Category Archives: ITS

10.07.24

RECIPE FOR CYBERSECURITY: Using strong passwords and a password manager

Recipe for CybersecurityKey to a successful cybersecurity recipe: Strong and unique passwords

Welcome to Week 2 of Cybersecurity Awareness Month! It is important to always use a unique password for each of your online accounts. Don’t reuse the same password across websites. If one of those sites gets compromised, hackers will try that password on other sites. No matter the account, all passwords should follow these preparation steps:

  • The more characters you use the better (at least 12 characters)
  • Never reuse passwords. Each account needs its own unique password.
  • Use a combination of upper and lowercase letters, numbers and special characters. Some websites will even let you include spaces.
  • Use a random password generator paired with a password manager for extra security.
  • Look for this week’s Recipe for Cybersecurity poster on bulletin boards around campus.

Thank you for being the key ingredient in our recipe for cybersecurity success!

10.01.24

RECIPE FOR CYBERSECURITY: Recognizing and Reporting Phishing

Recipe for CybersecurityDon’t Get Burned by Scam Emails

Phishing makes up 44% of social engineering incidents, and 98% of phishing incidents are via email. But it isn’t enough to simply know that phishing emails are out there; you also need to be able to recognize and report them. Here are some chef tips on how to clearly spot a fake phishing email so you don’t get burned:
  • Emails that contain an offer that’s too good to be true
  • Language that’s urgent, alarming, or threatening
  • Poorly-crafted writing with misspellings and bad grammar
  • Greetings that are ambiguous or very generic
  • Requests to send personal information
  • Urgency to click on unfamiliar hyperlinks or attachment
  • Strange or abrupt corporate communications
  • Sending email address doesn’t match the company it’s coming from

When you smell phish, report it immediately – or you might get burned. Report it to the LLCC Help Desk. Read more about Cybersecurity.

Look for this week’s Recipe for Cybersecurity poster on bulletin boards around campus. Thank you for being the key ingredient in our recipe for cybersecurity success!

09.23.24

CYBERSECURITY AWARENESS MONTH IS ON THE MENU

October is Cybersecurity Awareness Month — our chance to sharpen our cybersecurity skills, learn ways to avoid security threats and have some fun while we’re at it!

Starting next month, we’ll be serving up some tasty cybersecurity tips and resources to help you stay safe and secure, whether at work or home. Together, we’ll create the perfect recipe for cybersecurity awareness.

Learn more about it in this video.

If you have any questions about cybersecurity or spot something suspicious, ask us! We’re here to help, just contact the LLCC Help Desk, or call 217-786-2555. The Help Desk is located in Sangamon Hall, Room 1132 (outside of the Center for Academic Success/Library main entrance).

Look for a new Recipe for Cybersecurity poster on bulletin boards around campus each week during the month of October.

Recipe for Cybersecurity

 

08.23.24

Changes to the LLCC Wireless Network this Fall

  • The LLCC-Student network has been retired.
  • Students can connect to the LLCC-GUEST network to access the internet and essential resources such as LoggerCentral and Canvas.
  • Faculty and staff can also utilize the LLCC-GUEST network for internet access, or the LLCC-EMPLOYEE network to access internal systems that require authentication such as Colleague, EMS or Zogotech.

These changes aim to improve your overall network experience.

If you encounter any difficulties, please contact the helpdesk at helpdesk@llcc.edu or 217-786-2555.

Posted in ITS |
08.07.24

Retirement reception for Karla Wilham today

Happy Retirement sign pointing toward the beach.The LLCC IT Department invites you to a retirement reception for Karla Wilham, information technology specialist, this afternoon in the Robert H. Stephens Room from 2-3:30 p.m.

Please join us as we bid farewell to Karla and wish her well on this next journey.

08.05.24

Handling Phishing Attempts: A Guide to Protect Yourself

It’s that time of year when LLCC sees an increase in phishing attempts.
Phishing involves fraudulent communications designed to deceive individuals into divulging sensitive information or performing actions that compromise security. Spear-phishing targets specific individuals within an organization by pretending to be someone they know or trust, such as a higher-up in the organization, to increase the chances of success.
Phishing attacks, especially those masquerading as communications from higher-ups in your organization, can be quite sophisticated and convincing. Here are some steps you can take to protect yourself and mitigate the risk:

