Ohio University

Security Features: Catmail

Catmail includes advanced security features to protect you and the university from phishing scams, malware and accidental disclosure of sensitive data.

Advanced Threat Protection

SafeLinks

When you click a link in an email message, SafeLinks uses an automated Microsoft service to verify that the link's destination is not malicious. If the link appears to be malicious, the service will display a warning and prevent the linked site from loading. If you are using Outlook, you can view the actual destination of a SafeLink by mousing over it. If this does not work, or if you are checking your mail from a non-standard email client, you can use our SafeLinks decoder (OHIO login required) to view a link's destination. 

Safe Attachments

When someone sends you an attachment, Safe Attachments will scan that message and attachment using machine learning and analysis techniques to detect malicious content. Delivery may be delayed a few minutes to allow this scanning to occur. If a malicious attachment is detected, the attachment will be removed, and a substitute text file named “Malware Alert Text.txt” will appear in its place. If you believe an attachment was removed by error, contact the IT Service Desk.

Screen shot: Malware warning text file

Data Loss Prevention

Email is not a proper method to share sensitive data with external parties. To reduce the likelihood of sensitive data disclosure via email, Ohio University has enabled Office 365 Data Loss Prevention (DLP) for Catmail. Automated DLP scans can help reduce the risk of distributing sensitive data; however, it it is still your responsibility to handle that data appropriately.

Respecting privacy - DLP scanning is automated. An Information Security analyst will only access a copy of a message if DLP flags that message as containing a large amount of sensitive data. 

What to expect: Social Security numbers

If DLP detects one or more Social Security numbers in an outgoing email, the service will block that message and notify the sender of the issue, either with a Policy Tip or through a rejection message.

In Outlook on the Web or Outlook for Windows, a Policy Tip will appear at the top of your window letting you know that your message appears to contain sensitive data and giving you the option of reporting a 'false positive.' If you press Send, the message will be rejected. 

On Outlook for Mac and mobile apps, the Policy Tip will not appear, but the message still will be rejected if you try to send it.  

To report a false positive, forward the rejection message to the IT Service Desk for assistance.

Report false positives of SSN Blocking via Web Outlook (Catmail)
Outlook on the Web
SSN blocking policy before sending email via Outlook Desktop Client
Outlook for Windows

 

SSN Blocking bounceback email
Rejection "bounce" message

What to expect - other sensitive data

  1. If DLP detects high volumes of PII being sent to a non ohio.edu address, the service will create an incident report for the Information Security Office.
  2. A security analyst will review the flagged data to determine if a data loss has occurred.
  3. If the match is a false positive, the case will be closed with no further action required.
  4. In the case of an actual data loss, normal incident response procedures will be followed, including disciplinary action if needed.