Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

fred_logo.jpg

Rev. 8.14.17

Purpose

The State University of New York at Fredonia is required by University, New York State and Federal regulations to implement practices to limit the unintended exposure or unauthorized access to Social Security Numbers (SSNs) and Credit Card Numbers (CCNs). SSNs and CCNs are strictly prohibited from being transmitted (sending or receiving) via email. Therefore, the Fredonia Messaging Gateway policy for Credit Card Numbers (CCNs) and Social Security Numbers (SSN)  is intended to actively filter and block fredonia.edu email accounts from sending and receiving this regulated data.  The Messaging Gateway will utilize an advanced algorithm and internationally accepted key phrases to effectively filter and then  bounce emails that contain this data. The Fredonia Messaging Gateway also enables Fredonia to provided critical security measures to protect our email and productivity infrastructure with effective and accurate real-time antispam and antimalware protection, targeted attack protection, advanced content filtering, and data loss prevention.

...

  • The Messaging Gateway uses algorithms to distinguish between valid credit card numbers or valid social security numbers and other numeric strings of the same length and/or format. Valid numbers may not be actual numbers of either type.

  • Filter based on the presence of any known key phrases in the BODY & SUBJECT AND a number that is a valid credit card number regardless of format.Filter based on the presence of any of the known key phrases AND a number that is a valid  social or social security number regardless of format. 

  • Fredonia email accounts will be prevented from sending or receiving e-mail with a credit card or social security number and an associated keyword anywhere in the body, subject or attachment of email. If you are the sender, then you will receive an Non-Delivery Report notification (bounce message.)  If someone from outside of Fredonia sends to a fredonia.edu email account such a message, they would receive the Non-Delivery Report notification.

  • Encrypted attachments cannot be scanned.  Therefore  contents of encrypted attachments will not trigger this policy.

  • The bounce notification will not contain a copy of the original email. 

...

If you do so, please include this problem report. You can delete your own text from the attached returned message.

“Fredonia respects the privacy and security of your personal information.  In addition, we are prohibited from sending or receiving social security numbers via e-mail.  Your e-mail appears to contain this information, so please contact the individual or office to determine an alternate means to relay the information. For your convenience, we are providing the below contact information so you may contact those offices to relay your  social security number: Undergraduate Admissions Office - (800) 252-1212 toll free, Financial Aid Office - (716) 673-3253, Student Accounts Office - (716) 673-3236, Office of the Registrar - (716) 673-3171, Extended Learning (J-Term, Summer Sessions, or Extended Learning Credit Program) - (716) 673-3177.Please contact the ITS Service Center should you have any questions or concerns (716) 673-3407 regarding this e-mail message. Thank you.”

...

If you do so, please include this problem report. You can delete your own text from the attached returned message.

“Fredonia respects the privacy and security of personal information.  In addition, we are prohibited from sending or receiving credit card numbers via e-mail.  Your e-mail appears to contain this information. We are permitted to accept credit numbers as a method of payment over the phone in a secure manner, in person, and via an online authorized payment gateway.  Please contact the individual or office you were trying to reach to determine an alternate means to relay the information. You may contact the ITS Service Center should you have any questions or concerns (716) 673-3407 regarding this e-mail message. Thank you.”

Compliance


Info

Short URL to this page: 

...