What's the background?

The greatest number of data breaches happen because of what’s described as ‘human error’.

2019 research highlighted by the National Cyber Security Centre (NCSC), analysing data from breaches reported to the Information Commissioner’s Office (ICO) that year, showed the figure to be as high as 90%: with nine out of ten of the 2,376 breaches reported to the ICO due to “mistakes by users”. Phishing also dominated the UK cyber-threat landscape, accounting for 45% of reports to the ICO (see our useful guide on how to combat phishing).

With email data breaches, ‘human error’ usually means mistakenly sending data to the wrong recipient.

The term is also used as a general umbrella for all the things that can go wrong when we don’t manage (or don’t acknowledge) the situations that make it difficult for us to behave securely – including heavy workloads, complex systems and poor awareness or training.

As you’ll know, we are focusing on awareness and training together with measures that make it easier for us all to work more securely and improve our information management and security across the University.

So what are we doing?

As we’re already reporting this week, the University is moving to Office 365 on the IT Services Managed Windows 10 Desktop. Keeping software up to date is a key element in maintaining good cyber-hygiene and allows us to benefit from new features – such as the email recipient alerts offered by an Office 365 mechanism known as ‘mail tips’.

Mail tips give users an alert message as they select the recipients of an email (in the same way as the attachment alert checks if you intend to attach a document). We are providing two triggers for alert messages to users – if the email is being sent to a recipient outside Warwick University or if they are a student.

Mail tip 1. External recipients

The External recipients mail tip message is triggered if an email is being sent to someone outside Warwick’s Office 365 tenancy and appears as: ‘The following recipient is outside your organisation’ with an option to click on ’Remove this recipient’.

The wording of the mail tip is fixed, as is the categorisation of the recipient as external to Warwick. This is based on whether Office 365 manages their email. Neither are major issues, but a small number of users with Warwick email that isn’t managed in Office 365 will be identified as external recipients - which may raise some queries.

Mail tip 2- Student recipients

This email tip is configured to identify email accounts that are linked to a student or a student in their post-study grace period. Again, the message must be short and fixed, so will just display the recipient’s name followed by the note: ‘is a student’. This message adds to the existing mechanism to identify student recipients by the capitalisation of their name and abbreviation to identify their level of study.

What will this mean for me?

The alert mechanism is designed to give all email users a moment of pause to check the recipient of their email is correct and as intended. It is a security-based prompt and will not stop the email sending.

Alone, this measure cannot prevent the kind of mistakes we might make when we’re busy, rushed or tired, but as part of a set of tools – including the capitalisation of student names and the Office 365 update – it will give us some useful support to work more securely.

What happens next?

The mail tips alert messages are straightforward to deploy in Office 365 and will be fully operational by the end of October.

Information and guidance

• Please read and follow our regular communications and key security advice
• Read and share these ten key points to ensure you are working as securely as possible.

Security & Information Management is Everyone's Responsibility