BOD 18-01 Compliance

Your One Stop for Binding Operational Directive 18-01 Issuance Info and Compliance


The Department of Homeland Security has issued Binding Operational Directive 18-01 for agencies to upgrade their email and web security within 12 months.  Given the timelines outlined, agencies will need to navigate the implementation of SPF, DMARC, and STARTTLS efficiently.  The first deadline is to provide an Agency Plan of Action, which is due November 15th, 2017.  Proofpoint, a leading cyber security and email security provider has a comprehensive toolkit to aid the path to compliance within the required deadlines.

U.S. Government’s DMARC Mandate:

A Step in the Right Direction

Create and Submit Your BOD 18-01 Security Plan

Creating and submitting a plan on how you will comply with BOD 18-01 is a critical first step to upgrading your email security.  As the industry leader in email security, Proofpoint provides the solutions and the people our customers need to plan, execute, and optimize their security posture based on their specific needs.  Leveraging our proven method for success, we have created a comprehensive step-by-step plan – and supporting resources - for you to submit to the Department of Homeland Security.

DHS BOD 18-01 Compliance Timeline

Getting Started with DMARC

DMARC (Domain-based Message Authentication Reporting & Conformance) protects your trusted domains from email spoofing attacks.  But, enforcing DMARC can be difficult and introduces the risk of blocking legitimate, business critical email.  Proofpoint provides the visibility, tools, and services to help you implement DMARC authentication quickly and confidently.

Read The Guide
Create A DMARC Record

Stop Email Fraud with a Proven DMARC Vendor

Publishing a DMARC record in DNS is just the start of the journey towards protecting your domains from email fraud.  Identifying and authorizing all legitimate senders, including 3rd party email service providers, and fixing authentication issues are critical steps you need to take before you reach a DMARC ‘reject’ policy.  Our Professional Services consultants partner with you through every step of your DMARC implementation journey and help you maintain DMARC authentication as your email practices evolve. 

Person at computer stopping email fraud

Get Compliant Now

Schedule a meeting today with our cybersecurity experts to see how your domain is being used by threat actors to target your employees, business partners and customers.