs in the fight against cybercrime

SMEs are frequently targeted by cybercriminals, often bearing the brunt of attacks that can cripple operations and damage reputations. By partnering with the NCRCG, Trustify is demonstrating its commitment to safeguarding SMEs and bolstering resilience across supply chains nationwide.

Through its extensive customer network, which connects with over 600,000 SMEs, Trustify is uniquely positioned to deliver critical support and advice to businesses most in need. Working closely with the Cyber Resilience Centre (CRC) network, the company will help ensure that SMEs receive the tools and guidance required to stay protected against evolving cyber threats.

Innovative initiatives to drive resilience

As part of its ambassadorial role, Trustify will host virtual roadshows across the nine regional CRCs, focusing on threat intelligence management. These sessions will provide SMEs with valuable insights into how Trustify supports its customers in monitoring and mitigating cyber threats, enabling businesses to build stronger defences and safeguard their supply chains.

John Madelin, Advisory Board Member and National Ambassador Representative at Trustify, expressed his enthusiasm for the partnership:

“I’m so honoured to have been invited by Trustify to represent the company in their work as an NCRCG National Ambassador. Trustify Founder Alistair Murray’s dedication to tackling critical challenges in the sector, combined with the increasing support and focus from the government, presents a significant opportunity for us to fortify UK plc and revolutionise our defence against cyber attacks.”

Detective Superintendent Ian Kirby, CEO at NCRCG, also shared his thoughts:

“We are delighted that Trustify is joining us in becoming an NCRCG National Ambassador. We have seen a fantastic expansion of our National Ambassador programme in recent months which is testament to the excellent work being carried out by our central team as well as the network of regional CRCs. Organisations like Trustify are seeing the real impact the CRC network is having and, with their support, we will be able to broaden our reach even further for the benefits of SMEs across the country. Thank you to Trustify for this show of support and championing the fightback against cybercrime.”

Trustify’s role as an NCRCG National Ambassador reflects its dedication to securing the UK’s digital economy and empowering businesses of all sizes to combat cybercrime. This partnership underscores the importance of collaboration between the private sector, government, and law enforcement in creating a safer digital environment for all.

Learn more about the National Cyber Resilience Centre Group Ambassadors.

Trustify recognised by Ukraine for cybersecurity support amid war with Russia

Posted on by Trustify

Trustify has been formally recognised by Ukraine for its pivotal role in protecting the nation’s digital infrastructure during the ongoing war with Russia. A letter of thanks from Oleksii Vyskub, Ukraine’s First Deputy Minister of Digital Transformation, highlighted the significant impact of Trustify’s efforts in safeguarding key government domains and services.

Trustify has successfully encrypted all web domains associated with the Ukrainian government and 60 of its agencies. This work has been instrumental in minimising the risk of cyber-attacks and data breaches during a period of intense conflict.

Escalating cyber threats amidst conflict

Trustify revealed that since the start of the war, cyber-attacks on Ukraine’s web infrastructure have surged by more than 300 per cent, with Russian forces employing cyber warfare as part of a broader strategy to destabilise the country. By implementing cutting-edge security measures, Trustify has helped Ukraine resist these sustained digital offensives.

In his letter, Mr Vyskub acknowledged Trustify’s contribution, stating:

“Your generous support in providing SSL certificates for Ukrainian State domains is highly valued by us… I truly believe that your support to Ukraine in protecting our governmental websites and online citizen services from attacks is an important contribution to our future victory over Russia. We have been dealing with Trustify since 2019 and greatly value your input and support in keeping Ukraine safe from data breach.”

Recognition for unsung heroes

Alistair Murray, founder of Trustify, described receiving the letter as a milestone moment for the company. He commented:

“When we started working with the government in Kyiv, we did not think war of this nature would be taking place right now. When cybersecurity works, nothing happens—and while we are delighted with the outcome, there is little by way of celebration or noise.

“To get such vocal recognition from a senior politician of a country at war is a big moment. It’s something that has really energised our teams of coders and technical experts, who are so often the unsung heroes. Playing even a small part in countering such a vicious and sustained attack is a real privilege for us.”

Trustify’s work with Ukraine further demonstrates its commitment to providing robust and innovative solutions in even the most challenging circumstances.

For more information about how Trustify supports businesses and governments worldwide, contact us today.

Read the original article in The Scotsman.

Linkedin X-twitter Facebook

Trustify®, Trust365® & Datasurance® are registered trademarks of Trustify Ltd.
© 2025 Trustify Ltd. All rights reserved.

Trust365
Datasurance
TrustiScan
TrustiMail
TrustiSign
TrustiVault
TrustiSite
TrustiCerts
Who we are
Careers
Partners
Support desk
Contact us

UK: +44 (0)808 502 2350

US: +1 (866) 583-3365

Get our latest insights