Educause Security Discussion mailing list archives
Re: [External] Re: [SECURITY] Email Banner
From: "Rose, Henry" <harose () PVAMU EDU>
Date: Fri, 26 Jun 2020 15:48:51 +0000
We temporarily utilized Banners, however we decided to turn them off. We have implemented other controls and we are looking dynamic message banners. Best Regards, Henry Rose Security Analyst II Office of Information Resource Management P. O. Box 519, Mail Stop 1460 Prairie View, TX, 77446 Harrington Science, Rm 311E Tel: (936) 261-9353| Fax: (936) 261-9342 Email: harose () pvamu edu<mailto:harose () pvamu edu> How was my service<http://www.pvamu.edu/irm/customer-service-survey/> [cid:image001.jpg@01D04B80.E1EB84B0]<http://www.pvamu.edu/> Follow PVAMU! [cid:image002.png@01D04B80.E1EB84B0] <http://www.facebook.com/pvamu> [cid:image003.png@01D04B80.E1EB84B0] <http://twitter.com/pvamu> [cid:image004.png@01D04B80.E1EB84B0] <http://www.flickr.com/photos/pvamu/sets/> [cid:image005.png@01D04B80.E1EB84B0] <http://www.youtube.com/pvamu> From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Cap, Brianne Sent: Friday, June 26, 2020 10:38 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] [External] Re: [SECURITY] Email Banner I’m late to the party, but we turned off our banners off last year. We didn’t see a significant change in user behavior. Turning on Microsoft ATP, including safe links and safe attachments proved to be far more valuable and has significantly reduced the threat of a successful phishing attempt. The technology isn’t perfect, but it’s really good. Regards, Brianne Cap | Sr. Program Manager, Information Security P 630.799.0135 | M 630.881.7518 | E brianne.cap () devry edu<mailto:brianne.cap () devry edu> 1200 E. Diehl Rd. | Naperville, IL 60563 | devry.edu<https://urldefense.proofpoint.com/v2/url?u=http-3A__devry.edu_&d=DwMGaQ&c=aKVGQ2uftgEtyjWUfhfCVjzs5Cm37_HE6-sIB-MDAow&r=FieNZpaN22lxzhpzKAafkQ&m=Q6D0AESaZMrn3-ha9jf267v-U6XH_cGeJIlsUyiWNzY&s=M68cLJRYGqww5XVIwuVmpbXILdzpntMDSYL83aS3FZY&e=> [cid:image002.jpg@01D64BA5.DAFFE9E0] From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> On Behalf Of Sue McGlashan Sent: Friday, June 26, 2020 8:39 AM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: Re: [SECURITY] [External] Re: [SECURITY] Email Banner I did not see a reply. We are discussing the same issue. I am floating the idea that requests should be managed like control exceptions. The policy is … If you need an exception, here is the process to request …, and sign off should be from the Dean / appropriate senior leader Sue McGlashan Manager, Information Risk, IS, ITS 416 946 3260 From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> on behalf of Phillip Romig III <promig3 () MINES EDU<mailto:promig3 () MINES EDU>> Reply-To: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> Date: Thursday, June 25, 2020 at 5:37 PM To: <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> Subject: Re: [SECURITY] [External] Re: [SECURITY] Email Banner If the group will indulge me, I’d like to ask a follow-up question. Of those who do use a banner or subject line, who decides who has the authority to say what messages should be whitelisted (if any). We have the usual suspects using external email services – SaaS and the like. Some are easy decisions (messages from our LMS for example don’t get tagged) while others are a controversial mix of political and technical issues. Do you have an authority who can say yes/no to a whitelisting request, and if so who? Thanks Phil P.S. I realize it is tacky to ask a followup question without responding to the initial question, so you can see an example of both our subject line modificaton and our banner in the attached message. -- Phillip R. Romig, Ph.D. Chief Information Security Officer (303) 273-3866 From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> on