Educause Security Discussion mailing list archives

Re: Oxford and Google Apps

From: Drew Perry <aperry () MURRAYSTATE EDU>
Date: Tue, 19 Feb 2013 06:26:24 -0600

Interesting. I understand they feel it necessary in light of recent
attacks. However, they are only able to block access from within their own
campus resources. Off-campus users can still access Google Docs, and
potentially respond to phishing attempts. To me, it seems like a knee-jerk
reaction whose legitimate effects may be less than fully positive. And may
in fact be worse, since limiting access from on-campus could provide a
false sense of security to IT staff.
Instead of a half successful technical response, effort should be placed on
Information Security Awareness. Teach your users to identify phishing
attempts themselves and not respond. Now, I fully understand how daunting a
task that is, but it's the only way to truly protect your user base.
Technical protections have their place, definitely. But user education is
the best defense against phishing attacks.

Sent from my phone.

Drew Perry
Security Analyst
Murray State University
(270) 809-4414
aperry () murraystate edu
On Feb 19, 2013 6:11 AM, "Tracy Mitrano" <tbm3 () cornell edu> wrote:

 Thoughts on this matter among the experts?
http://blogs.oucs.ox.ac.uk/oxcert/2013/02/18/google-blocks/

Current thread:

Oxford and Google Apps Tracy Mitrano (Feb 19)
- Re: Oxford and Google Apps Drew Perry (Feb 19)
  - Re: Oxford and Google Apps Richard Biever (Feb 19)
- Re: Oxford and Google Apps Ken Connelly (Feb 19)
- Re: Oxford and Google Apps Bradner, Scott (Feb 19)
- Re: Oxford and Google Apps Roger A Safian (Feb 19)
- Re: Oxford and Google Apps Hall, Rand (Feb 19)
- Re: Oxford and Google Apps Lorenz, Eva (Feb 19)
  - Re: Oxford and Google Apps Bob Bayn (Feb 19)
    - Re: Oxford and Google Apps Bob Bayn (Feb 19)
    - Re: Oxford and Google Apps Santabarbara, Angelo (Feb 19)
    - Re: Oxford and Google Apps Bob Bayn (Feb 19)

(Thread continues...)