Information Security
What is 2FA?
- A security process in which users provide two different authentication factors to verify themselves, which strengthens the security of our data and network.
- The factors we will use are username and password, along with your cell phone or a non-Butte College email account for verification.
Check out this two-minute student focused video:
Criminals and hackers are constantly coming up with new schemes designed to compromise computers, trick you into revealing valuable information (personal, financial, etc.), steal passwords, or trick you out of money.
How to protect yourself:
- Don't respond to email, phone calls, or pop-ups asking you for your password. You should never disclose your password to anyone, even if they say they work for Butte College, ITSS, or other campus organizations.
- Don't open files, click links, or call numbers in unsolicited emails
- If you can't verify it is legitimate, ignore or delete it.
- Cryptic or shortened URLs (e.g. Tiny URLs) are particularly risky because you can't easily tell where they are supposed to go.
- Don't give sensitive personal, financial, log-in, business, system or network information to anyone you don't know or who doesn't have a legitimate need for it -- in person, over the phone, via e-mail, IM, text, Facebook, Twitter, etc.
These FAQs help to explain our Proofpoint spam filtering system, and how Butte College processes emails that originate from outside the college. It will answer common questions about the tools that you can use to manage your personal spam account and quarantine.
Basics
What is the Proofpoint spam management system and why do we use it?
The Proofpoint spam management system is an email filtering tool. To protect Butte
College from virus attacks and to protect you from receiving hundreds of spam messages,
all incoming email is filtered by Proofpoint, which is an anti-spam and anti-virus
product.
How does email filtering work?
All incoming email is filtered by a server. Messages that contain a virus, or spam,
or inappropriate content can either be deleted or "scored." In the case of spam,
the message score indicates the probability that the message is spam --- so a message
scoring 100 would have 100% chance of being spam (definite spam) and a message scoring
0 would have 0% chance of being spam (legitimate correspondence). Messages scoring
high enough to probably be spam are quarantined, and messages scoring below 50 are
sent directly to your inbox.
Proofpoint URL Defense
Does Proofpoint protect against dangerous URLs?
Yes! Like our previous threat protection system, the new Proofpoint spam service will
help protect you from specific threats that are distributed via email, including phishing
and targeted attacks. Proofpoint's URL Defense protects you and Butte College’s network
resources by blocking access to malicious websites. Links in all email messages are
evaluated using a variety of sophisticated techniques to determine the likelihood
that they lead back to phishing or malware websites.
If links can't be definitively classified as safe when the message is received, the URL is rewritten so that clicking it will cause URL Defense to evaluate the linked website a second time. If the link is safe, you will see no difference. If it is malicious, you will see a notification in your browser like the following
Spam Quarantine
What is the Quarantine?
The Quarantine is a location where email messages that are suspected to be spam are stored temporarily so that they can be reviewed and retrieved if necessary. System administrators have the ability to search for messages on a user's behalf. You may also review and take action on your own quarantined email through the use of the End User Digest. Messages that are not released from the Quarantine are automatically deleted after 14 days.
How do I access the Quarantine?
As of May 30th, you can access your spam management account and Quarantine at antispam.ozone-1.com. Log in with your Butte College userid and password.
Can I access the antispam quarantine remotely?
Yes, you can access the system from anywhere.
How do I view messages that have been caught by the email filter and are in the Quarantine?
Log into antispam.ozone-1.com with your Butte College userid and password. Click Quarantine on the left side to view your messages in the Quarantine. This page displays messages addressed to you that were classified as spam and are sitting in the Quarantine.
I see an email in the Quarantine that is not spam. How do I release it to my inbox?
If you see a message in your Quarantine that is not spam, there are a few things you
can do. First, click on the check box next to the message. Then, click on Options
at the top of your screen. From here, you can apply several actions to email that
is not spam:
- Release: releases the message to your inbox.
- Not Spam: releases the message to your inbox, and in the future, messages like this one will not be classified as spam.
- Safelist: adds the sender of the selected message to your Safe Senders list.
How do I delete my messages in the Quarantine?
You don't need to delete quarantined messages. They will automatically be deleted after 14 days.
I did not receive an email I was expecting. How can I check to see if it might have been caught in my spam filter?
You will receive a spam End User Digest email once a day listing all emails that have been blocked by the spam filter. In addition, you can always log into antispam.ozone-1.com with your loginid and password and click "Quarantine" to check for emails that have been caught.
End User Digest
What is the End User Digest?
