Re: [External] Re: [SECURITY] Email Banner

["Rose, Henry" <harose () PVAMU EDU>]

We temporarily utilized Banners, however we decided to turn them off. We have implemented other controls and we are 
looking dynamic message banners.

Best Regards,

Henry Rose
Security Analyst II
Office of Information Resource Management
P. O. Box 519, Mail Stop 1460 Prairie View, TX, 77446
Harrington Science, Rm 311E
Tel: (936) 261-9353| Fax: (936) 261-9342
Email: harose () pvamu edu<mailto:harose () pvamu edu>
How was my service<http://www.pvamu.edu/irm/customer-service-survey/>


[cid:image001.jpg@01D04B80.E1EB84B0]<http://www.pvamu.edu/>
Follow PVAMU! [cid:image002.png@01D04B80.E1EB84B0] <http://www.facebook.com/pvamu> [cid:image003.png@01D04B80.E1EB84B0] 
<http://twitter.com/pvamu> [cid:image004.png@01D04B80.E1EB84B0] <http://www.flickr.com/photos/pvamu/sets/> 
[cid:image005.png@01D04B80.E1EB84B0] <http://www.youtube.com/pvamu>


From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Cap, Brianne
Sent: Friday, June 26, 2020 10:38 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] [External] Re: [SECURITY] Email Banner

I’m late to the party, but we turned off our banners off last year. We didn’t see a significant change in user 
behavior. Turning on Microsoft ATP, including safe links and safe attachments proved to be far more valuable and has 
significantly reduced the threat of a successful phishing attempt. The technology isn’t perfect, but it’s really good.

Regards,

Brianne Cap | Sr. Program Manager, Information Security
P 630.799.0135 | M 630.881.7518 | E brianne.cap () devry edu<mailto:brianne.cap () devry edu>
1200 E. Diehl Rd. | Naperville, IL 60563 | 
devry.edu<https://urldefense.proofpoint.com/v2/url?u=http-3A__devry.edu_&d=DwMGaQ&c=aKVGQ2uftgEtyjWUfhfCVjzs5Cm37_HE6-sIB-MDAow&r=FieNZpaN22lxzhpzKAafkQ&m=Q6D0AESaZMrn3-ha9jf267v-U6XH_cGeJIlsUyiWNzY&s=M68cLJRYGqww5XVIwuVmpbXILdzpntMDSYL83aS3FZY&e=>

[cid:image002.jpg@01D64BA5.DAFFE9E0]


From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> On Behalf Of Sue McGlashan
Sent: Friday, June 26, 2020 8:39 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] [External] Re: [SECURITY] Email Banner

I did not see a reply.  We are discussing the same issue.

I am floating the idea that requests should be managed like control exceptions.

The policy is …
If you need an exception, here is the process to request …, and sign off should be from the Dean / appropriate senior 
leader

Sue McGlashan
Manager, Information Risk, IS, ITS
416 946 3260



From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> on behalf of Phillip Romig III <promig3 () MINES EDU<mailto:promig3 () MINES EDU>>
Reply-To: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>>
Date: Thursday, June 25, 2020 at 5:37 PM
To: <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>>
Subject: Re: [SECURITY] [External] Re: [SECURITY] Email Banner

If the group will indulge me, I’d like to ask a follow-up question.  Of those who do use a banner or subject line, who 
decides who has the authority to say what messages should be whitelisted (if any).  We have the usual suspects using 
external email services – SaaS and the like. Some are easy decisions (messages from our LMS for example don’t get 
tagged) while others are a controversial mix of political and technical issues.

Do you have an authority who can say yes/no to a whitelisting request, and if so who?

Thanks
Phil

P.S. I realize it is tacky to ask a followup question without responding to the initial question, so you can see an 
example of both our subject line modificaton and our banner in the attached message.

--
Phillip R. Romig, Ph.D.
Chief Information Security Officer
(303) 273-3866


From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> on behalf of "Ballister, Mark" <Mark_Ballister () URMC ROCHESTER EDU<mailto:Mark_Ballister () URMC 
ROCHESTER EDU>>
Reply-To: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>>
Date: Thursday, June 25, 2020 at 10:01 AM
To: "SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>" <SECURITY () LISTSERV EDUCAUSE 
EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>>
Subject: [External] Re: [SECURITY] Email Banner

CAUTION: This email originated from outside of the Colorado School of Mines organization. Do not click on links or open 
attachments unless you recognize the sender and know the content is safe.

