LLCC ACCOUNT GEOFENCING

Geofencing blocks access to LLCC accounts outside of the United States. If you are traveling outside of the country and will need access to your LLCC account, please let the help desk know to have geofencing deactivated for the duration of your travel.

Most account attacks come from outside of the country. Geofencing is a good measure to block those attacks and reduce the number of compromise accounts.

IT Help Desk
helpme@llcc.edu
https://it.llcc.edu
217-786-2555

Updates to Chapter 10 Information Technology Policies

The following are some important updates to LLCC Chapter 10 Information Technology policies that aim to enhance the security of our network environment and ensure the responsible use of technology within the college.

New Procedure under 10.2, Section 5. Remote Access: Remote access to local resources in the LLCC network environment shall be authorized and managed on a case-by-case basis based on the official responsibilities of the employee’s position at the request of the supervisor. All remote access to the LLCC local network must use a secure, College-provided solution.

This measure ensures a higher level of security and protects our network from potential vulnerabilities.

New Procedure under 10.3, Section 7.B.6) Email Forwarding: System-based email forwarding is prohibited. This means that users are not allowed to automatically forward their LLCC email to any external email accounts, including personal email accounts or other accounts not owned by the College. Exceptions must be approved in advance by the IT department and must be based on a legitimate business need. Any exceptions must be documented in writing and include a timeline for implementation and justification for the need for email forwarding.

This change reinforces the confidentiality of our communications and safeguards sensitive information.

New Procedure under 10.3, Section 8:  Electronic Meetings: This policy is designed to establish guidelines for the recording and usage of meetings within LLCC’s Microsoft Teams platform, with a focus on safeguarding privacy, preventing the generation of false information, and addressing potential misuse of AI technology. Meetings shall only be recorded with the explicit consent of all participants. This consent must be obtained at the beginning of the meeting and clearly communicated.  Access to recorded meetings should be limited to authorized personnel. Recordings should not be shared with individuals who were not part of the original meeting without the consent of the participants. Recordings should be retained for the minimum period necessary for their intended purpose. A predetermined retention period should be established, and recordings should be deleted after this period has elapsed. Recorded meetings should be stored in a secure and encrypted environment to prevent unauthorized access. The use of AI or any other technology to manipulate the content of recorded meetings for the purpose of generating false information is strictly prohibited. Meeting organizers shall ensure that all recording and storage practices comply with relevant data protection regulations, such as GLBA, FERPA or local privacy laws.

These updates are essential steps to align our practices with the latest industry standards, comply with relevant data protection regulations, and foster a secure and collaborative work environment. We appreciate your cooperation in implementing and adhering to these changes.

If you have any questions or need clarification on any of the updated policies, please feel free to reach out to IT. Your commitment to maintaining a secure and efficient work environment is crucial to the success of the college.

Posted in ITS |

New technology request process

LLCC Data Governance Council and Technology Advisory Group have developed a new technology request process. This process will ensure all technology requests are reviewed appropriately and implemented in a timely manner. This process is required for all new technology requests prior to submission for budget approval for the next fiscal year.  Given that the review time may vary depending on the project’s scope, we encourage you to initiate this process as soon as possible.

To start this process, please complete the form provided at this link:
Technology Request Form

Should you have any questions or need assistance, feel free to reach out to the IT Department by submitting a helpdesk ticket with your questions.

Posted in ITS |

Fall 2023 Mandatory Cybersecurity Awareness Training begins Nov. 1

The first of two cybersecurity awareness training campaigns for the LLCC 2023-2024 cyber training year with Infosec IQ begins tomorrow, Wednesday, Nov. 1. This campaign will run through Nov. 30. This will entail four short training courses and assessments and will be followed by a series of simulated phishing emails. The training in this fall module will focus on: multifactor authentication, social engineering, data privacy and incident response. The purpose of putting this training into place is to raise awareness to the threats in our environment and to avoid costly data breaches.

Everyone is required to complete this training will receive an email on Nov. 1 notifying them of enrollment in the course and is required to complete this training by Nov. 30. Failing to comply may result in loss of LLCC network access privileges and disciplinary action per board policy “8.6 – Employee Discipline.” The link provided in that email will take them directly to their Infosec dashboard to complete the module. The enrollment email will be coming from Infosec IQ Notifications <notifications@securityiq-notifications.com> with the subject “Start your security awareness training” Here is an example of what the email will look like:

(Email example) Subject: Start your security awareness training From: notifications@securityiq-notifications.com. [External Email] {Lincoln Land Community College logo}. Hello Gregory, You have been enrolled in the LLCC Fall 2023 Cybersecurity Awareness course, courtesy of Lincoln Land Community College. Please complete your training within the next 29 days. This training is required. Failure to complete your training by the required due date will put your account at risk of being disabled. {button: Start your training}. Thank you, Lincoln Land Community College.

Posted in ITS |

Cybersecurity presentation today, 2 p.m.

Join the LLCC Computer Science Academy today, Oct. 27, at 2 p.m. for an insightful presentation by Greg Matejka, IT security and assurance manager at LLCC, as he shares his expertise in overseeing the college’s robust cybersecurity framework. This online cybersecurity presentation will take place via Microsoft Teams teleconference and is expected to run for approximately 30-45 minutes, followed by an engaging Q&A session.

