Hello Helen,


I'll reply to you off-list about this particular user and why we haven't
reactivated her yet.


In general, you're right, faculty forwarding their mail anywhere is a bad
idea, and is almost guaranteed to run afoul of the information security
procedures ( ,


17.10.7. Protected University Information, and information that is protected
by law, professional ethics standards, or University policy, may not be
stored unencrypted, including unencrypted email.







Identity and Account Management

Information Security Office

University of Vermont

238 Waterman Building (Mailing Address)

234 Waterman Building (Actual Location)

Burlington, Vermont 05405


E-mail: [log in to unmask]


From: Technology Discussion at UVM [mailto:[log in to unmask]] On
Behalf Of Helen Read
Sent: Wednesday, June 29, 2016 1:05 PM
To: [log in to unmask]
Subject: Compromised Accounts and Forwarding UVM Email


So I have a faculty member who was locked out of her account yesterday after
falling for a really obvious phish. Apparently this has happened to her
multiple times. This is the first that I have heard about it, but okay, when
her account access is restored, I will sit down with her and show her how to
hover over links etc.


Meanwhile, this same person has long had her UVM email forwarding to her
gmail. I have explained to her why she shouldn't do this (as just one
example, she gets a copy of the Math Readiness Scores that I send out, which
I would definitely qualifies as confidential student information). She
thanked me for the information and has lately been replying to me from her
UVM email, but once or twice I would get a reply from her gmail, so I it
seemed she didn't actually stop the forwarding and was just trying to
remember (and occasionally forgetting) to email me from her UVM address. So
then today, I emailed her UVM address and asked if her account had been
re-enabled. She replied from her gmail to say that it hadn't (she has called
IAM multiple times but apparently they are swamped and she is waiting to
hear back).


The rather disturbing takeaway from this: her account was compromised and
has been disabled, and yet her UVM email is still forwarding to her gmail.
At least I think it's her gmail. How would I actually know?


Helen Read

Senior Lecturer

Department of Mathematics & Statistics

University of Vermont