Please click on one of the below topics to uncover additional information.
Safe Attachments - New!
The University of Missouri System Information Security program uses Microsoft Safe Attachments to better protect faculty, staff and students from phishing attacks and malware infections.
What is Safe Attachments?
Emails containing malicious attachments are commonly used in attacks against large institutions. Microsoft Safe Attachments is a proven and effective security tool to reduce the chances of malicious attachments infecting computers or distributing ransomware. All suspicious attachments go through a real-time behavioral malware analysis engine which uses machine-learning techniques to evaluate the content for suspicious activity.
How will this impact my university email?
This new protection will remain largely transparent to email users. Email delivery with large attachments may be slightly delayed while scanning occurs. If an unsafe email attachment is detected by the scanning engine, then it will be removed from the email and replaced by a short text file informing the user that the original attachment was found to be malicious.
Example of an attachment that has been replaced by the text file:
Safe Attachments works on email coming from both internal and external sources. This further protects our email users from internal threats such as compromised devices or compromised user accounts.
Will Safe Attachments impact other Office 365 applications?
Yes. Safe Attachments will proactively scan documents in OneDrive and SharePoint to identify malware using the same advanced scanning engine. If a document is identified as malicious, it will be blocked from opening, copying, moving or sharing. To learn more about Safe Attachments in Office 365 applications visit the Microsoft Safe Attachments overview page.
Safe Attachments is a proven and effective security tool, but it is not perfect and it's implementation doesn't guarantee that all files are safe. There is still a chance that malicious attachments could make it to a user’s inbox. Continue to use extreme caution when opening attachments, especially from an unknown source. If anything about the email looks suspicious, please report it to your local help desk or security team.
If you believe that the Safe Attachments engine has unnecessarily blocked an attachment or a file in Office 365, contact your IT support, help desk or information security team for assistance.
Safe Links - New!
The University of Missouri System Information Security program uses Microsoft Safe Links to better protect faculty staff and students from phishing attacks.
What is Safe Links?
Phishing emails often contain a hyperlink or a URL that directs the user to a malicious website. Safe Links is a feature that scans all inbound email messages and provides time-of-click verification of URLs and links to provide an extra layer of protection against phishing emails.
How are links in emails going to change?
In order to provide protection, the Safe Links security engine will rewrite any URL in the email body when it is delivered. When a URL or link is rewritten, it will be begin with "https://nam02.safelinks.protection.outlook.com."
Depending on the type of email you receive and the email client you are using, you may notice a few visual changes to the URL.
HTML formatted emails are generally what most people receive, and there is no visual change in links for HTML emails. The URL rewrite is transparent in most clients due to the HTML formatting of the hyperlink. In newer clients, hovering over the link will show the original URL. Depending on how you receive your mail and the client you use, you may see the rewritten URL.
Screenshot of email message showing the safe links behavior for HTML formatted emails:
What will Safe Links look like in plaintext emails?
Plaintext emails are emails that do not allow for any formatting. While not as common as HTML emails, if you receive plaintext emails with links, you will see a visual difference in the hyperlink as the rewritten URL will show in the body of the email.
Screenshot of an email in plaintext showing the rewritten URL in the message body:
What happens when I click on a Safe Link?
Upon clicking a link, you may notice that the browser first takes you to the outlook.com subdomain used to rewrite the URL. This is part of the Safe Link workflow. The webpage is being scanned for any malicious content. If you click a non-malicious link, you will be redirected to your intended destination after a few moments. This redirection is usually transparent and should not cause significant delays.
If a link is determined to be malicious by the Safe Links scanning engine, you will see the following screen (or a similar one) instead of the webpage:
There are other messages you might encounter after Safe Links scans a webpage, but they look similar to the screenshots above. More examples can be found on the Microsoft webpage.
Will Safe Links impact other Office 365 applications?
Safe Links security features will also apply to any URL in OneDrive, SharePoint and Teams. There will be no visual change for links in these platforms. The same protection will be applied, but the URL will not be rewritten.
How do I forward or reply to an email with a Safe Link?
Once the Safe Links policy has rewritten a URL, it will remain rewritten if you forward or replied to the message. You will not need to take any further action. If an email is received from an external user, any links will be rewritten when that email is delivered to a user’s mailbox. Additionally, any reply to that sender will contain the rewritten URL links. If the email is using the common HTML formatting this URL rewrite should be transparent to both the sender and the recipient.
If you believe a URL has been blocked unnecessarily or a malicious website was not blocked successfully, please reach out to your IT support, Help Desk or Information Security team for assistance.
If you need to determine where an original URL points to, please use our Safe Links decoder to “unwrap” the actual URL from Safe Links. This tool should not be used as a method to bypass the Safe Links feature and users should still click on Safe Links versions of links unless they believe a resource is being blocked when it shouldn’t be.
Report Message Add-in
The Report Message add-in for Outlook clients and Outlook on the web enables people to easily report false positives (good email marked as bad) or false negatives (bad email allowed) to Microsoft and the University of Missouri System security operations team for analysis.
