Summary
Abnormal Email Security now provides digests for messages they have acted on over the past 24 hours. These actions can include:
- Quarantine or delete - if message is confirmed or highly suspicious of being an attack, OR
- Moved to Junk - if determined to be spam
The message digest provides the mailbox owner with both the sender and subject of messages they have remediated during this time. This will allow mailbox owners to review those messages and contact USNH Cybersecurity Operations with questions, concerns, or requests to remediate/release legitimate messages which may have been quarantined or deleted.
Content
The message digest will look like the following:
Note: the sender currently shows as Abnormal AI - no-reply@abnormalplatform.com
Questions
Q1 - What should I do if a message listed in the digest is legitimate and needs to be released?
Q2 - How long before a message is reviewed and released?
Q3 - The message that has been quarantined or deleted is time sensitive. How can I be sure this will be released in a timely manner?
Q4 - I prefer not to receive this digest every day, or not at all.
Q5 - Is this the same quarantine as what is provided by Microsoft?
Q6 - What are the promotions/graymail folders?
Q7 - What if I would like to opt-in to the Promotions folder?
Answers
A1 - What should I do if a message listed in the digest is legitimate and needs to be released?
Submit a request to the USNH Cybersecurity Operations Team using the General Cybersecurity Services request. Include the sender, subject, and why you believe the message to have been incorrectly flagged as suspicious or malicious. Cybersecurity will perform a review of the message and release if determined not to pose a threat to USNH. We are actively working with Abnormal to include an option in the digest to allow for a more streamlined release request process for a better customer experience.
Back to Top
A2 - How long before a message is reviewed and released?
This is largely dependent on the number of factors, but we will strive to have all requests addressed within a business day.
Back to Top
A3 - The message that has been quarantined or deleted is time sensitive. How can I be sure this will be released in a timely manner?
The USNH Cybersecurity Operations will work to review and release messages as quickly as possible, usually within a business day. However, this may require manual review. If the message is time sensitive, please indicate in the ticket or contact the USNH Cybersecurity Operations Team at IT.Security@usnh.edu and we will work to resolve as quickly as possible.
Back to Top
A4 - I prefer not to receive this digest every day, or not at all.
At this time, frequency can only be set for all USNH. The options are Daily, Weekly, or Monthly, with USNH opting to provide daily reports. If you prefer not to receive this digest you can opt-out by submitting a request to the USNH Cybersecurity Operations Team using the General Cybersecurity Services request.
Back to Top
A5 - Is this the same quarantine as what is provided by Microsoft?
This is not the same. Abnormal remediates messages AFTER they pass Microsoft detection engines. Abnormal determines which messages pose a potential security risk to USNH based on their indicators.
Back to Top
A6 - What are the promotions/graymail folders?
The Promotions folder is considered a “productivity” feature and is intended to capture spam or graymail. This is not fully deployed to USNH. If you do not have this folder, check your Junk folder for those messages. A feature request has been submitted to Abnormal to allow us to customize the digest to accurately reflect our current configurations.
Back to Top
A7 - What if I would like to opt-in to the Promotions folder?
Submit a request to the USNH Cybersecurity Operations Team using the General Cybersecurity Services request.
Back to Top
Need additional help?
Submit a request to the USNH Cybersecurity Operations Team using the General Cybersecurity Services request.
Visit the Technology Help Desk Support page to locate your local campus contact information or to submit an online technology support request. For password issues you must call or visit the Help Desk in person.