Email Protections

This sections covers protections from attacks against the primary attack vector for malicious users, email.

ATP – Safe Attachments, Safe Links, and Anti-Phishing Policies or “All the policies you can shake a stick at”
This blog post describes the features of Microsoft’s Advanced Threat Protection (ATP).
Australian Cyber Security Centre (ACSC) – Malicious Email Mitigation Strategies
This publication describes strategies for mitigating impacts of malicious emails.
Microsoft – Microsoft 365 guidance for security & compliance
This article describes various methods to secure Microsoft 365.
NIST SP 800-45 Guideline on Electronic Mail Security
This document provides recommended security practices for designing and operating email systems.
PC Magazine – 6 Ways SMBs Can Avoid an Email Security Nightmare
This article describes tips on how small to midsize businesses (SMBs) should approach email security.
Tech Target – Email Security Best Practices
This article offers some simple tips on securing email from both administrative and end user perspectives.

CMMC Level 1 Self-Assessment Guide
This document provides self-assessment guidance for conducting Cybersecurity Maturity Model Certification (CMMC) assessments for Level 1.
CMMC Level 2 Assessment Guide
This document provides assessment guidance for conducting Cybersecurity Maturity Model Certification (CMMC) assessments for Level 2.
CMMC Level 3 Assessment Guide
This document provides assessment guidance for conducting Cybersecurity Maturity Model Certification (CMMC) assessments for Level 3.
NIST SP 800-171A Assessing Security Requirements for Controlled Unclassified Information
The purpose of this publication is to provide procedures for assessing the CUI requirements in NIST Special Publication 800-171.