TEESSIDE EMAIL & CYBER SAFETY
Many of you will have already attended the Universities Information Security training programme (if you are new to the organisation and have yet to book on click here) and hopefully found it useful. The training highlights the pitfalls of being online and how to avoid being the victim of criminals and scammers. The whole thrust of that training is to equip people with the skills to recognise when something is wrong and when to proceed with caution. That personal vigilance is in many ways the last line of defence. However, this is a world of defence and counter-attack. To that end the University will be implementing some enhanced security features in the coming weeks and months.
The first of these is something called email advanced threat protection and it offers two levels of protection Safelinks and Safe Attachments.
This feature checks all external links (URLs) in an email for references to malicious or other dubious websites. You might notice links that look like the one below.
Even safe links will display in this new format, if on clicking the link is classified as safe you will be taken to the target website. However, if the link is suspicious you will be greeted with this instead.
This feature looks at attachments received (externally) in a similar way. E-mail attachments are inspected by an automated process in a virtual environment to see if the recipient opening it would trigger malicious activity like downloading code to your PC, or interfering with the workings of your PC. If it looks malicious the attachment will be stripped out of the email.
As a result of this feature some external attachments might be slightly delayed while inspection and testing is performed.
As with any kind of service like this there will be occasional false positives, and false negatives so common sense should still be applied when opening messages especially if you are unsure of the content and sender.
The second layer of protection is automated anti-phishing protection.
Phishing is where nefarious third parties attempt to trick people into revealing logon details. These invariably happen via the medium of a fake email purporting to come from a trusted organisation (your bank or the University IT Service!) with a link in it to reset your id and password. Hopefully the Safelinks feature already described will catch these but just in case the delivery route is different the University is implementing a tool that will prevent web access to known malware sites. An example of what that looks like is shown below.
Finally, the third layer of protection is Multi-Factor Authentication (MFA).
A nefarious third party who has managed to get their hands on your userid/password can in theory use those details to access University resources. A small subset of resources is available externally i.e. without having to be onsite and will shortly be protected by MFA as part of a rolling program including CRM, Outlook Web access, Unity, Terminal services.
So what is it? Basically to gain access to a protected University resource externally you will need your userid, password and a third factor which is a physical item. In our case, and for greatest accessibility, that third factor will be a mobile phone. Thus a thief who has your id and password is unlikely to also have access to your mobile phone and therefore will not be able to gain access to protected resources. Clearly, this protection comes at the price of inconvenience but the costs of a data breach (under the coming changes to the data protection act) and the damage to reputation are extremely severe. Training and guidance will be provided in advance of any changes so as to cause minimum disruption as will be making the MFA experience as slick as possible.