CTS Email Security protects you with a two layer filtration system backed by our partners Barracuda and Avanan. Understanding the basics on how to use these filters will not only help you improve their effectiveness overtime, but will also insure important communications are not missed.
Barracuda
CTS Cloud security partner, Barracuda, provides the first line of defense against malicious emails. They are an industry leader when it comes to the speed and frequency of updates to their threat-detection algorithms.
Quarantine Digest
Before emails are delivered to your inbox, they are scanned by Barracuda. Any emails flagged as dangerous are quarantined and listed on the Quarantine Digest email (QD for short). The QD contains a summary of all quarantined emails since the last digest was sent. QD emails are delivered to your inbox twice a day, Monday through Friday. If there are no new quarantined emails since the last notification, you will not receive a QD. Quarantined emails are purged after 30 days unless you take action to deliver them as described below. Each email that is flagged as dangerous and quarantined will have three release options listed under "Actions". No action is necessary unless you would like to deliver, allow, or block the sender.
Deliver: This will deliver the quarantined email to your inbox.
Allow List: This will whitelist the sender and deliver the email to your inbox. Please only use this if the sender is trusted. Once you add sender to the allow list, all emails from them (legitimate or not) will bypass Barracuda quarantine filter.
Block List: This will add the sender to the block list. All future emails will be blocked from this sender.
Quarantine User Portal
While reviewing the Quarantine Digest email is sufficient most of the time, the Quarantine User Portal can be used to view all quarantined emails from the past 30 days. You can search by keyword and release emails to your inbox as needed. To access the portal, visit https://ess.barracudanetworks.com. If you are on our Microsoft platform, you will be able to login to the portal using your Microsoft email credentials (single sign-on). If you are on our Google platform, you will have unique credentials set during your onboarding. If you need login assistance, please contact our support team.
Message Filter: Select "Not Allowed" from this dropdown to view all quarantined emails. Search: Keyword searches can be performed here. The dropdown to the right, which defaults to 2 days, can be changed to view up to 30 days worth of emails. When you click on an email, it will show a content preview and provide the options shown in the image below. These options will perform the same functions described above under Quarantine Digest emails.
Email Encryption
When emailing or requesting sensitive information, you should use email encryption for improved security. Email encryption keeps sensitive information on the secure web server instead of transporting it across the internet over multiple mail servers. Please note: Email Encryption service is only available for external communications, since internal emails do not leave the mail server.
Sending Encrypted Emails
Sending an encrypted email is very easy. Simply type (secure) in the subject header of your email. This will will trigger the CTS encryption engine to secure your message on the fly. Attachments are supported as well. You must type parentheses with the word secure, and it is recommended to place it at the beginning of your subject. Your recipient will receive an email with clear instructions to view your message. Encrypted messages are purged after 30 days.
Receiving Encrypted Emails
If you receive an encrypted message (or a reply to an encrypted message you sent), you will receive an email with a link. When you click on the link to access the encrypted message, you will be directed to the Encrypted Message Portal. Alternatively, you may also go to encrypt.barracudanetworks.com (you won't be able to access the portal if you have not received any encrypted emails). If this is your first time accessing the portal, you will be prompted to create a password. If you can't remember your password, you may use the reset option. Once logged in, you will be able to view all your encrypted messages from the past 30 days. To reply to an encrypted message, simply open it and click on the reply icon up top. TIP: If you are trying to collect sensitive information from someone, send them an encrypted message. They will have to access the Encrypted Message Portal to reply so their response will also be encrypted.
Avanan
CTS Cloud security partner, Avanan, is an advanced phishing and malicious intent scanner. Combining our personalized mail flow training with Avanan's cutting edge AI engine creates the most effective protection against phishing emails that hide in plain sight. Reviewing the basics on how Avanan works will insure no important communication is missed.
What is a phishing email?
- Phishing emails are emails that pretend to be from a legitimate source with the intention of stealing your information. You can read more about phishing attacks here.
What is an email malware attack?
- Emails with malicious file attachments are called malware attacks. You can read more about malware here.
Threat Categories
Avanan categorizes email threats in the four unique bins listed below. These threat categories dictate how flagged emails are treated. In addition, Avanan flags emails detected as spam.
Phishing Attack: In Microsoft 365 platforms, emails flagged as phishing attacks will be quarantined. You will receive a notification containing sender information as well as the reason(s) why the email was flagged. If you believe the email is incorrectly flagged, you can click on the link provided in the notification email to receive the message as shown on the screenshot below. In G'Suite platforms, emails flagged as phishing will be delivered with a warning header.
Suspected Phishing Attack: Emails flagged as a potential phishing attack will be delivered with a warning header.
Malware Attack: Emails flagged as malware attacks will be quarantined. You will receive a notification containing sender information as well as the reason(s) why the email was flagged. If you believe the email is incorrectly flagged, you can click on the link provided in the notification email to request the message to be released by the CTS team.
Suspected Malware Attack: Emails flagged as potential malware attacks will be quarantined. You will receive a notification containing sender information as well as the reason(s) why email was flagged. If you believe the email is incorrectly flagged, you can click on the link provided in the notification email to receive the message.
Spam Emails: Emails flagged as spam will have [Spam] inserted in their subject.