Educause Security Discussion mailing list archives

Re: EXTERNAL: Re: [SECURITY] Employees forwarding their email offsite

From: "Spiars, Vince" <0000019c7c272559-dmarc-request () LISTSERV EDUCAUSE EDU>
Date: Tue, 26 May 2020 18:16:04 +0000

We shut down auto-forwarding via Exchange policy. This also, shutdown the ability for Outlook for Windows to forward 
and forwarding via OWA.  However, it did NOT shutdown the Outlook for Mac nor AppleMail from allowing in-app forwarding 
out of the university to a third-party.  A Transport rule had to be created looking for information in the headers to 
stop this from occurring.  If interested I can put you in touch with our primary Exchange admin with whom I worked to 
get the solved.

Best,
Vince
Deputy CISO
Quinnipiac University
Hamden, CT

________________________________________
From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Pete, Andrew 
<000000d06e28c017-dmarc-request () LISTSERV EDUCAUSE EDU>
Sent: Tuesday, May 26, 2020 12:25 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: EXTERNAL:     Re: [SECURITY] Employees forwarding their email offsite

[EXTERNAL]
Hi Jonathan,

We have don’t have much in written policy at the moment.  Some high level stuff that prohibits sending financial 
account/CC numbers and user passwords in email at all.  Sensitive information has to be encrypted if emailing an 
external recipient.  Last, we have a basic statement prohibiting use of non-university provided email for university 
business purposes.  The last statement gives us the breadth we need to keep email information in house.

We are an Office 365 shop and our infrastructure manager did block auto-forwarding administratively.  This was a few 
months back so I don’t remember the specific details.  If you are interested in more detail I can get you some.

Andy

Andrew Pete
Information Security Architect

New England Institute of Technology
One New England Tech Boulevard
East Greenwich, RI 02818-1205
401-780-4460 (Direct)
apete () neit edu<mailto:apete () neit edu>

[NEIT_Full_Stack_H_White_BG_PNG1]



From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Kimmitt, Jonathan
Sent: Tuesday, May 26, 2020 12:12 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Employees forwarding their email offsite


This message originated outside of New England Institute of Technology. Use caution when opening attachments, clicking 
links or responding to requests for information.
Hi all,

  After an issue has come up, we are looking at a way to prevent employee’s (but not students) from auto-forwarding 
their university email to personal email accounts.

I was curious to what other Universities were doing.

1.       Are you blocking auto forwarding?
2.       Do you have a university policy on what can and can’t be sent?
3.       Is anybody doing this in an office365?

Thank for anything you can share!

-Jonathan

~
Jonathan Kimmitt
CISSP, PCIP, CEH, CIPM, CDPSE
GPEN, CIPT, CIPP/E, GSNA
Chief Information Security Officer
Information Technology
The University of Tulsa
918.631.2743


**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=02%7C01%7Cvince.spiars%40QUINNIPIAC.EDU%7C7d6497e2d3474050c64c08d801917b66%7C0940985869fb4de9987990db22b52eaf%7C0%7C0%7C637261071640523961&sdata=nI4VfVm1qnFU5kEdX6gLZ%2BP%2FRI9ujzaU%2F9WIAi%2B%2BhvA%3D&reserved=0>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=02%7C01%7Cvince.spiars%40QUINNIPIAC.EDU%7C7d6497e2d3474050c64c08d801917b66%7C0940985869fb4de9987990db22b52eaf%7C0%7C0%7C637261071640533951&sdata=qG2pLLdqNveWkdq0zVCPDPlN%2BzM1890YO7fdyGn08mg%3D&reserved=0>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Current thread:

Employees forwarding their email offsite Kimmitt, Jonathan (May 26)
- Re: Employees forwarding their email offsite Pesino, Sherry (May 26)
- Re: Employees forwarding their email offsite Pete, Andrew (May 26)
  - Re: EXTERNAL: Re: [SECURITY] Employees forwarding their email offsite Spiars, Vince (May 26)
- Re: Employees forwarding their email offsite Karen Brown (May 26)
  - Re: [<External>]Re: [SECURITY] Employees forwarding their email offsite Kimmitt, Jonathan (May 27)
- Re: Employees forwarding their email offsite Paul Chauvet (May 29)
  - Re: Employees forwarding their email offsite Larry K. Emmons (May 29)