Why should I use this add-in to report suspicious emails?
Microsoft automatically analyzes these submissions to improve the effectiveness of email protection technologies. Microsoft uses the information in these submissions to adjust security policies that impact all of their customers. The UM System security operations team uses these submissions to adjust security policies that are designed to protect our users.
Do I need to install the add-in myself?
No, the add-in will be managed by our Microsoft 365 administrators and will be automatically added to any mailbox hosted in Exchange Online. The add-in is added to a user’s mailbox, so as long as a supported client is used the add-in will be automatically added and available.
What clients are supported?
The following client applications are supported.
- Outlook on the web
- Outlook 2013 SP1 or later for Windows
- Outlook 2016 for Mac
- Outlook included with Microsoft 365 apps for Enterprise
- Outlook app for iOS and Android
Note: The Report Message add-in is not available for mailboxes that are still hosted in on-premises Exchange.
How do I use the add-in?
After the add-in has been installed and enabled it can be used in the following ways depending on the client.
Outlook desktop client
A button will be added to the ribbon called Report Message. With the message that you would like to report open, click the button and choose what type of email needs to be reported.
Outlook for the web
With the message open that you would like to report click on the 3 dots in the email header next to the reply options to open the message options menu. Select the Report Message add-in and choose the submission type.
Outlook mobile for iOS and Android
With the message open that you would like to report click on the 3 dots under the date in the email header to open the message options menu. Select the Report Message add-in and choose the submission type.
With all clients, you will receive a pop-up notification before submitting the email message. This can be disabled in the options menu within the add-in if you would like to skip this step in the future. The notification might look different depending on your client, but the wording will be the same.
What if my email contains sensitive information?
Microsoft is approved for the storage of DCL 4 data, meaning you can submit the email to them using this method. However, if you are concerned about the security of the content in the email, you are still able to directly submit the email to your campus security team for analysis.
I am not seeing the add-in in my supported client.
Try restarting your client or the device your client is running on. If this does not cause the add-in to show up, please contact your tech support team for assistance.
Cortana Daily Briefing
Cortana is Microsoft’s personal productivity assistant that helps you save time and focus attention on what matters most. Cortana Daily Briefing is an email you will receive once your mailbox is migrated to the M365 cloud environment.
The Briefing email summarizes what’s most important for the day ahead to help you feel more in control of your calendar and tasks. Cortana will send you the Briefing email near the start of your workday (as set in Outlook) when you have relevant items to help you plan the day ahead. You won’t receive an email on days when Cortana doesn’t have any suggestions.
What the Briefing email can help you do
Prepare for meetings
- Review documents and tasks that help you prepare for upcoming meetings.
- Open related documents and emails directly from Briefing, which saves you from having to search for them.
Keep your commitments
- Follow up on email commitments and requests that might have fallen through the cracks.
- You can mark a task as done, and it won’t be shown again, or dismiss one that’s not relevant, which helps Cortana learn what type of information is helpful to you.
Schedule focus time
- Dedicate time on your calendar to work on outstanding tasks and prepare for meetings without interruption.
Data privacy and security
Only you can see your Briefing email, which summarizes existing information that’s already available directly in your Office 365 mailbox. You can unsubscribe at any time with the Unsubscribe link at the end of every email.
Why is a PIN required?
Why is a PIN required to access UM email on my mobile device?
This is a security feature required to prevent unauthorized access to your university email account. Without a passcode or equivalent protection, such as fingerprint or facial recognition, anyone with physical access to your phone has access to your university email account.
Can I use fingerprint or facial recognition instead of typing a PIN code?
Yes. Fingerprint or facial recognition may be available on your device to enable the PIN code.
When I accept the policy to activate the PIN security feature, will other actions be performed on my phone?
When you accept the policy, you may receive a message that notes that the university mail server must be able to remotely control some security features on your device and that accepting this setting will allow operations to be performed, including erasing all data on the phone. Please note, accepting this policy will NOT:
- Erase any data on your device
- Disable, block or remove any applications
- Disable or remove any device features or services
The university will not manage, wipe or otherwise configure your mobile device. The ONLY change being required is a four-digit PIN to unlock the device screen. This aligns with other protective policies that you have agreed to by setting up access to your University email account on a mobile device. These include the ability for IT staff to:
- Perform a factory reset to completely wipe your device (happens only by request from the account or device owner)
- Wipe only university email data from your device, depending on the version/build of the device
What happens if I choose not to accept the policy?
If you choose not to accept the policy, you will not be able to set up an email application to access your university email account on your device. Instead, you will need to use a web browser on the device to access email through webmail.
I already have a PIN. Do I need to take any action?
If you have an Android device and already have a PIN, that will continue to work as usual. If you are using a pattern lock on Android, it will be replaced with a PIN and pattern lock will be disabled by the policy. If you have an iOS device and you have already enabled a regular passcode or touch ID, those will continue to work normally.
Devices are unique depending on the model and version of software that they are running. If you have any questions, please contact your campus IT help desk for assistance.
Frequently Asked Questions on Data Loss Prevention Policies - New!