If email messages addressed to you were sent to the Quarantine, you will receive an
email notification, with the subject line End User Digest, in your mailbox. The Digest
provides you with a list of the messages addressed to you that are stored in the Quarantine.
You can look at the message subject headers to determine their content and decide
what actions you want to apply to the messages.
You may also receive an empty Digest, which is simply an email message indicating that you have no messages in the Quarantine.
How do I use the Digest?
The Digest will provide you with a list of all of the spam that has been quarantined
for your account since you received the last Digest update. You will see a list of
these messages and columns that indicate the subject, sender, and time received for
each email. You will have three separate links available to you to complete an action
on each email message:
- Release: releases the message from the Quarantine to your normal email inbox.
- Safelist: releases the message from the Quarantine to your inbox and adds the sender to your personal Safe Senders list. All future email from this sender will not be checked for spam.
- Report: reports that the message was a false positive (that is, it should not have been classified as spam). In this case, the system analyzes the data to ensure that similar messages are not caught as spam in the future.
Other links in the Digest provide additional functionality. These links are not related to individual quarantined messages. The following links provide additional Digest management:
- Request New End User Digest:immediately generates a new Digest with up-to-the-minute information about quarantined messages. Note: this Digest will contain a list of all messages currently in the Quarantine, not just those received since the last scheduled Digest update.
- Request Safe/Blocked Senders list:sends you a list of all entries currently on your personal Safe and Blocked Senders List. (This list of safe and blocked senders is different than any lists you have set up on your email client.)
- Manage My Account:allows you to change account preferences, as well as actively manage your Safe Senders and Blocked Senders lists using a web interface.
Why do I get a warning message when I click on links in the Digest?
It is normal to see an "Invalid Certificate" warning when clicking on the links in
the Digest. You can safely accept the certificate warning and continue.
How often will I receive an End User Digest?
By default, you will receive an End User Digest once a day around 7:00am (PST) if
messages have been placed into your Quarantine since the last digest was sent.
I don't want to receive End User Digests anymore. How do I stop them?
If you don't want to receive a Digest, you can change your settings in your Proofpoint
account
- Log into ozone-1.com
- Click "Profile" on the left sidebar
- Select "Settings"
- In the "My Settings" window, uncheck the box next to "Send digest with new message in my End User Digest." If this box is unchecked, you will no longer receive a digest.
Safe senders and blocked senders lists
What is a Safe Senders and Blocked Senders list?
There are two types of Safe Senders lists: the Global Safe Senders List and your personal
Safe Senders List. Both are simply lists of legitimate senders of email. The email
administrator controls the Global Safe Senders List, which applies to everyone in
the organization. You control your personal Safe Senders List to which you can add
the addresses of people, organizations, and mailing lists from which you do want to
receive mail.
If a sender's address is included in the Safe Senders List, the anti-spam system does not filter the message for spam. (However, it still filters the message for a virus or inappropriate content.)
There is also a Global Blocked Senders List and a personal Blocked Senders List. These lists contain addresses of people, organizations, and mailing lists from which you do not want to receive "junk email."
I set up lists of safe and blocked senders using my email client (Outlook, Apple Mail,
etc.) Will these lists be impacted?
No. The change in spam management system will not impact any lists of safe or blocked
senders that you have set up directly in your email client. Those will remain intact.
How do I manually add Safe Senders and Blocked senders to the new spam management
system?
Log into antispam.ozone-1.com with your Butte College UserID and password. Click Lists on the left side to view
your Safe Senders and Blocked Senders lists.
To add a Safe Sender to your list:
- Click Safe Senders Liston the left side.
- Click Newon the top of the page.
- Enter an email address (e.g., john.doe [at] xyz.com) into the field to permit all messages from this sender to be delivered. Optionally, enter an email domain (e.g., xyz.com) into the field to permit all messages from xyz.com to be delivered. Note: Permitting all email from an entire domain is not recommended as this could increase the risk of spam or malicious email.
- Click Save.
Follow the same procedure to add entries to your Blocked Senders list.
Email sent from addresses or domains on the Safe Senders List will not be filtered for spam, but will be filtered for viruses.
Other common questions
What other features are available to manage my account?
The Manage My Account link gives access to a separate web interface that will allow
you to manage your Safe Senders and Blocked Senders lists, change the preferred language
interface for your Digest, and adjust Digest preferences.
To access these features, click the Manage My Account link in the Digest. A separate browser window pops up on your screen and your personalized account management page will load in this window. You do not need to authenticate to your account management page because a secure code is generated in your personalized Digest that ensures that only you have access to change your settings.
