Changes to spam and malware filtering for UAA email accounts

UAA is changing the way it provides email spam filtering and malware protection to UAA email users. Spam is defined as any unwanted emails from any source; malware refers to (unwanted) emails that may contain hidden code designed to cause any number of problems for your computer and private information contained therein. Malware may also take over your computer and use it to launch further infections to other computers, servers, email accounts, etc. The changes will likely go live the week of May 26.

The current spam and malware filtering is accomplished using special-purpose computer hardware and software called IronPort, housed in the UAA data center. This approach is still in the realm of best practice, somewhat effective (though some spam still sneaks through) and requires users to manage their spam filter settings by logging in to a separate spam management portal. The licenses for the software and hardware device are both about to expire, and renewal would require a financial commitment exceeding $500,000 over the next three years.

One of Information Technology Service's core values over the past year has been to ask the question "What do we already own?" before making any purchase of software, hardware or services. In this case, the answer is Exchange Online Protection.

Exchange Online Protection (EOP) is included as part of the Enterprise Client Access License that UAA, UAF and UAS purchase annually to provide access to the familiar Microsoft Office suite of applications for faculty, staff and students. It is a spam and malware filter provided in the cloud and managed conveniently from within your Outlook or other Exchange-compliant email "Junk" folder.

Benefits:

• UAA already owns it. Using it will allow the university to save more than $500,000 over the next three years.
• Familiar interface for most users. Some users who do not check email through Outlook will need additional assistance from ITS to set up and use the filter.
• Comparably effective.

Challenges:

• User-customized filtering set up on the old IronPort by users must be re-created in EOP.
• Standard settings at implementation may allow more spam than usual until administrative settings are dialed in by ITS.
• It is not what we are used to.

Testing has revealed the above benefits and challenges with a high degree of certainty. Some unanticipated challenges and benefits may arise. ITS is poised to respond promptly and keep the user community informed. We thank you for your support.

One final note: Despite reasonable measures, we all see emails from time to time asking us to provide our university usernames, passwords or other personal information to seemingly legitimate groups. In 100 percent of cases, these email requests are so-called phishing exploits, where hackers attempt to obtain personal information for illegal purposes. Giving up your personal information may compromise your credit or banking relationships and can cause major inconveniences for you. Giving up your university username and password can result in significant (although in most cases temporary) harm to UAA's mail system. Please exercise prudence when considering whether an email is a legitimate request for information. Resources to help you spot phishing attempts can be found here.

While the new system is very intuitive and simply part of the existing Outlook "Junk" folder (right-click while hovering over the "Junk" folder icon to view and customize options), additional instructions for using the new system are available on the ITS support website.

For further questions, please email the ITS Call Center at callcenter@uaa.alaska.edu.

May Archive