PCI DSS Mandated Compliance by 3/31/2025 to implement DMARC
Under PCI DSS v. 4.0, financial institutions and all entities that store, process, or transmit cardholder data must implement Domain-based Message Authentication, Reporting, and Conformance (DMARC record), per the 3/31/2025 mandate. Implementing DMARC alongside SPF and DKIM records will help an organization to ensure that only legitimate senders can send emails on behalf of an organization’s domain and will reduce fraudulent and phishing attacks, protecting both employees and customers from email domain impersonation. Failure to comply may result in financial penalties ranging from $500-$100K, as well as increased risk of email fraud and deliverability issues.
Key Features of Domain-based Message Authentication, Reporting, and Conformance (DMARC)
- Authentication Enforcement: DMARC requires that an email must pass SPF or DKIM (or both) and that the sender’s domain aligns with these authentication methods in order to prevent attackers from spoofing legitimate domains.
- Policy Enforcement: Domain owners can set DMARC policies (none, quarantine, reject) to dictate how email providers should handle messages that fail authentication.
- Reporting and Visibility: DMARC can provide domain owners reports about email authentication failures, which can help to identify unauthorized senders as well as allow adjustments of their security measures accordingly.
Resources
- Tools: DMARC/SPF/DKIM Look Up Tool: https://easydmarc.com/
- Bulletin: https://dmarcian.com/pci-requires-dmarc/
- Bulletin 2: https://www.proofpoint.com/us/blog/email-and-cloud-threats/implementing-dmarc-to-meet-pci-dss-v4-0-requirements
How can DataComm Help?
DataComm Network Engineers can assist you with reviewing or creating your email domain SPF, DKIM and DMARC records and documenting them. Please feel free to reach out to DataComm Support @ 877.544.3655 or email helpdesk@www-prod.datacomm.com.
Microsoft AI-Powered feature Copilot now fully integrated with Windows 11 24H2 release
DataComm recently notified customers subscribed to our SecurNOC with Automate Patch Management with guidance on disabling the automatic installation of Microsoft’s AI-powered Copilot, which is now fully integrated into Windows 11 24H2 versions and compatible devices.
Overview of Microsoft Copilot
Microsoft 365 Copilot is an AI-driven productivity tool designed to enhance efficiency, streamline workflows, and assist users with tasks such as drafting, summarizing, and responding to inquiries—all within the context of their Microsoft 365 applications. The 24H2 update makes Copilot readily available on Windows 11, accessible through a dedicated icon on the taskbar. While this functionality can provide significant benefits, it also raises privacy concerns, potential security risks, and performance considerations that may impact workflow operations.
DataComm Recommendations
- Due to audit and compliance regulations, we recommend disabling Microsoft Copilot by default for both current and future Windows 11 installations.
- The remediation process includes disabling Copilot, the Search bar, and Microsoft Edge integration through Group Policy. If the ‘Turn Off Windows Copilot’ policy is not available in the existing Group Policy Object (GPO) settings, customers may need to download and install .ADMX files. These changes can be implemented by either creating a new GPO or modifying an existing one.
- You can download the Microsoft ADMX templates here: https://www.microsoft.com/en-us/download/details.aspx?id=106254 .
How can DataComm Help?
- DataComm Network Engineers assist you with downloading correct ADMX files, disabling Copilot via Group Policy editor or assistance with troubleshooting implementation issues. We have already assisted some or our customers sent a notice out to our SecurNOC customers to both advise and to help with implementation.
- Please reach out via DataComm Support @ 877.544.3655 or email helpdesk@www-prod.datacomm.com. for any interest in becoming a Managed Service “SecurNOC” Customer, which includes 24hr network device monitoring, Patch Management and service ticket notification. DataComm offers a variety of services and solutions that can be tailored to fit your needs.
Software End of Support Dates
We are providing helpful information below to keep you informed of key upcoming end of support dates.
Microsoft End of Support Dates
| Product | Date |
|---|---|
| Windows Server 2016 | End of Extended Support on 1/12/2027 |
| Windows Server 2019 | End of Extended Support on 1/9/2029 |
| Windows Server 2022 | End of Extended Support on 10/14/2031 |
| Windows 10 | End of Support 10/14/2025 |
| Exchange Server 2016 | End of Extended Support on 10/14/2025 |
| Exchange Server 2019 | End of Extended Support on 10/14/2025 |
| Office 2016/2019 | End of Extended Support on 10/14/2025 |
| SQL Server 2014 SP 3 | End of Extended Support on 7/9/2024 |
| SQL Server 2016 SP3 | End of Extended Support on 7/14/2026 |
VMware End of Support Dates:
| Product | Date |
|---|---|
| ESXi 7.0 | End of General Support on 4/2/2025 |
| ESXi 8.0 | End of General Support on 10/11/2027 |
How can DataComm Help?
- DataComm Network Engineers can assist you with planning for Microsoft operating system and MS Office software purchasing, installation and upgrades, Hosted Exchange to O365 Migrations, SQL Server software reviews/upgrades and VMware installation, upgrades and general support. Please reach out via DataComm Support @ 877.544.3655 or email helpdesk@www-prod.datacomm.com.
We are here to Support You
Contact DataComm Support @ 877.544.3655 or email helpdesk@www-prod.datacomm.com should you want to create a service ticket.
If you have any needs or questions, feel free to reach out to your account manager, respond to this email, or call Sales at +1 (800) 544-4627 option 2.
