tl;dr: I’m joining ValiMail as head of communications, because I like email and want it to work right.
I’m kind of a fan of email. I’m weird like that: Most of the journalists and tech experts I know say they hate email. But I keep coming back to it.
Email is ubiquitous, and since it’s based on open standards, it’s not controlled by any single company. Unlike the rest of the web we lost, it stands, almost alone, as a bastion of universality, accessibility, and openness. You can set up your own email server if you want, with whatever security or lack of security you deem appropriate, and you don’t have to ask anyone’s permission or pay a fee. You can write lengthy formal missives to your friends and business associates or short notes to yourself or your baby daughter. You can use email as your to-do list. You can treat email like SMS and write tight messages without punctuation or capitalization. It’s all good, and it’s all up to you.
Email was one of the first things that caught my interest when I first really got online in 1991, and when I published a book in 1995, the most useful four pages in it explained how to send email from one online service (like Prodigy) to another (like CompuServe) via the Internet. (It wasn’t obvious at the time.)
Since then I’ve written about how I’m deluged in mail, passed along secrets for getting me to read your email, made a case for writing shorter emails, and argued that we would all miss email if it died.
Email continues to be an essential tool for communication between people and companies. It is the most effective marketing medium bar none. The spam problem is largely taken care of due to sophisticated and adaptable filtering.
But there’s one big problem remaining, and that’s trustworthiness.
In most cases, it’s far too easy impersonate someone in email by putting their name and email address in the From field of your message. There are no built-in safeguards in email’s basic protocols to validate the sender of an email.
As a result, phishing is rampant. Roughly 90% of cyberattacks start with hackers sending phishing emails to individuals, and those emails often impersonate senders the recipients would trust (like their company’s IT manager or CEO, or their bank, or Google.)
That’s where email authentication comes in. To simplify a bit, once a domain owner has enabled email authentication and has set an enforcement policy, emails from any authorized senders — to any recipient — will get through. But emails from unauthorized senders won’t even get delivered.
It’s complicated to implement, and that’s why most domain owners have not yet enabled authentication, even though the majority of email service providers (like Gmail or Office 365) are compatible with it. And that’s the job that ValiMail handles, by automating the process of setting up, managing, and monitoring email authentication for companies that want to protect their domains.
The headline benefit is that it stops phishing. Close behind that is that it protects a company’s brand reputation from bad guys who would impersonate it. A third benefit includes the ability for IT people to get control over “shadow IT” services: cloud services that random employees have signed up for. Whenever those services attempt to send email on behalf of the company, and most of them will, the IT folks get a notification and can make a decision about whether or not to authorize those emails.
To make a long story short, ValiMail offered me the position of head of communications, and I accepted. My first day is Monday. If you’re a journalist and want the inside scoop on email authentication, or you could use data on phishing and its broader impact on cybersecurity, let me know. I am going to be a zero-BS comms guy, because I’ve been on the other side and I know what is useful PR and what’s not. I’m going to be useful.
If you’re not a journalist and you’re interested in this topic, tune in to the ValiMail blog, where I’ve been writing for over a year and will continue to post what I hope will be interesting and illuminating updates.
I didn’t set out to find a job. I was very happily running my own show at Tweney Media, enjoying life as an independent consultant and freelancer. I’m proud that I was able to deliver some great results for my clients.
But I like the people at ValiMail, I like what the company is doing, I think there’s a big opportunity there, and most of all, I believe they’ve got something real that will have actual, material benefit to the world. I’m not saying that Snap Spectacles or your social network for dogs don’t have social utility, but with ValiMail, I can clearly see a real benefit that I can get behind.
Besides, did I mention that I really like email? And I want it to stay open and free — just more trustworthy.
Very cool. Congrats!
Brilliant. (And I’m glad to hear that you didn’t have to take a job with the Man, that your consulting business is still in good health.) To me, email’s killer feature has always been that it isn’t predicated on immediate response, like a phone call or text. It respects one’s time.