Greg’s talk will not only delve into his pivotal role at the college but will also explore the cybersecurity landscape in today’s job market. While the Q&A session will provide an opportunity for addressing technical inquiries, the primary focus will be on the role and the cybersecurity framework that LLCC has embraced.

Cybersecurity: Enabling multi-factor authentication

Level 4: Always enable multi-factor authentication.

LLCC cybersecurity awareness campaign logo: Secure Your Screen. Shows five movie type posters.Welcome to Week 4! Multi-factor authentication (MFA) is a security measure that requires anyone logging into an account to navigate a two-step process to prove their identity — usually via a push notification; think of MFA as a sequel to a password. Remember: two factors are better than one.

How it works: When logging into your account, you first provide your password or passphrase. Next, you will provide an extra way of proving that you’re you; this is typically done through:

  • An extra personal identification number (PIN)
  • An extra security question like, “What’s your favorite pet’s name?”
  • An additional code, either emailed or texted
  • A biometric identifier like facial recognition or a fingerprint
  • A unique number generated by an “Authenticator App”
  • A secure token is a separate piece of hardware (like a key fob that holds information) that verifies a person’s identity with a database or system

Look for this week’s Secure Your Screen poster on bulletin boards around campus.

Thank you for removing our organization from the hackers’ cast list.

Posted in ITS |

Cybersecurity presentation Oct. 27

Join the LLCC Computer Science Academy on Oct. 27 at 2 p.m. for an insightful presentation by Greg Matejka, IT security and assurance manager at LLCC, as he shares his expertise in overseeing the college’s robust cybersecurity framework. This online cybersecurity presentation will take place via Microsoft Teams teleconference and is expected to run for approximately 30-45 minutes, followed by an engaging Q&A session.

Greg’s talk will not only delve into his pivotal role at the college but will also explore the cybersecurity landscape in today’s job market. While the Q&A session will provide an opportunity for addressing technical inquiries, the primary focus will be on the role and the cybersecurity framework that LLCC has embraced.

Cybersecurity: Updating software

A Star is Born: Update Often

LLCC cybersecurity awareness campaign logo: Secure Your Screen. Shows five movie type posters.Welcome to Week 3! We see movies being remade constantly on the silver screen to stay relevant. Just like our favorite reboots, our software and apps want the latest and greatest updates to stay secure. These updates fix general software problems and provide new security patches where criminals might get in.

Please Note: When downloading a software update:

  • Only get it from the company that created it. Hacked, pirated or unlicensed software versions often contain malware and cause more problems than they solve.
  • Make sure the software or application you’re updating is approved by your organization. If you are unsure, please contact our team for more information.

It is advised to turn on automatic updates. When an update is available, it will give you a reminder so you can easily start the process.

Look for this week’s Secure Your Screen poster on bulletin boards around campus.

Thank you for removing our organization from the hackers’ cast list.

Posted in ITS |

Cybersecurity: Recognizing and Reporting Phishing

LLCC cybersecurity awareness campaign logo: Secure Your Screen. Shows five movie type posters.Lights, camera, hack-tion!

The reviews are in. Phishing is popular among hackers and can be catastrophic for organizations. Phishing makes up 44% of social engineering incidents, and 98% of phishing incidents are via email. But it isn’t enough to simply know that phishing emails are out there; you also need to be able to recognize and report them. Let’s preview some of the scripts used by hackers in their big heists this year:

  • Emails that contain an offer that’s too good to be true
  • Language that’s urgent, alarming or threatening
  • Poorly-crafted writing with misspellings and bad grammar
  • Greetings that are ambiguous or very generic
  • Requests to send personal information
  • Urgency to click on unfamiliar hyperlinks or attachment
  • Strange or abrupt corporate communications
  • Sending e-mail address doesn’t match the company it’s coming from

If you suspect an email is phishing, it’s best to report it to the LLCC Help Desk. For more information visit Cybersecurity: Lincoln Land Community College (it.llcc.edu).

Look for this week’s Secure Your Screen poster on bulletin boards around campus.

Thank you for removing our organization from the hackers’ cast list.

Posted in ITS |

Cybersecurity Awareness Month 2023: Secure your screen

LLCC cybersecurity awareness campaign logo: Secure Your Screen. Shows five movie type posters.October is Cybersecurity Awareness Month — our chance to sharpen our cybersecurity skills, learn ways to avoid security threats and have some fun while we’re at it!

Starting next month, we’ll be rolling out the red carpet by sharing helpful tips and resources to help you stay safe and secure, whether at work or at home.

Learn more about it at https://infosecinstitute.wistia.com/medias/u0fswi51wk.

If you have any questions about cybersecurity or spot something suspicious, ask us! We’re here to help, just contact the LLCC Help Desk:

https://it.llcc.edu/
The Help Desk is located in Sangamon Hall, Room 1132 (outside of the library main entrance).
​​2​17-786-2555helpdesk@llcc.edu

Look for a new Secure Your Screen poster on bulletin boards around campus each week during the month.

Greg Matejka
IT Security and Assurance Manager

Posted in ITS |