!

Security

Advanced Threat Protection for Your University Email

Tuesday, May 31, 2016 - 10:34

 

The implementation of Microsoft Advanced Threat Protection on June 4, 2016 will add another layer to the University’s existing security controls. Advanced Threat Protection enhances security and helps protect against advanced persistent threats with two new features: Safe Links and Safe Attachments.

Safe Links

Safe Links evaluates the links in an email message in real time to determine whether they link to safe or harmful content. All links evaluated by Safe Links will be replaced by a longer URL that that begins with https://na01.safelinks.protection.outlook.com/?’, similar to the example shown below.

Safe Links example

If the link is safe, you will be sent to the original Web address when you click on it. If the link is not safe, you will see a warning message indicating that the Web site you are trying to visit is harmful.

Safe Attachments

Safe Attachments is a feature that protects against harmful email attachments. Safe Attachments opens attachments in a virtual environment and analyzes their behavior to determine whether they are harmful. If the attachment is safe, it will be delivered to you along with the original email message. If the attachment is harmful, the email will be blocked and the message and attachment will not be delivered.

The analysis process may cause some minimal (measured in minutes) delay in delivery to you of email messages with attachments.

More information about Advanced Threat Protection is available at http://technology.pitt.edu/atp.

ATP digital sign

November Microsoft Security Bulletins

Tuesday, November 8, 2016 - 16:30
Microsoft Corporation has announced six new critical security vulnerabilities affecting Microsoft Windows, Internet Explorer, Microsoft Edge, and Adobe Flash Player. CSSD recommends that users immediately identify and install the security updates necessary to repair these vulnerabilities by using Microsoft's Windows Update feature on their computers as soon as possible.

In addition to installing the Microsoft patches, CSSD also recommends that all users install Symantec Endpoint Protection software and use the LiveUpdate feature to get the latest virus definitions. As a complement to Symantec Endpoint Protection, CSSD offers Malwarebytes Premium for individuals and departments at no cost. Students, faculty, and staff can download Malwarebytes and Symantec Endpoint Protection at no cost through the Software Download Service at My Pitt. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412 624-HELP [4357] if you have any questions regarding this announcement.

December Microsoft Security Bulletins

Tuesday, December 13, 2016 - 16:24

 

Microsoft Corporation has announced six new critical security vulnerabilities affecting Microsoft Windows, Microsoft Internet Explorer, Microsoft Edge, Microsoft Office, and Adobe Flash Player. CSSD recommends that users immediately identify and install the security updates necessary to repair these vulnerabilities by using Microsoft's Windows Update feature on their computers as soon as possible.

In addition to installing the Microsoft patches, CSSD also recommends that all users install Symantec Endpoint Protection software and use the LiveUpdate feature to get the latest virus definitions. As a complement to Symantec Endpoint Protection, CSSD offers Malwarebytes Premium for individuals and departments at no cost. Students, faculty, and staff can download Malwarebytes and Symantec Endpoint Protection at no cost through the Software Download Service at My Pitt. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412 624-HELP [4357] if you have any questions regarding this announcement.

Laptop Theft Awareness

Beware of the Laptop Bandit!

First heist:

He strikes again:

Even bandits get hungry:

Enterprise Security Controls Policy

Electronically stored academic, administrative, and research information is a critical University resource. Threats from computer hackers and malicious software and attempts to steal sensitive information jeopardize the confidentiality and integrity of this resource. The consequences to the University from a compromise of our electronic data could be widespread and damaging.

The Enterprise Security Controls solutions include a specific set of technologies to significantly reduce security vulnerabilities, including firewalls, email, and web services.

Federated Authorization: Approve an Access Request or Group Request for GL Mart (for Data Approvers)

Overview

Requests for access to the University of Pittsburgh's GL Mart can be submitted using an online form. The users can submit requests for individual access or group requests. If they do, you will receive an email message asking you to review and approve, by signing, the request.

Spam Filtering: Approve or Block Senders for non-Outlook Users

Office 365 Email makes it easy to block or allow senders right from Outlook.

If you do not use Outlook, you can use the instructions below to add email addresses to your list of approved/safe senders or blocked senders from Outlook Web Access.