  1. Verify the Sender’s Identity
    1. Check the Phone Number/Email Address: Compare the sender’s contact information with your organization’s directory or known contact details. Phishers often use similar but slightly altered information.
    2. Contact the Sender Directly: Use a known, trusted method (e.g., calling their direct line) to confirm if they actually sent the message.
  2. Be Skeptical of Urgent Requests
    1. Question Unusual Requests: If the message asks for sensitive information, immediate action, or unusual tasks (like transferring money), be cautious. High-ranking officials typically follow standard procedures and rarely make such requests via text message.
    2. Look for Red Flags: Incorrect or spoofed email from address (usually one letter different than the correct one), or a tone that doesn’t match the sender’s typical communication style can be indicators of a phishing attempt.
  3. Avoid Clicking on Links or Downloading Attachments
    1. Don’t Click Without Verification: Links in phishing messages often lead to fake websites designed to steal your credentials. Always verify before clicking.
    2. Beware of Attachments: These can contain malware. Only open attachments if you are expecting them and have verified the sender.
  4. Use Multifactor Authentication (MFA)
    1. Enable MFA: This adds an extra layer of security. Even if your credentials are compromised, MFA can prevent unauthorized access.
    2. Use Secure Methods: Opt for authentication apps or hardware tokens over SMS-based codes, as these are more secure.
  5. Keep Software Up to Date
    1. Regular Updates: Ensure your operating system, applications, and antivirus software are up to date. Patches often fix security vulnerabilities that attackers exploit.
    2. Automatic Updates: Enable automatic updates where possible to stay protected without manual intervention.
  6. Educate Yourself and Others
    1. Stay Informed: Keep up to date with the latest phishing tactics and scams. Awareness is a key defense.
    2. Share Knowledge: Educate your colleagues about phishing threats and how to recognize them. A well-informed team is less likely to fall victim to such attacks.
  7. Trust Your Instincts — Be cautious: If something feels off, it probably is. It’s better to double-check and be safe than to assume and be sorry.
  8. Report Suspicious Activity — Notify the LLCC IT Help Desk: If the attempt is via email, report it through the “report message” button in Microsoft Outlook. This helps in tracking and mitigating threats for everyone. If you suspect a phishing attempt through texting or any other method, or if you believe you clicked on something suspicious, report it to the LLCC Help Desk by email at helpdesk@llcc.edu or calling 217-786-2555.

By staying vigilant and following these steps, you can significantly reduce the risk of falling victim to phishing attacks. Remember, cybercriminals rely on exploiting human trust and errors, so being cautious and informed is your best defense.

Posted in ITS |
05.16.24

LLCC welcomes three new employees!

John Sepanski, student success coach

John Sepanski

LLCC Student Succes welcomes John Sepanski as a new student success coach. John will coach students in arts and communication as well as English and humanities. His first day was Monday, May 13. John holds a Bachelor of Science degree in mathematics from Millikin University and a master’s degree in education technology. He comes to us from the Goodwill Excel Center in St. Louis, an adult high school. You can reach John at 217-786-3686  Welcome to LLCC John!

David Miller, IT project manager

David Miller

Information Technology Services welcomes David Miller to the team. David, a new project manager, started on May 13. David brings his project management experience from the State of Illinois Department of Innovation and Technology as well as Horace Mann. You can reach David at 217-786-3684. Welcome David!

Bobbi Lettimore, administrative assistant to the dean of English and humanities

Bobbi Lettimore

Department of English and Humanities welcomes Bobbi Lettimore as the new adminstrative assistant to the Dean of English and humanities. Bobbi’s first day was May 13. She comes to us from a K-2 charter school in Colombus, Ohio. She calls Waverly home, and is an LLCC alum! you can reach Bobbi at 217-786-3688. Welcome back to LLCC Bobbi!

05.10.24

LLCC ACCOUNT GEOFENCING

Geofencing blocks access to LLCC accounts outside of the United States. If you are traveling outside of the country and will need access to your LLCC account, please let the help desk know to have geofencing deactivated for the duration of your travel.
Most account attacks come from outside of the country. Geofencing is a good measure to block those attacks and reduce the number of compromise accounts.

IT Help Desk
helpme@llcc.edu
https://it.llcc.edu
217-786-2555

Posted in ITS |
04.29.24

Complete your Cybersecurity training by tomorrow

The second and final cybersecurity awareness training campaign for the LLCC 2023-2024 cyber training school year with Infosec IQ begins today, April 1. This campaign will run through April 30. This will entail six short training courses, including assessments for the last three. During the campaign, a series of simulated phishing emails will also be sent out. The training in this spring campaign will focus on: secure use of ChatGPT, updates and patches, automatic updates, data loss prevention, data destruction and using public Wi-Fi. The purpose of putting this training into place is to raise awareness of the threats in our environment and to avoid costly data breaches.

Everyone receiving the email is required to complete this training by April 30. Failing to comply may result in loss of LLCC network access privileges and disciplinary action per board policy “8.6 – Employee Discipline.” On April 1, you will be sent an email notifying you of enrollment in the course. The link provided in that email will take you directly to your Infosec dashboard to complete the training. The enrollment email will be coming from Infosec IQ Notifications <notifications@securityiq-notifications.com> with the subject “Start your security awareness training.”