REMINDER: Security measures introduced to IMAP usage

13 May 2020

As our operating models adapt in response to COVID-19 remote working needs, CSD constantly monitors and reviews our security measures to adapt to the changing risks to University information, while maintaining resilient services.

CSD have identified a number of attacks targeting a form of accessing email called IMAP (Internet Message Access Protocol). IMAP isn't used by the majority of devices and users, and if you are currently successfully accessing your email on your devices, IMAP is most likely something you don't need.

However, we are aware that IMAP is required for certain individual use cases.

In order to continue to safeguard University users and data we have introduced a process to restrict automatic use of IMAP to access emails.

To ensure legitimate and justified IMAP usage can continue and to minimise disruption, we will:

1. Automatically provide access to all users (staff and students) who have used IMAP service in the past three months
2. Provide an automatic self-registration process through the CSD self-service portal: https://s.liv.ac.uk/579
3. From 26th May 2020 remove use of IMAP for staff and students who do not need to use IMAP

We appreciate your ongoing support to ensure University services remain secure and resilient.