The University of Scranton (white text)

Information Security

The Information Security Office serves as the University’s resource for guidance on information security compliance. The office oversees information security policies, procedures and standards that ensure the confidentiality, integrity, and availability of University data and information.

In addition to coordinating University response to security incidents and security policy violations, they take a proactive stance by promoting a safe computing environment through security awareness events and training, such as the annual SANS security awareness program, Data Privacy Day and National Cyber Security Awareness Month.

Contact the Information Security Office

To report a security incident, you can reach the Information Security Office at 570-941-4226 or email infosec@scranton.edu.

Cylance Endpoint Protection

All antivirus products on University-owned computers are being replaced with Cylance Endpoint Protection to enhance our ability to predict and protect our University from cyberattacks.

  • On Windows computers, we remotely disabled Microsoft Defender and installed Cylance. This will occur silently (without prompts) and no user interaction is required. When the installation completes, you will notice a small green Cylance icon in the system tray.
  • The installation of Cylance on Macintosh computers will require user interaction. When Cylance is pushed to Macs remotely, it will uninstall ESET and users running macOS 10.13 or higher will receive prompts to finalize the installation. Please follow these instructions for additional information (authentication required).
  • These changes were gradually implemented on Staff machines on January 14, 2021 and Faculty machines on May 25, 2021.
Cylance is an AI-driven Endpoint Detection and Response (EDR) platform that strengthens, automates, and streamlines overall endpoint security. Cylance’s EDR capabilities allow our Information Security team to secure assets from modern cyber and malware attacks. It detects and mitigates highly advanced security threats as they emerge in real-time. Cylance’s cloud-based console offers additional security controls on the most vulnerable endpoints. In addition, the CylanceOPTICS feature will provide us monitoring of widespread security incidents, increased search parameter flexibility, alignment with the MITRE ATT&CK Framework.

Cybersecurity Awareness

October is Cybersecurity Awareness Month, a national program to help create awareness of the many ongoing threats we face whenever we are online. The Division of Information Technology is bringing this initiative to our campus, as online security is an essential shared responsibility that concerns us all.

 

Microsoft Advanced Threat Protection

Microsoft’s Advanced Threat Protection provides additional protection from email-based malware attacks by evaluating links and attachments in emails and blocking them if deemed malicious. ATP uses the following strategies to protect your email:

  • Safe Links: evaluates and confirms the validity of links in emails.
  • Safe Attachments: scans and protects against harmful email attachments.
  • Messages that are deemed unsafe by ATP standards will be redirected to your Junk folder.

Safe Links

Safe Links evaluates every link in an email in real time to determine whether the link is safe. All links evaluated by Safe Links will be replaced by a longer URL that that begins with https://na01.safelinks.protection.outlook.com/? If you click on a malicious link in an email, a warning will be displayed instead of the actual website.

Safe Attachments

In addition to the virus scanning, Safe Attachments analyzes every attachment to detect malicious content. If malicious content is found, it will result in:

  • Attachment Removal: you will still be able to read the email, but the attachment will have been removed (see sample below).
  • Quarantine: The email message will be removed and placed in quarantine for 30 days. 

FAQ

If I mouse-over a link from a trusted source, why does it look like a weird address?

Hovering your mouse over hidden links is always a good practice and can continue to serve you well even with ATP enabled. The Safe Links address indicates that it has been scanned for malicious content. Safe Links can be forwarded, as recipients will be able to access the content.

Can I opt out?

No - it is paramount that all University Office 365 emails are scanned and protected.

I received an email with an attachment, but it just says, “ATP Scan in Progress – Outlook Item” instead of the file I was expecting. Why?

As each message comes into Office 365, it is scanned for dangerous attachments. The message body can be read while that scan is in progress, but the attachments cannot because they aren't yet thought to be safe. While the attachment scan is ongoing–typically less than two minutes–you'll see a placeholder in the attachments area. Close then re-open the message to see if the scan is complete and the attachment is available. Note that even if you read the body of the email before the scan completed, following the scan, the message status will reset to unread.

I clicked on a link in my email, and it told me, “This website has been classified as malicious.” Why?

If a link in your message points to a location that has been verified to be malicious in some way, Safe Links will stop you from accessing that location when you click on the link. If you think a site has been blocked by mistake, please report it to infosec@scranton.edu by forwarding the message as an attachment.

How does this impact my file storage?

ATP also provides protection against opening or downloading of files from SharePoint and OneDrive. When accessing a file from these locations, it will be scanned and if found to be malicious it will be blocked from opening or downloading. Although the blocked file is still listed in the document library and web, mobile, or desktop applications, the blocked file cannot be opened, copied, moved, or shared. People can, however, delete a blocked file. 

SANS Security Program

The SANS Security Awareness Training is comprised of a set of short videos that helps build awareness of the online threats we face. IT Services has registered all full-time personnel at the University into the SANS program. All staff and faculty are encouraged to take the SANS Computer Security video training, even if you have taken it before. 

Need account help? Your username is your firstname.lastname@scranton.edu. If you don't know your password, you can reset it by clicking the Forgot your Password link on the SANS Training Center website.

Forward Email as an Attachment

  1. Select the email you want to forward, then go to the Home tab. 
  2. In the Respond group, select More Respond Actions.
  3. Select Forward as Attachment.
  4. In the To text box, enter the email address of the recipient.
  5. Select Send.

Additional Resources

Websites:

Videos:

© 2024 University of Scranton

Scroll to Top