Thank you all for your responses on the email banner, it was appreciated and produced the data I was looking for.

Thank you,
Mark

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> On Behalf Of Ballister, Mark
Sent: Wednesday, June 24, 2020 10:53 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Email Banner


Good afternoon

I am looking for information on who has implemented an external email banner and who has not.  For those that have, 
have you seen an improvement in user behavior around phishing?  Thank you for your time.

Thank you,
Mark

Mark J. Ballister, CPP | CISM | CISSP
Chief Information Security Officer (CISO)
University of Rochester
(585) 276-6200 (Office)
(585) 472-2361 (mobile)

[UR.4col.v2]


**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://urldefense.proofpoint.com/v2/url?u=https-3A__nam02.safelinks.protection.outlook.com_-3Furl-3Dhttps-253A-252F-252Fwww.educause.edu-252Fcommunity-26data-3D02-257C01-257Cbrianne.cap-2540DEVRY.EDU-257C944d9572bf044abd9b1c08d819d63bb1-257Cf979c99c51ab4ff686e035fd2874788f-257C0-257C0-257C637287755205739347-26sdata-3DY2fDid3L5eXpTvBeTT3HtniQq2sZ3U7TTfH5-252BabxPvU-253D-26reserved-3D0&d=DwMGaQ&c=aKVGQ2uftgEtyjWUfhfCVjzs5Cm37_HE6-sIB-MDAow&r=FieNZpaN22lxzhpzKAafkQ&m=Q6D0AESaZMrn3-ha9jf267v-U6XH_cGeJIlsUyiWNzY&s=u1B8de8DX6qM7a63myOFBl4n7Jc-Zb_frsGkqjMMh88&e=>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://urldefense.proofpoint.com/v2/url?u=https-3A__nam02.safelinks.protection.outlook.com_-3Furl-3Dhttps-253A-252F-252Fwww.educause.edu-252Fcommunity-26data-3D02-257C01-257Cbrianne.cap-2540DEVRY.EDU-257C944d9572bf044abd9b1c08d819d63bb1-257Cf979c99c51ab4ff686e035fd2874788f-257C0-257C0-257C637287755205739347-26sdata-3DY2fDid3L5eXpTvBeTT3HtniQq2sZ3U7TTfH5-252BabxPvU-253D-26reserved-3D0&d=DwMGaQ&c=aKVGQ2uftgEtyjWUfhfCVjzs5Cm37_HE6-sIB-MDAow&r=FieNZpaN22lxzhpzKAafkQ&m=Q6D0AESaZMrn3-ha9jf267v-U6XH_cGeJIlsUyiWNzY&s=u1B8de8DX6qM7a63myOFBl4n7Jc-Zb_frsGkqjMMh88&e=>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://urldefense.proofpoint.com/v2/url?u=https-3A__nam02.safelinks.protection.outlook.com_-3Furl-3Dhttps-253A-252F-252Fwww.educause.edu-252Fcommunity-26data-3D02-257C01-257Cbrianne.cap-2540DEVRY.EDU-257C944d9572bf044abd9b1c08d819d63bb1-257Cf979c99c51ab4ff686e035fd2874788f-257C0-257C0-257C637287755205749344-26sdata-3DgERLlgRHl6nl-252BFo9h22jcypm1x36d2Bzqkk81SGATqA-253D-26reserved-3D0&d=DwMGaQ&c=aKVGQ2uftgEtyjWUfhfCVjzs5Cm37_HE6-sIB-MDAow&r=FieNZpaN22lxzhpzKAafkQ&m=Q6D0AESaZMrn3-ha9jf267v-U6XH_cGeJIlsUyiWNzY&s=gnWfilWwiX_ZX3inzz2wuV31nTaG9xlEIb8CXuLgsQ4&e=>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.educause.edu_community&d=DwMGaQ&c=aKVGQ2uftgEtyjWUfhfCVjzs5Cm37_HE6-sIB-MDAow&r=FieNZpaN22lxzhpzKAafkQ&m=Q6D0AESaZMrn3-ha9jf267v-U6XH_cGeJIlsUyiWNzY&s=X3sGFyFnhiWC3YIJgSKqQ_iLCMQob_bC4EjFjiveGLY&e=>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community