3rd Update on Email Security

The Email Security project continues to progress well within expected schedule and budget. During the month of October we completed the pilot phase by migrating 4 email domains for early adopters covering a college and three departments. Between the dates 12th November and 19th November we started our bulk migrations on a small scale, migrating a further 52 email domains successfully. As part of these migrations the team realised that some colleagues did not receive our notification messages. This caused an unforeseen issue, which has been remediated promptly upon us being informed about the situation. We apologise for the caused interruption. Following our investigation and lessons learned, we are confident this should not happen again and believe we can improve future migration performance.

Nonetheless, we recommend all our colleagues responsible for IT visit our migration website to identify the migration dates for their email domains. This website also lists the simple three step process including required checks. The team is always happy to help and answer any questions, please contact us at emailsecurity@infosec.ox.ac.uk

Email Gateway Performance

Since implementation began, the system has scanned 5,100,777 email messages for 18,131 email addresses. Out of these 3,360,328 messages were blocked due to malicious content and 1,740,449 messages were delivered:

  • 792,660 clean messages
  • 367,766 bulk newsletters (graymail)
  • 117,317 potential spam
  • 245,347 failed domain-based authentication
  • 203,521 low URL (web) reputation
  • 1,431 potential business email compromise attempts
  • 4,250 potential malware
  • 2,040 potential phishing
  • 4,587 potential advanced persistent threats
  • 1,530 other potential threats
Statistics for the Email Gateway Filter (TM HES_)

Next Steps

The next tranche of bulk migrations will take place between 26th to 29th November 2018. During this phase we will migrate approximately 50 domains per day. After this date the majority of email domains will benefit from the enhanced email security offered by the email gateway filter product (Trend Micro Hosted Email Security).

Following successful tests with InfoSec, IT Services and five early adopters, we are aiming to go live with the cloud security tool on Tuesday, 04/12/2018 at 10:00 UTC. [Update: the go-live date has changed to Wednesday, 28/11/2018 at 08:00 UTC for the malware filtering features of the cloud security tool.]

Please contact the team at emailsecurity@infosec.ox.ac.uk if you have any questions or reach out to John Ireland (interim CISO, work stream sponsor) or Marko Jung (work stream manager).