behalf of "Ballister, Mark" <Mark_Ballister () URMC ROCHESTER EDU<mailto:Mark_Ballister () URMC ROCHESTER EDU>> Reply-To: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> Date: Thursday, June 25, 2020 at 10:01 AM To: "SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>" <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> Subject: [External] Re: [SECURITY] Email Banner CAUTION: This email originated from outside of the Colorado School of Mines organization. Do not click on links or open attachments unless you recognize the sender and know the content is safe. Thank you all for your responses on the email banner, it was appreciated and produced the data I was looking for. Thank you, Mark From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> On Behalf Of Ballister, Mark Sent: Wednesday, June 24, 2020 10:53 AM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] Email Banner Good afternoon I am looking for information on who has implemented an external email banner and who has not. For those that have, have you seen an improvement in user behavior around phishing? Thank you for your time. Thank you, Mark Mark J. Ballister, CPP | CISM | CISSP Chief Information Security Officer (CISO) University of Rochester (585) 276-6200 (Office) (585) 472-2361 (mobile) [UR.4col.v2] ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://urldefense.proofpoint.com/v2/url?u=https-3A__nam02.safelinks.protection.outlook.com_-3Furl-3Dhttps-253A-252F-252Fwww.educause.edu-252Fcommunity-26data-3D02-257C01-257Cbrianne.cap-2540DEVRY.EDU-257C944d9572bf044abd9b1c08d819d63bb1-257Cf979c99c51ab4ff686e035fd2874788f-257C0-257C0-257C637287755205739347-26sdata-3DY2fDid3L5eXpTvBeTT3HtniQq2sZ3U7TTfH5-252BabxPvU-253D-26reserved-3D0&d=DwMGaQ&c=aKVGQ2uftgEtyjWUfhfCVjzs5Cm37_HE6-sIB-MDAow&r=FieNZpaN22lxzhpzKAafkQ&m=Q6D0AESaZMrn3-ha9jf267v-U6XH_cGeJIlsUyiWNzY&s=u1B8de8DX6qM7a63myOFBl4n7Jc-Zb_frsGkqjMMh88&e=> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://urldefense.proofpoint.com/v2/url?u=https-3A__nam02.safelinks.protection.outlook.com_-3Furl-3Dhttps-253A-252F-252Fwww.educause.edu-252Fcommunity-26data-3D02-257C01-257Cbrianne.cap-2540DEVRY.EDU-257C944d9572bf044abd9b1c08d819d63bb1-257Cf979c99c51ab4ff686e035fd2874788f-257C0-257C0-257C637287755205739347-26sdata-3DY2fDid3L5eXpTvBeTT3HtniQq2sZ3U7TTfH5-252BabxPvU-253D-26reserved-3D0&d=DwMGaQ&c=aKVGQ2uftgEtyjWUfhfCVjzs5Cm37_HE6-sIB-MDAow&r=FieNZpaN22lxzhpzKAafkQ&m=Q6D0AESaZMrn3-ha9jf267v-U6XH_cGeJIlsUyiWNzY&s=u1B8de8DX6qM7a63myOFBl4n7Jc-Zb_frsGkqjMMh88&e=> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://urldefense.proofpoint.com/v2/url?u=https-3A__nam02.safelinks.protection.outlook.com_-3Furl-3Dhttps-253A-252F-252Fwww.educause.edu-252Fcommunity-26data-3D02-257C01-257Cbrianne.cap-2540DEVRY.EDU-257C944d9572bf044abd9b1c08d819d63bb1-257Cf979c99c51ab4ff686e035fd2874788f-257C0-257C0-257C637287755205749344-26sdata-3DgERLlgRHl6nl-252BFo9h22jcypm1x36d2Bzqkk81SGATqA-253D-26reserved-3D0&d=DwMGaQ&c=aKVGQ2uftgEtyjWUfhfCVjzs5Cm37_HE6-sIB-MDAow&r=FieNZpaN22lxzhpzKAafkQ&m=Q6D0AESaZMrn3-ha9jf267v-U6XH_cGeJIlsUyiWNzY&s=gnWfilWwiX_ZX3inzz2wuV31nTaG9xlEIb8CXuLgsQ4&e=> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.educause.edu_community&d=DwMGaQ&c=aKVGQ2uftgEtyjWUfhfCVjzs5Cm37_HE6-sIB-MDAow&r=FieNZpaN22lxzhpzKAafkQ&m=Q6D0AESaZMrn3-ha9jf267v-U6XH_cGeJIlsUyiWNzY&s=X3sGFyFnhiWC3YIJgSKqQ_iLCMQob_bC4EjFjiveGLY&e=> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Re: [EXTERNAL] Re: [SECURITY] Email Banner Michael Young (Jun 24)
- <Possible follow-ups>
- Re: [External] Re: [SECURITY] Email Banner Sue McGlashan (Jun 26)
- Re: [External] Re: [SECURITY] Email Banner Mark Rogowski (Jun 26)
- Re: [External] Re: [SECURITY] Email Banner Cap, Brianne (Jun 26)
- Re: [External] Re: [SECURITY] Email Banner Rose, Henry (Jun 26)