Sophos antivirus software protection to help keep university computers secure
Posted: May 1, 2015 Filed under: Employees, General news, Projects, Security, Software Leave a commentInformation Technology Services will be changing out the default antivirus software that protects university-owned desktop and laptop computers used by faculty and staff.
The transition, which will be implemented this summer, will replace Symantec Endpoint antivirus software with Sophos antivirus.
Sophos already is available on the ITS software downloads page, found on the ITS website, as a free SafeConnect-compatible antivirus application.
For computers on the Eastern campus network, Symantec will be removed from machines and Sophos will be installed automatically, although in a few cases, ITS technicians may need to change out the software manually.
In replacing Symantec Endpoint with Sophos, computer users will benefit from a powerful antivirus package to protect their machines from malware and viruses. At the same time, the university will reduce expenses, as three years of licensing for Sophos costs about the same as one year’ license for the use of Symantec. ITS is reviewing all of its software and maintenance licensing in an effort to reduce costs.
Students’ personal computers will not be loaded with the same Sophos software as university-owned machines, but a free version of the software is available on the ITS software download page, http://www.eiu.edu/its/helpdesk/swdownloads.php
Sophos protects against viruses and malware at least as well as if not better than Symantec.
Sophos also is expected to provide other features, such as mobile device management and some encryption capability and added security features related to virtual desktop initiatives on campus.
With the number and variety of computers on the campus network, efforts to complete the transition are expected to last into the summer
Protect yourself against tax-refund fraud
Posted: April 10, 2015 Filed under: General news, Security Leave a commentWith the April 15 deadline for filing federal and state income taxes fast approaching, now is an opportune time to consider strategies for avoiding tax-refund identity theft.
Identity theft has been a longstanding problem. By appropriating a victim’s Social Security Number and other personal information such as name, address and age, identity thieves are able to open credit accounts, make purchases, conduct financial transactions and commit other thefts and frauds.
More recently, identity thieves have been using victims’ personal information to commit tax-refund fraud. A data breach earlier this year involving fraudulent returns filed via the digital tax preparation service TurboTax brought this threat to light.
Since then, there have been numerous reports of fraudulent tax return incidents across the nation.
Tax-refund fraud is expected to soar this tax season and total $21 billion by 2016, from just $6.5 billion two years ago, according to the Internal Revenue Service. One reason: It takes just a victim’s name, birth date and Social Security Number to file a tax return.
According to the Identity Theft Council, a non-profit advocacy group, there are steps that individuals can take to lessen the risk of tax identity theft or deal with its consequences after it occurs.
DON’T GIVE OUT INFORMATION
Be wary of email links and attachments that seek your data. Realistic-looking emails can harbor malware that could steal your personal information—a practice known as phishing. The IRS reminds taxpayers that it never initiates contact by email, text messages or social media.
Another pre-emptive action to take is to sign up at http://www.irs.gov and create an online account in your name so that tax fraudsters cannot do the same. This could help prevent identity thieves from creating an account and obtaining a copy of your past returns – and all of your pertinent information — by filing IRS Form 4506.
BE PROACTIVE
Unfortunately, there is no way to find out if someone has already filed a tax return using your Social Security Number until you send in your own return and receive notification that one already has been submitted in your name. Filing early can beat thieves to the punch.
Meanwhile, be careful. Experts say to use strong passwords and change them frequently. Update computer applications, especially antivirus software, and make sure that wi-fi access is password-protected.
If you prepare your own taxes using a commercial product, make sure your personal information is accurate. What about filing a paper tax return? That may not help either. If thieves can get your Social Security Number and other information via another source, they can still file a false return.
IF YOU ARE A VICTIM, ACT QUICKLY
File a report with law enforcement.
File a complaint with the Federal Trade Commission at http://www.identitytheft.gov or the FTC Identity Theft Hotline at 1-877-438-4338.
Contact one of the three major credit bureaus to place a ‘fraud alert’ on your credit records:
Equifax, http://www.Equifax.com, 1-800-525-6285; Experian, http://www.Experian.com, 1-888-397-3742; TransUnion, http://www.TransUnion.com, 1-800-680-7289
Contact your financial institutions and close any accounts opened without your permission or tampered with.
Check your Social Security Administration earnings statement annually. You can create an account online at http://www.ssa.gov.
