Embed Size (px)
Citation preview
Using Your Email Safely to Protect Personal/Sensitive Data
& to Prevent Security AttacksCommunication and Collaboration with Office 365 Workshop Series #4
Agenda
Email Attacks
Protect Personal / Sensitive Data in Staff Email System
Email Attacks
Spam/Junk Mail
What is SPAM?
Best Practices to Avoid Receiving Spam
Don’t publish your work or your primary email address on any web site or discussion forum.
Have a separate email address for signing up for newsletters and posting online, etc., then if the mailbox starts receiving lots of unwanted mail, it can be deleted or more aggressively filtered.
Email Attacks
Spam/Junk Mail
Virus
What is Virus?
A computer virus is a program which can replicate itself and then spread from one computer to another.
Sometimes, malware, adware and spyware are called viruses, although they cannot replicate themselves. Instead, they can exploit the security of the computer as well as computers within their network. Viruses can harm a computer’s data or performance.
Best Practices in Preventing Virus Infection
Install anti-virus software and make sure that it is up-to-date.
Enable your firewall as this will prevent unwanted PC access from the internet.
Regularly update software installed in your computer. Otherwise, malicious users may exploit these software bugs to attack your computers.
Do not open emails from unknown senders as they may have attachments that are infected with viruses.
Email Attacks
Spam/Junk Mail
Virus
Phishing/Spoofing Mail
What is Phishing Mail?
Phishing refers to the malicious attack method which imitates legitimate companies in sending emails to entice people to share their passwords, credit card number or other sensitive personal information.
Phishing emails will almost always tell you to click on a link that will take you to a website where your personal information will be requested.
Example of Phishing Mail
Example of Phishing Mail
Best Practices Protect yourself from Phishing Emails
We will NEVER ask for your password over email.
Registered financial institutions such as banks normally WILL NOT request users to confirm or update their password or any personal information by clicking on a link and visiting their web sites.
Be suspicious of emails with urgent request for personal information.
Never give out personal information upon email request.
Best Practices Protect yourself from Phishing Emails (Con’t)
Don’t open unexpected email attachments or instant messaging download links.
Enable anti-phishing features of web browser.
Inspect the web address carefully. Don’t trust links in an email. An email that appears to be from PayPal could direct you to a fraudulent website such as http://www.2paypal.com or http://www.gotyouscammed.com/paypal/login.htm
Look for https:// and a lock icon in the address bar before entering any private information on the website.
Responded to Phishing Emails?
Responded to Phishing Emails?
If you have ever responded to a phishing e-mail or submitted your NetID/NetPasswordto a phishing web site, change your NetPassword IMMEDIATELY.
Call IT Help Centre at 2766 5900 to clean your computer.
Email Attacks
Spam/Junk Mail
Virus
Phishing/Spoofing Mail
Zero day attack (e.g. Ransomware)
What is Ransomware?
Spreading via spam or phishing emails carrying malicious file attachments.
Once infected, victims' files become encrypted, which is currently unbreakable, and they receive a message saying they need to pay a ransom (e.g., bitcoin) to get their files back.
Example of Ransomware (e.g. Cerber)
Best Practices Protect yourself from Ransomware
Be extremely wary of any Microsoft Office email attachment that advises you to enable macros to view its content. Do not enable it if in doubt.
Please DO NOT open suspicious email attachment or URL link.
Delete any suspicious-looking emails you receive, especially if they contain links or attachments.
Regularly backup the files stored on your computer, and keep an offline copy of the backup.
Always keep your security software up to date.
Keep your operating system and other software updated.
Responded to Ransomware?
Unfortunately Infected Ransomware?
You shall isolate the infected computer from the network and external storage immediately and do not open any file before clearing the malware.
Call ITS Help Centre at 2766 5900 to clean your computer.
Restore the backup
Email Security Enhancements Pilot Stage
Two server side rules will be implemented. Then spoofing emails claiming to be from "@polyu.edu.hk" will be classified as spoofing and moved into Outlook “Junk Mail” folder.
Email Security Enhancements (Con’t)Pilot Stage
Staff Email OWA
Staff Email OWA
Other Authentication Methods
Email Security Enhancements (Con’t)Evaluation Stage
Advanced Threat Protection (ATP)
With Advanced Threat Protection, you can protect your mailboxes against new, sophisticated attacks in real time.
By protecting against unsafe attachments and expanding protection against malicious links, it can provide better zero-day protection.
Protect Personal / Sensitive Data
Solution
Rights Management sharing application (RMS Sharing App) - Objectives
Can protect single/multiple attachment.
Can protect any type of attachment (office/non-office file types).
Sender can track how people are using a protected document in the document tracking site.
In case the message is accidentally attached an incorrect attachment, sender can “revoke” the assigned permission so that the recipient(s) cannot make access to it.
Remarks: RMS Sharing Apps only protect email attachment. Sender is recommended to put sensitive data into attachment instead of email body.
How to Send Email with Protected Attachments
How to Send Email with Protected Attachments (Con’t)
How to Send Email with Protected Attachments (Con’t)
RMS Sharing Apps (Con’t)Track and Revoke Documents
Users can track how people are using a protected document in the document tracking site. If necessary, they can also revoke access to these documents when sharing is no longer needed by clicking Revoke access against a document.
RMS Sharing Apps (Con’t)Track and Revoke Documents
Data Loss Prevention (DLP)Objectives
Reduce the possibility of data leakage (sensitive data) through email communication by Data Loss Protection (DLP).
Data Loss Prevention (DLP) (Con’t)Features and Benefits
To detect whether the message content and/or the attachment (not encrypted by other method) containing some sensitive data.
The detection is based on our defined pattern such as
Hong Kong ID card number
China Resident Identity Card (PRC) Number
Credit Card number
PolyU Student Number
If PolyU Student Number is found, the sender will receive MailTips alerts.
If other sensitive data is found, and the mail will be blocked and sender will receive a non-delivery report (NDR).
Sender is recommended to put sensitive data into RMS protected attachment instead of email body.
Data Loss Prevention (DLP) (Con’t)
What’s Next?
Regular IT Training Workshophttps://www.polyu.edu.hk/its
Q & AsFor particular issue, please contact IT HelpCentre at x5900.
