In our continuous efforts to improve our information security readiness, the College uses two features in Mimecast to protect against phishing and data loss: URL Protect and Data Loss Prevention.
With URL Protect, emails that you receive from outside the emerson.edu domain containing hyperlinks Mimecast will first scan to ensure they don’t lead to an untrusted site. You will notice when you click a link in the body of an email, it will first go to a protect-us.mimecast.com URL before redirecting to the real destination. Think of it as a virus scan for URLs. You may experience some lag (around 5 seconds) as it does this scan. Again, this will ONLY happen when you click on a hyperlink contained in an email. If you personally trust the URL and copy and paste it into your web browser, you will bypass this process.
The College previously dealt with email scams that contained links leading to malicious duplicates of eCommon. If another message like that reaches our users, this feature will allow us to redirect those malicious links to someplace safe. This is a major defense opportunity for the College.
Data Loss Prevention
Data Loss Prevention allows us to build policies that block or encrypt emails originating from an Emerson address which contain credit card, social security number, and other private information strings.
In the event that your email contains a credit card or multiple SSN strings, you will receive a bounce back.
Our DLP policy does allow a single SSN string, but Mimecast will auto-encrypt the message and the recipient will receive instructions for how to open the message. Visit Sending Encrypted Email for more information.
False positives can occur—should you run into a false positive, where Mimecast blocks an email that you need to go outside of Emerson, we can allow it and make the appropriate modifications going forward.
Simply submit a ticket at it.emerson.edu/help.