The University utilises Mimecast's Secure Email Gateway to protect both staff and student email. Mimecast is a cloud-based gateway that filters all incoming and outgoing email.
Email is a great way to communicate, but it can also be used by hackers to steal data or even money from our business. Any email, even ones that look real can be fake or dangerous. Links in email can send you to websites that steal your login information. Viruses that lock you out of your computer and files can be easily hidden in familiar looking attachments like Microsoft Word, Excel, and PDFs. Even emails with no links or attachments can be dangerous, with hackers posing as someone you know to try and trick you into giving up sensitive information.
The security implemented gives users more control over reporting spam, controlling who can send them (with blocking and permitted senders options), and attachment control.
Email. It's the number-one business application used by the University. It's also the number-one method used to carry out cyber-attacks, enabling malware delivery, phishing, impersonations, and the spread of threats that affect business productivity and the University's reputation.
The Mimecast Secure Email Gateway provides cloud based anti-virus and anti-spam protection, along with real time response to security threats.
Mimecast will give you control to deal with spam, blocking and permitting senders and protect you from malicious files.
The key features Mimecast uses to protect your email are:
NOTE: The University does not utilise Internal Email Protect at this stage.
It used to be that secure email gateways with anti-spam and anti-virus security services were enough to keep an institution safe from email-borne attacks. Today, the risk factor are much higher. While still important, as approximately 60% of inbound email is spam or contains commodity malware, stopping only this traffic will leave your organization exposed to more sophisticated and targeted attacks.* Organisations around the globe continue to be impacted by phishing attacks every day.
The Mimecast Secure Email Gateway takes a different approach to email security and protects organisations from both spam and commodity attacks as well as more targeted and sophisticated ones.
The use of malicious URLs in email-borne spear-phishing attacks is now standard-operating-procedure for cybercriminals. When combined with smart, well-researched social engineering content, getting recipients to click on links is easy for attackers and can lead directly to credential stealing, malware drops, or the loss of other sensitive data.
Malicious websites come and go very quickly, and thus it is critical to check them at the time of click, every click. This is exactly what Mimecast Targeted Threat Protection - URL Protect does.
To learn more about URL Protect please continue to the Email Security: URL Protect page.
Malware (malicious software) remains a significant threat. Sophisticated attackers, or their malware development partners, are constantly innovating to take advantage of both known and unknown vulnerabilities that exist in targeted organisations. Anti-virus systems alone cannot keep up with this innovation as there are multiple techniques that malware writers use to bypass their detection.
The best anti-malware strategy implements an adaptable approach and applies multiple analytic techniques to each file to filter out malicious email attachments.
This is exactly the approach that Mimecast Targeted Threat Protection - Attachment Protect uses to protect organisations from email-borne malware.
To learn more about URL Protect please continue to the Attachment Protection page.
Most attacks are focused on extracting money from their targets. Increasingly cybercriminals have moved their monetisation efforts to email-borne attacks which impersonate you, your institution, your course staff, your IT Help Desk, your trusted third-party vendors as well as social networking sites. They do this to build trust, lower the guard of their victims and to persuade them to initiate a fraudulent wire transfer or to send over some other type of personal identifiable information (PII). Mimecast Targeted Threat Protection - Impersonation Protect specifically protects against these types of senders spoofing and socially engineered attacks.
To learn more about URL Protect please continue to the Impersonation Protect page.
To protect the University's email service, it is a requirement that all UniSA emails be sent from anauthorised and authenticated server, application or system. The requirement for authorisation and authentication can be met by use of a service account.
Any server, application or system managed by the ISTS Unit already meet this requirement. If you own and manage a server, application, or system sending emails and have any questions regarding this requirement, or to request a service account, please contact the IT Help Desk. Any request for a service account should include:
Link to this page - Sending UniSA email from non-ISTS managed systems.
To protect the University's email service, it is a requirement that all emails being sent into the University be subject to all available email security controls. As such no requests to bypass security controls such as allowlisting or whitelisting will be considered.
If you own and manage a server, application, or system sending email to the University and have any questions regarding this requirement, or are looking for assistance in best practice to configure your system to send email, please contact the IT Help Desk.
Login and Access.
Step by step instructions on how to Release/Block/Permit emails and sender through on hold notification messages.
Explanation as to why UniSA Staff are required to go through URL Protection for certain URLs in emails and how to handle them.
Explanation as to how impersonation protection for Staff mailboxes works and examples.
