A menacing creature, laptop in its jaws, seeks your username and password.

IT’s Got Your Back!–Advanced Threat Protection

Remember back in the day when fishing meant a quiet afternoon down by the lake, rod and reel in hand? Throw a “ph” into the mix and, suddenly, it’s your personal information on the hook.

But wait. Not so fast. Scamming members of the UMass Boston community is now harder thanks to IT’s rollout of Advanced Threat Protection (ATP), a suite of security features available within Microsoft Office 365.

“Available within” makes ATP sound easy, but that’s far from the truth.. ATP comprises several cybersecurity features, including anti-phishing, antiimpersonation, Safe Links, Safe attachments, and External Sender notices. Then there’s the Herculean task of installing the ATP features, creating necessary policies, and establishing appropriate alerts. Next comes the pilot program, collaborations with a select group of users, and finally, the rollout.

Jamil Moosavifard, senior systems administrator in IT Communication and Infrastructure Services, along with a colleague, systems administrator Marla Filoso, teamed up with Alison Murray, senior information security specialist in IT Communications and Infrastructure Services, to make it all happen.

“With these safeguards, we can now be more proactive about stopping the fires before they spread,” says Moosavifard of the actions taken to protect members of the university community.

Phishing is one such fire. Thanks to ATP and the vigilance of the IT Systems and Security teams, phishing has been drastically reduced at UMass Boston—from hundreds of threats annually to a mere handful.

Safe Links is a fire extinguisher—a behind-the-scenes precaution that forwards an attached link to a Microsoft portal, where it is quickly scanned for safety. Safe attachments works in much the same way, although the scan takes a little longer, requiring patience on the part of the recipient. An external sender message alerts a recipient that an email has originated off the UMass Boston campus; anti-impersonation ensures that the sender is known to the recipient and is not a bad actor. The list of precautions in the ATP suite is lengthy.

Peter Bonitatibus is director of information systems and technology for Student Affairs. As a member of the Technology Information Sharing (TIS) group, he was one of the front-line collaborators offering feedback during UMass Boston’s ATP pilot program.

Of his collaboration with IT, Bonitatibus says, “IT staff are very helpful and provide support whenever asked. Also, the new CIO has reached out to divisional IT staff to better understand our needs, and this has redefined the service model for the IT Enterprise staff, who are more receptive to calls for assistance.”

As for the number of threats to members of Student Affairs since ATP was activated there, Bonitatibus says that he is not fielding as many calls. “I would say that ATP has been a success and, hopefully, more features could be added to reduce threats even further,” says Bonitatibus.

“It was incredibly helpful to get feedback from our collaborators,” says Murray of Bonitatibus and the other members of the TIS team. “We had good conversations and learned how to provide the best protection. All in all, we were a group of people who know what we’re doing talking to each other and getting things done.”

What’s better than that!