The second and final cybersecurity awareness training campaign for the LLCC 2023-2024 cyber training school year with Infosec IQ begins today, April 1. This campaign will run through April 30. This will entail six short training courses, including assessments for the last three. During the campaign, a series of simulated phishing emails will also be sent out. The training in this spring campaign will focus on: secure use of ChatGPT, updates and patches, automatic updates, data loss prevention, data destruction and using public Wi-Fi. The purpose of putting this training into place is to raise awareness of the threats in our environment and to avoid costly data breaches.

Everyone receiving the email is required to complete this training by April 30. Failing to comply may result in loss of LLCC network access privileges and disciplinary action per board policy “8.6 – Employee Discipline.” On April 1, you will be sent an email notifying you of enrollment in the course. The link provided in that email will take you directly to your Infosec dashboard to complete the training. The enrollment email will be coming from Infosec IQ Notifications <notifications@securityiq-notifications.com> with the subject “Start your security awareness training.”

Geofencing blocks access to LLCC accounts outside of the United States. If you are traveling outside of the country and will need access to your LLCC account, please let the help desk know to have geofencing deactivated for the duration of your travel.

Most account attacks come from outside of the country. Geofencing is a good measure to block those attacks and reduce the number of compromise accounts.

IT Help Desk
helpme@llcc.edu
https://it.llcc.edu
217-786-2555

Level 4: Always enable multi-factor authentication.

Welcome to Level 4. No matter what you call it, multi-factor authentication, or MFA, is a security measure that requires anyone logging into an account to navigate a two-step process to prove their identity. By adding one more simple step when logging into an account, multi-factor authentication greatly increases the security of your account.

How it works: When logging into your account, you first provide your password or passphrase. Next, you will provide an extra way of proving that you’re you; this is typically done through:

• An extra PIN (personal identification number)
• An extra security question like, “What’s your favorite pet’s name?”
• An additional code, either emailed or texted
• A biometric identifier like facial recognition or a fingerprint
• A unique number generated by an “Authenticator App”
• A secure token is a separate piece of hardware (like a key fob that holds information) that verifies a person’s identity with a database or system

Look for this week’s Level UP poster on bulletin boards around campus for additional information.

Thank you for keeping LLCC off the cybercriminal’s leader board.

Level 3: Update Often

Welcome to Level 3. One of the easiest ways to keep your information secure is by making sure your software and apps are up-to-date. These updates fix general software problems and provide new security patches where criminals might get in.

Please Note: When downloading a software update, only get it from the company that created it. Hacked, pirated or unlicensed software versions often contain malware and cause more problems than they solve.

It is advised to turn on automatic updates. When there’s an update available, it will give you a reminder so that you can easily start the process.

Look for this week’s Level UP poster on bulletin boards around campus for additional information.

Thank you for keeping LLCC off the cybercriminal’s leader board.

Level 2: Passwords – Long, Unique and Complex

Welcome to Level 2. Don’t reuse the same password across websites. If one of those sites gets compromised, hackers will try that password on other sites as well. No matter the account, all passwords should be created with these three words in mind:

• Long – At least 12 characters
• Unique – Never reuse passwords. Each account needs its own unique password.
• Complex – Use a combination of uppercase and lowercase letters, numbers and special characters. Some websites will even let you include spaces.

If you haven’t already, install a password manager — never write passwords down. Password managers not only let you manage all your online accounts’ unique passwords, but they have some other advantages:

• Saves you time
• Works across all your devices and operating systems
• Protects your identity
• Notifies you of potential phishing websites

Look for this week’s Level UP poster on bulletin boards around campus for additional information.

Thank you for keeping LLCC off the cybercriminal’s leader board.

Level 1: See it, so you don’t click it.

Welcome to Level 1. This year, cybercriminals have sent over 3.3 billion phishing messages and caused over 4,000 data breaches, exposing over 22 billion personal records. Some of these probably impacted you personally. Our mission is to provide you with some quick tips on how to spot a phishing email. They contain:

• An offer that’s too good to be true
• Language that’s urgent, alarming or threatening
• Poorly-crafted writing with misspellings and bad grammar
• Greetings that are ambiguous or very generic
• Requests to send personal information
• Urgency to click on unfamiliar hyperlinks or attachment
• Strange or abrupt business requests
• A sending email address that doesn’t match the company it’s coming from

If you suspect an email is phishing, it’s best to report it. For more information and instructions on how to report a potential phishing email or if you believe you have experienced a cybersecurity breach read more here:

Cybersecurity : Lincoln Land Community College (llcc.edu)

Look for this week’s Level UP poster on bulletin boards around campus for additional information.

Thank you for keeping LLCC off the cybercriminal’s leader board.

October is Cybersecurity Awareness Month — our chance to sharpen our cybersecurity skills, learn ways to avoid security threats and have some fun while we’re at it!

Starting next month, we’re Leveling Up our cybersecurity training.

Each week, we’ll share helpful tips and resources to help you stay safe and secure on your online travels — at work and at home.

For hackers cybersecurity is a game. Learn more about it here:

If you have any questions about cybersecurity or spot something suspicious, ask us!  We’re here to help.

Look for a new Level UP poster on bulletin boards around campus each week during the month for additional information.

Game on!

Greg Matejka
IT Security and Assurance Manger