Advanced Email Security

Adventist Health System will be implementing email enhancements that will provide you with advanced security. This feature protects you from receiving malicious email and phishing attempts common in electronic communication today.

The first phase of this feature will enhance the security for incoming email received from non-AHS senders. Future phases will provide the ability to manage quarantined emails.

Benefits
Phase 1 allows you to better manage and prioritize incoming emails.  This phase will also provide you with a safe route to access external websites.

How This Impacts You

Advanced email security may alter incoming email as follows:

  1. A graymail category will be indicated in the subject line of suspected graymail.
  2. External websites included in the body of the emails will be altered or rewritten to provide a safe route to the website.

Subject Line Graymail Category Identification 

The graymail engine uses advanced techniques to identify inbound emails as graymail and classify them into one of three categories. The three graymail categories are:

Marketing – Examples of this type of graymail include advertising messages sent by marketing groups, for example, bulletins from Amazon.com with details about their newly launched products.

Social – Examples of this type of graymail include messages or notifications from social networks and public forums.

Bulk – Examples of this type of graymail are mass-emailed newsletters and general broadcast notifications.

To identify suspected graymail, the subject line will be amended to include the graymail category along with the original subject line text. The categories identify the type of email to allow visible identification of possible spam but should not be considered unsafe. The image below is a sample of suspected Marketing graymail.

graymail_sample_message

Safe Link Rewrites

Incoming email from external sources that include links to websites will be rewritten to provide you with safe access to the destination website. The rewritten link will include http://secure-web.cisco.com  in the web address along with all other necessary information to route you safely to the destination website.

When the safe link is selected, if the destination website contains malicious content, a block screen will be displayed restricting access to the website. Follow the directions included in the message if you need access to the website. The image below is a sample of the message encountered due to the detection of malware.

2016-08-15_10-21-45

When the safe link is selected, if the destination website contains unknown content, a screen similar to the image below will be displayed.  This is informing you that the web site is being examined for malicious content.

2016-08-30_10-21-24

If the web site contains suspicious content, you will be given the option to: a) leave the site and report it as malicious or b) access the site and report it as a trusted site.  It is advisable for you to select the RED “I don’t trust this site” button.

2016-08-30_10-22-03

Check back for more information on future phases of the feature.