Educause Security Discussion mailing list archives
Re: [EXTERNAL] Re: [SECURITY] Flagging external emails and exceptions
From: "Smith, Jason" <Jason_Smith () BSMCON EDU>
Date: Thu, 1 Oct 2020 15:48:46 +0000
In O365, we add [EXTERNAL] to the subject and prepend a two sentence warning to the body of the message. We do not maintain an exception list and with the ever-increasing ability of attackers to spoof emails - I'm not sure how confident I would even be that an external email truly originated from the authentic, external sender. We've had no complaints from students. Jason E. Smith, MS PMP CPHIMS CSM Director of IT, Bon Secours Memorial College 8550 Magellan Parkway #1100, Richmond, VA 23227 [cid:image004.png@01D697E8.CFF7D1E0] From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Childs, Aaron Sent: Thursday, October 1, 2020 9:50 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [EXTERNAL] Re: [SECURITY] Flagging external emails and exceptions [Warning: This email originated outside our organization's email system. Be wary of links and attachments unless you recognize the sender. Never share your username or password.] Good Morning Beth, We prepend a banner at the top of the body of external emails. You can see what we add below. It was received with mix reviews, but has been effective for us. Have a good day, Aaron [cid:image002.jpg@01D697E8.D06E6170] Aaron Childs Director [cid:image007.jpg@01D697E8.CFF7D1E0] Infrastructure Services Information Technology Services Wilson Hall - 577 Western Ave. Westfield MA 01086 P 413.572.5527 F 413.572.5615 aaron () westfield ma edu<mailto:aaron () westfield ma edu> From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> On Behalf Of Beth Albertson Sent: Wednesday, September 30, 2020 8:01 PM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] Flagging external emails and exceptions Caution External Email: This email originated outside of WSU. Do not click links, open attachments, or respond if it appears to be suspicious. Colleagues, We are thinking of flagging emails coming in external from our O365 tenant with either a red header at the top of each email or adding something like <EXTERNAL> to the subject line. I wanted to ask other schools that are doing this whether they are adding exceptions for external organizations that are trusted. For example, we use Jira, and I thought we could add this to an exception list. Some have argued that maintaining such a list could be cumbersome and could potentially confuse users because some external emails would be flagged and others would not. Does anyone have experience or thoughts on this matter? Sincerely, Beth Albertson, CISSP(r), PMP(r) Director of Information Security Western Washington University beth.albertson () wwu edu<mailto:beth.albertson () wwu edu> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Re: Flagging external emails and exceptions Childs, Aaron (Oct 01)
- Re: Flagging external emails and exceptions Jamie Schademan (Oct 01)
- Re: [EXTERNAL] Re: [SECURITY] Flagging external emails and exceptions Smith, Jason (Oct 01)