The Cybersecurity Evangelist: Ep 21 – Does Everyone Need to Know when You’re OOO (Out-of-Office)?

By Jennifer Lyn Walker, The Cybersecurity Evangelist

Please enjoy this month’s episode of The Gate 15 podcast on AnchorSpotifyAppleGoogle, as well as other locations accessible via the Anchor link or almost anywhere you listen to your favorite podcasts.


In episode 21, it’s another monologue and travel-related public service announcement – this time on the risk of automatic out-of-office notifications.

TCE provides a little food for thought on the oh-so-common Out-of-Office notifications and some considerations for using them.

A few suggestions for managing Out-of-Office (OOO) replies to only those with a need-to-know:

  • None. Don’t send any automatic OOO replies. Communicate pertinent details with the people who are most likely to contact you while you’re away through alternative means such as individual emails, other messaging/collaboration platforms, or the telephone.
  • Internal only. Send OOO’s only to senders within your organization on the internal domain. This option also serves as a reminder for those you’ve already communicated your absence and keeps automatic replies from going out to threat actors
  • Internal, plus external contacts. Send OOO’s to internal emails and then only to external senders already in your contacts. This option would advise trusted external partners of your status, but would not divulge sensitive information to unsolicited parties.

And since I try not to close without a little something for everyone, given that so many enjoy posting vacation and other travel related pics, here are three tips to keep in mind when doing so: 

  1. Please use good judgement – think twice about the message your pics convey or the information they contain.
  2. Consider posting most of the descriptive pics when you return to your normal routine – while they could still be used to gather information about your interests, it’s less likely a scammer can use the ploy in real time.
  3. Most importantly: Be AWARE (awareness and understanding are half the battle) that what you post could be used to personalize a spear phishing attack – via email, smishing, phone call, etc. – against you or your contacts (family, friends, colleagues).

Have a listen here.


Read more about Gate 15’s full podcast menu at our Podcast page.

You can subscribe and enjoy all the Gate 15 Podcasts on AnchorAppleSpotifyGoogle, as well as other locations accessible from the Anchor link. Week-to-week, listen and learn more about our all-hazards threats, risks, mitigations, and other issues impacting homeland security risk management from our team as well as our regular and special guests. The full podcast menu includes:

  • The Risk Roundtable, is a recurring monthly discussion among our team and occasional guests as we explore the all-hazards threats and risks impacting the United States and internationally.
  • The Cybersecurity Evangelist, with Jennifer Lyn Walker, is a cybersecurity-focused podcast designed with a little cyber-something to help everyone be more cyber secure.
  • Nerd Out! Security Panel Discussion, moderated by Dave Pounder, focuses on physical security topics including terrorism, extremism, hostile events, and other pertinent topics.
  • The Gate 15 Interview, is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues.

We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on TwitterLinkedIn or via email at: [email protected].

Related Posts