DomainSecurityScanner
Compliance Guides

Email Security Compliance

Understand which email authentication protocols are required by your compliance framework. Each guide maps SPF, DKIM, DMARC, SSL, and other controls to specific framework requirements.

Requirements at a Glance

FrameworkSPFDMARCDKIMSSL/TLSHeadersDNSSEC
SOC 2RecommendedRecommendedRecommendedRequiredRecommendedOptional
HIPAARecommendedRequiredRecommendedRequiredRecommendedOptional
GDPRRecommendedRecommendedRecommendedRequiredRecommendedOptional
PCI DSSRecommendedRecommendedRecommendedRequiredRequiredOptional
NISTRequiredRequiredRequiredRequiredRecommendedRequired
ISO 27001RecommendedRecommendedRecommendedRequiredRecommendedOptional
Cyber EssentialsRecommendedRecommendedRecommendedRequiredRecommendedOptional
FedRAMPRequiredRequiredRequiredRequiredRequiredRequired
Google & Yahoo 2024RequiredRequiredRequiredRequiredOptionalOptional
Required Recommended Optional

Framework Guides

SOC 2

SOC 2 Type II

How email authentication helps meet SOC 2 Trust Services Criteria for Security and Availability.

1 required|6 protocols covered

HIPAA

Health Insurance Portability and Accountability Act

Protecting PHI in email communications with HIPAA-compliant authentication and encryption.

2 required|6 protocols covered

GDPR

General Data Protection Regulation

Protecting personal data in email and preventing email-based data breaches under GDPR.

1 required|6 protocols covered

PCI DSS

Payment Card Industry Data Security Standard

Email security requirements for organisations handling payment card data under PCI DSS 4.0.

2 required|6 protocols covered

NIST

NIST Special Publication 800-177

NIST SP 800-177 Trustworthy Email guidelines for email authentication and security.

5 required|6 protocols covered

ISO 27001

ISO/IEC 27001:2022

Email security controls for ISO 27001:2022 ISMS certification and Annex A compliance.

1 required|6 protocols covered

Cyber Essentials

Cyber Essentials (UK)

UK government-backed Cyber Essentials certification and email security best practices.

1 required|6 protocols covered

FedRAMP

Federal Risk and Authorization Management Program

Email security requirements for FedRAMP-authorized cloud services in the US federal government.

6 required|6 protocols covered

Google & Yahoo 2024

Google & Yahoo Bulk Sender Requirements

Mandatory email authentication for bulk senders to Gmail and Yahoo Mail.

4 required|6 protocols covered

Check Your Compliance

Run a free scan to see how your domain measures up against compliance requirements. Pro and Agency plans include PDF reports for audit evidence.

Scan Your DomainView Pro Plans