Re: [EXTERNAL] [SECURITY] Phish Hunter

[James Valente <jvalente () SALEMSTATE EDU>]

Oh, and to note as Harvard mentioned, there is cost (even when using the
grant funding) that'd be there if you're not already licensed for certain
parts of A3/A5.  ETC does help with setting up trial licensing but you'd
lose any of that after the engagement is over unless you opted to continue
that licensing.

 

So basically there's two cost factors here:

 

-The licensing for various security tools in the O365 A3 / A5 platform

-The service provided by ETC as PhishHunter.

 

The former has some trial licensing and the latter is funded by Microsoft
with a grant of a certain dollar value.

 


Sorry for the double message. 

 

 

Thanks,
James Valente
Associate Director of Information Security
Salem State University
978.542.2739

GPG Fingerprint: B086 58B5 DE53 328A 210D 5F3D BF20 1E0A 813A EDD1 

 

From: The EDUCAUSE Security Community Group Listserv
<SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of James Valente
Sent: Wednesday, 12 June, 2019 12:07
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] [EXTERNAL] [SECURITY] Phish Hunter

 

Hi Jodi,

 

What happens here is that Microsoft will apply grant funding for a PoC of
PhishHunter's services for a set period of time.  During that engagement
they assist with configuring alerts, documenting items, and really setting
up your O365 environment so that'd it be optimized for using PhishHunter's
services after the PoC is over.  

 

If someone chooses not to purchases services after the fact, then they at
least have the documentation and configuration changes made during the
engagement, but they won't have PhishHunter's managed services (ongoing
configurations of rules, ETC's staff triaging alerts and escalating as
appropriate, etc). If they do choose to do so, they already have the alerts
and everything good to go.

 

We looked into doing this a few months ago but due to timing issues the
Grant funding was not available.  In my opinion it's a good resource to get
your O365 tenant to a good baseline configuration even if you're not
interested in purchasing the service. 

 

Thanks,
James Valente
Associate Director of Information Security
Salem State University
978.542.2739

GPG Fingerprint: B086 58B5 DE53 328A 210D 5F3D BF20 1E0A 813A EDD1 

 

From: The EDUCAUSE Security Community Group Listserv
<SECURITY () LISTSERV EDUCAUSE EDU <mailto:SECURITY () LISTSERV EDUCAUSE EDU> > On
Behalf Of Casanova, Jodi
Sent: Wednesday, 12 June, 2019 10:52
To: SECURITY () LISTSERV EDUCAUSE EDU <mailto:SECURITY () LISTSERV EDUCAUSE EDU> 
Subject: [EXTERNAL] [SECURITY] Phish Hunter

 

CAUTION: This email originated from outside of Salem State University. Do
not click links or open attachments unless you recognize the sender and know
the content is safe.

Good morning! I attended EduCause Security Professionals Conference in
Chicago last month.  At the session titled Stop Worrying About Compromised
Accounts: O365 Enhanced Security Tools, Phish Hunter was mentioned. There
was a member of the audience who stated there is a program where Microsoft
will have a partner work with a campus to configure Phish Hunter. I could
have sworn he said "for free", but I may have been hearing what I wanted to
hear. :)  Does anyone recall this or have additional information?

 

Thank you!

 

Jodi Casanova

Chief IT Security Officer

Director of Networking/Technical Services

Northern State University

Office    605.626.2564

Cell         605.380.2168

Attachment: smime.p7s
Description: