Margolis Edelstein Tech Blog
Thursday, October 19, 2017
Email Security
In addition to the other IT upgrades in progress, we have been focusing on email security. We have made a few changes in the last few days, and are planning a few more to come.
Quarantine Mail
Some of you may have notice an email in your inbox this morning from quarantine@messaging.microsoft.com. The email contains a list of emails that were blocked from your inbox, and gives you the opportunity to download any emails you wish to receive.
Until very recently, we did not block any email that was addressed to you. This email is a result of recent changes. We implemented this feature to reduce the amount of spam and other unwanted email that arrives in your inbox each day. The quarantine email is a daily summary of the email that we are blocking. You only receive one email each day rather than receiving perhaps dozens of spam emails over the course of the day.
This will not block all spam, but hopefully reduces the amount that you receive. Note that some mail is delivered to your mailbox and is diverted to your junk mail folder. You may want to check that folder from time to time as well.
Encrypted Mail
Another feature recently added is the ability to send secure encrypted messages. All internal mail is already encrypted. But when you send to an outside party, email must necessarily be unencrypted in order for the recipient to be able to access it.
The firm now offers an option to send emails and attachments in a more secure way. If you type "securemail" or "#securemail" into the subject or text of an email, the recipient will receive a notices that says:
"You've received an encrypted message from [sender] To view your message Save and open the attachment (message.html), and follow the instructions. Sign in using the following email address [recipent's address]."
The email contains an attachment called "message.html" which the recipient must download and open. It contains a message:
"Encrypted message
From [sender]
To [recipient]
To view the message, sign in with a Microsoft account, your work or school account, or use a one-time passcode."
If the recipient is already a Microsoft user, he/she can log in and access the text of your email and any attachments. If not, the recipient can request a temporary pass code which is sent as a second email from Microsoft. The recipient can use that code to access the content of your email.
If this sounds like a number of extra steps for the recipient, it is. You may also get calls from recipients saying that this email looks suspicious to them. Many hackers send similar emails to get users to download suspicious html files and open them on their computers.
Despite these concerns, you should use the secure mail option for any emails that contain private information. This can include personally identifiable information (PII) such as birth dates or Social Security Numbers. It would also include any medical records protected under HIPAA.
Box Links
If you want to get confidential information to someone outside the office, and do not want to go through the securemail option, there is another option available to you, at least for the offices that have already converted to Box. Instead of attaching a file containing private information to an email, you can upload the document to Box. Then, send an email to the recipient with a link to the document on Box. The recipient can click on that link and download the information over an encrypted connection.
Multi-factor Authentication
Another feature that is coming soon is multi-factor authentication (MFA) also sometimes called Two-factor authentication (2FA). We are implementing this because of the ever increasing number of hacker attacks on our email accounts. With this implemented, a hacker cannot access your email, even if he/she knows your password. Once you enter your email and password, you will be asked to enter a separate code, that is texted to your smart phone.
Once you have authenticated your computer or other device, you will not need to go through the process again, at least for a period of time, after which we may reauthenticate your device.
Again, it is an extra step, but one that is needed to provide the firm with better security. We have not implemented MFA yet. We are still working out a few details. I wanted to let everyone know that it is coming soon.
Handling Suspicous Mail
In our ongoing efforts to protect our network and our client data, we have created a special email where you can send any suspicious emails that you receive. If you get anything that looks suspicious, please forward it to spam@margolisedelstein.com. Do not open any attachments or reply to the sender. Just forward the email for our evaluation and testing. It is important that you do not attempt to act on the message yourself. Hacking attempts via email are becoming more sophisticated every day. If you have the slightest doubt, suspicion, question or hunch about an email, please forward it to the spam@margolisedelstein.com address for evaluation.
Tuesday, October 3, 2017
Junk Mail
The move to Microsoft Exchange for Email means that we are now using Microsoft's anti-spam filter instead of Google's filter. You may find that spam sorting is different from the one to which you grew accustomed.
Junk Mail Folder
First, Google had a folder called "spam." Outlook calls the folder "junk mail." In each case, our provider attempts to discern what mail is unwanted and what mail you want to see. At the post office level, we have the ability to set how aggressive we want Microsoft to be in filtering out spam. We have the setting default to "low" meaning you are likely to see some spam in your inbox, but less likely to get a valid email incorrectly sent to your junk mail folder. Even so, you may want to check your junk email folder from time to time to make sure you do not miss anything important.
Just like Google did with its spam folder, Microsoft holds junk mail in that folder for 30 days, then deletes it. So you do not need to worry about manually deleting the messages there. You should, however, check it regularly to make sure something important does not disappear.
Junk in Inbox
Inevitably, some mail that arrives in your inbox is going to be junk. When you get such a message, rather than simply deleting it, mark it as "junk". This helps Microsoft determine what is junk and what is not. You have the option in Outlook to block a sender or an entire domain. You can also opt never to block a certain sender, assuring such messages will always arrive in your inbox.
Focused Mail
Beyond messages sent to junk mail, Outlook attempts to discern between important and unimportant mail that goes to your inbox. It calls important mail "focused" and less important mail "other". You should see a tab for each category at the top of your inbox. "Other" mail does not quite meet the classifications for "junk" status, but that Microsoft's AI considers less important or uninteresting for you.
Depending on how you are viewing your mail (via Outlook, Outlook Online, or the Outlook App on your phone or tablet), you may find these two groups mixed together. On each of your devices you have the ability to turn on or off focused view. If off, everything simply shows up in your inbox. If on, less important mail fails in the "other" tab and you are not given an alert when it arrives. You can make different choices on different devices.
Junk Mail Folder
First, Google had a folder called "spam." Outlook calls the folder "junk mail." In each case, our provider attempts to discern what mail is unwanted and what mail you want to see. At the post office level, we have the ability to set how aggressive we want Microsoft to be in filtering out spam. We have the setting default to "low" meaning you are likely to see some spam in your inbox, but less likely to get a valid email incorrectly sent to your junk mail folder. Even so, you may want to check your junk email folder from time to time to make sure you do not miss anything important.
Just like Google did with its spam folder, Microsoft holds junk mail in that folder for 30 days, then deletes it. So you do not need to worry about manually deleting the messages there. You should, however, check it regularly to make sure something important does not disappear.
Junk in Inbox
Inevitably, some mail that arrives in your inbox is going to be junk. When you get such a message, rather than simply deleting it, mark it as "junk". This helps Microsoft determine what is junk and what is not. You have the option in Outlook to block a sender or an entire domain. You can also opt never to block a certain sender, assuring such messages will always arrive in your inbox.
Focused Mail
Beyond messages sent to junk mail, Outlook attempts to discern between important and unimportant mail that goes to your inbox. It calls important mail "focused" and less important mail "other". You should see a tab for each category at the top of your inbox. "Other" mail does not quite meet the classifications for "junk" status, but that Microsoft's AI considers less important or uninteresting for you.
Depending on how you are viewing your mail (via Outlook, Outlook Online, or the Outlook App on your phone or tablet), you may find these two groups mixed together. On each of your devices you have the ability to turn on or off focused view. If off, everything simply shows up in your inbox. If on, less important mail fails in the "other" tab and you are not given an alert when it arrives. You can make different choices on different devices.
Subscribe to:
Posts (Atom)