Educause Security Discussion mailing list archives
Re: Email Banner
From: Todd Watson <todd () USG EDU>
Date: Wed, 24 Jun 2020 15:25:00 +0000
Hi Mark, We implemented the banner below. We change the background color periodically to reduce a level of complacency. For certain types of phishing, the banner has been somewhat helpful to reduce successful phishing. The banner is one layer of a suite of technology and training we use to minimize successful phishing attempts. There are considerations for implementing. The banner supplants message previews, particularly on mobile devices, which may cause user complaints. Also, treatment of communications with third-party partners will need to be considered carefully. For example, a cloud-based ticketing system may need whitelisting to not interfere with normal operations. However, it may not be wise to whitelist a mass-mail service if they offer free services to the public. Cheers, Todd --- Dr. W. Todd Watson, CISSP Information Security Officer University System of Georgia Cybersecurity 706-583-2400 todd () usg edu From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of "Ballister, Mark" <Mark_Ballister () URMC ROCHESTER EDU> Reply-To: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> Date: Wednesday, June 24, 2020 at 11:03 AM To: "SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] Email Banner CAUTION: This email originated from outside of the USG System Office. Use caution replying or supplying information, clicking links or opening attachments. If you suspect the message is fraudulent, contact the Enterprise Service Center at 706-583-2001 or helpdesk () usg edu<mailto:helpdesk () usg edu>. Good afternoon, I am looking for information on who has implemented an external email banner and who has not. For those that have, have you seen an improvement in user behavior around phishing? Thank you for your time. Thank you, Mark Mark J. Ballister, CPP | CISM | CISSP Chief Information Security Officer (CISO) University of Rochester (585) 276-6200 (Office) (585) 472-2361 (mobile) [UR.4col.v2] ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=02%7C01%7Ctodd%40USG.EDU%7C7fd180fdcf144883acab08d8184fc0df%7C4711f877fb3a4f11aaab3c496800c23d%7C0%7C0%7C637286078104182920&sdata=mZCHH%2BGoLAGKEHP9trMgohmVyQVJXq6rSoTW8J6f1f8%3D&reserved=0> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Re: Email Banner, (continued)
- Re: Email Banner Ayala, Daniel (Jun 24)
- Re: Email Banner King, Ronald A. (Jun 24)
- Re: Email Banner Mark Rogowski (Jun 24)
- Re: Email Banner Jamie Schademan (Jun 24)
- Re: Email Banner Albrecht, Travis (Jun 24)
- Re: Email Banner Dave Broucek (Jun 24)
- Re: Email Banner Julian Y Koh (Jun 24)
- Re: [EXTERNAL] Re: [SECURITY] Email Banner Hart, Michael (Jun 24)
- Re: Email Banner Todd Watson (Jun 24)
- Re: Email Banner Ron Lee (Jun 24)
- Re: Email Banner Todd Watson (Jun 24)
- Re: Email Banner Rick Haugerud (Jun 24)
- Re: Email Banner Douglas R. Lomsdalen (Jun 24)
- Re: Email Banner Ballister, Mark (Jun 25)
- Re: Email Banner Spiars, Vince (Jun 25)
- Re: [External] Re: [SECURITY] Email Banner Phillip Romig III (Jun 25)
- Re: [External] Re: [SECURITY] Email Banner Miller, Richard H. (Jun 26)
- Re: [External] Re: [SECURITY] Email Banner Hart, Michael (Jun 29)