You have the following options to choose from in your account management page. Click the name of the option in the left navigation pane:
- Profile - controls Digest settings and language preferences.
- Lists - provides tools to manage personal Safe Senders and Blocked Senders lists.
Profile option to manage my account
The Profile option displays a My Settings view and the Save, Request Digest, and Refresh links.
Links:
- Save: saves your settings each time you make any changes.
- Request Digest: sends you an updated Digest.
- Refresh: refreshes the view.
My Settings:
- Send digest with new messages: this is the default setting. You will only receive a Digest when you have new messages in the Quarantine.
- Send digest even when I have no new messages: this choice will send you a Digest whether or not you have new messages in the Quarantine. If there are no new messages, you will receive an empty Digest.
- Preferred Language: you can select a language from the drop-down list. This is the language that displays in your Digest and in your Manage My Account browser window.
- What type of spam detection do you want?: you can select a spam policy from the listed choices. The policies determine how you want your email filtered for spam.
What's with the "[EXTERNAL]" appearing in the subject line of emails in my inbox?
This has been implemented so that users are aware that an email has been sent from a source outside of our email domain. For instance if someone is sending malicious emails and pretending to be someone from Butte College, it will indicate that the email came from an external source.
Lists option to manage my account
The Lists option displays the Safe Senders List and Blocked Senders List views where you can manage your personal lists of safe senders and blocked senders. This feature is available to you if want to create your own personal lists.
Click Safe Senders List or Blocked Senders List in the left navigation pane to choose the list you want to manage.
Links:
- New - provides a text field so you can add an email address or domain to your list.
- Edit - lets you make changes to an address already on your list. You need to first select (click the check box) for the address you want to change.
- Delete - deletes the selected address from the list.
- Select All - selects all of the addresses on the list.
- Unselect All -un-selects all of the selected addresses on the list.
- Request Digest - sends you an updated Digest.
- Refresh - refreshes the view.
Safe Senders List: Email sent from addresses or domains on the Safe Senders List will not be filtered for spam, but will be filtered for viruses.
Blocked Senders List:Email sent from addresses or domains on the Blocked Senders List will automatically be discarded so that you will not receive future emails from them. Note: if a spam message does make it through to your inbox, you should not add that email address to your Blocked Senders List since spammers rarely use the same email address twice.
If You Get Ransomware
If a computer or device that is owned or managed by Butte College or is used to access or maintain sensitive Butte College data, take action immediately.
- Report it to User Support Services at usersupportservices@ozone-1.com or 530-895-2888.
- Don't pay the ransom. There are no guarantees when you are dealing with criminals.
What Is Ransomware?
- Ransomware is malicious software that infects and encrypts your computer and its files, as well as other devices. Victims are asked to pay a ransom to get their folders, files, and devices unlocked.
- Criminals use ransomware to extort money from individuals and organizations. A number of large health care providers have been targets.
How Ransomware Typically Gets on Devices
- You open an email attachment that downloads the malicious software, which then infects your device.
- You open a shared document link in an email message, and the document contains ransomware.
- You click a link in an email message that takes you to a malicious website where you are deceived into clicking on a link and downloading malicious software.
Once a computer or other device is infected, the malware begins encrypting files and folders on the device, local drives, any attached drives, backup drives, and potentially other computers on the same network.
What You Can Do to Protect Yourself
- Don't open unexpected email attachments. Check with the sender first.
- Check links in email before clicking by hovering over them with your mouse.
- Make backups, and keep them separate from your device.
- Learn more about ransomware:
- No More Ransom (nomoreransom.org). Decryption tools and prevention advice.
- Incidents of Ransomware on the Rise (FBI)
- Ransomware's Next Target (CBS News)
- What is Carbon Black? It is software that allows the installation of any known good software, and blocks anything unknown or malicious from running, providing improved security for our campus computers and data.
- What does high-enforcement mean? It means that Carbon Black will prevent installations of non-recognized software, although, if it's something you still need, you can ask for approval for installation.
- Our job is to keep campus owned computers and data safe while allowing everyone access to what they need to do their jobs.
Fall and Spring Hours
Monday - Thursday
7:30 AM - 5:00 PM
Friday
8:00 AM - Noon
Summer Hours
Monday - Thursday
7:00 AM - 5:00 PM
ITS - Room 103
3536 Butte Campus Drive, Oroville, CA 95965