MORE INFORMATION FROM THE IRS
For additional information about tax-related identity theft, visit the IRS identity-protection page at http://www.irs.gov/Individuals/Identity-Protection. Or call the IRS’s identity theft hotline 800-908-4490.
How to keep yourself safe from the continuing threat of phishing
Posted: March 27, 2015 Filed under: Employees, General news, Security, Students | Tags: phishing Leave a commentIt’s always phishing season when it comes to email scams. Here are some timely tips from Information Technology Services’ Information Security unit to prevent becoming a phishing victim:
Phishing is the act of attempting to acquire information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.
Phishing has become a prevalent form of attack used to acquire sensitive and confidential information. If you believe you have received a phishing email or your account has been compromised, click the link below to learn how to report, combat and protect the university’s sensitive and confidential information from phishing attacks.
If you receive an email that you feel is a phishing attempt please forward the email to the following address: phishing@eiu.edu
When your account has been identified as compromised ITS will lock your account. Once locked you will not be able to access your email.
To resolve this you will need to call the Help Desk at 217-581-4357 to reset your password and unlock your account.
• Eastern will not use email to ask for account information, passwords or other sensitive information.
• When in doubt about suspicious emails, report and then delete it.
• Look for unfamiliar or misspelled words and company names.
• Never click on links, download files or attachments from unknown senders.
• On average, 33,000 phishing attack occur per month.
• A total of $687 million has been loss due to phishing.
• 45 percent of phishing attacks are successful in obtaining account information.
• Top attacks are successful through trusting fake emails from banks, service providers and professional network colleagues/business associates.
Creating strong passwords key to keeping accounts secure
Posted: February 12, 2015 Filed under: Employees, General news, Policies, Security, Students | Tags: passwords Leave a commentWhen creating a password for yourself, choose one that is easy for you to remember but would be hard for others to guess.
Password security, however, does not end with picking a strong password. In order to ensure full password security, you must also take steps to protect your password.
Do not share your password. You are responsible for all activities conducted on your account.
Do not write your password down. Written passwords are easily stolen.
Change your password on occasion. The longer you are using your password, the more likely it will be compromised.
Do not store your password in a program. When your e-mail client or Web browser stores your passwords, it becomes easy for a hacker or a computer virus to retrieve them without your knowledge.
Strong password rules at Eastern:
Your password must:
• have at least eight characters
• not be longer than 15 characters
• have upper and lower case characters
• not have more than 12 upper-case letters
• not have more than 12 lower-case letters
• have at least one punctuation mark. Valid punctuation marks are limited to !%*-?:
• have at least three letters
• begin with a letter
• have at least one digit
• have at least one digit not at the beginning and end
• not be your profile ID or name
• not contain your profile ID or name
• not be your profile ID or name with the letters rearranged
• not repeat an old password
• not have more than two pairs of repeating characters.
Dealing with Cryptowall virus: Back up computer, be careful where you click
Posted: November 14, 2014 Filed under: Employees, General news, Security, Students, Tech tips Leave a commentA variant of the notorious Cryptolocker computer virus has taken its toll on Windows servers around campus, and computer users at Eastern are being urged to exercise care when connecting to Internet sites and downloading data, in order to prevent infections.
The Cryptowall virus has infected three servers since summer, said Information Technology Services’ Assistant Director of Information Security Mike Gioia.
Cryptowall, like Cryptolocker, is a Trojan Horse that encrypts the files in a computer’s hard drive and makes them inaccessible and unusable unless a monetary ransom is paid to the perpetrators to unlock them. But while Cryptolocker could sometimes be partially circumvented, there are no IT tools available to undo the damage caused by Cryptowall, said Gioia.
Three Windows servers on campus were infected during July, September and October, though the infections were only discovered in the past month.
The virus can be encountered or spread by opening infected email attachments and navigating to bogus websites that have been set up by criminal groups and individuals trying to infect victims’ computers and extort money from them. It also can be spread though “malvertising,” in which legitimate online advertisements are turned into vectors of the virus and merely clicking on them can contaminate a victim’s computer.
“The most effective thing to do to protect yourself is to back up your computer files regularly,” Gioia said. “That way, if you are infected, you can just reformat (wipe clean) your computer and rescue all your files from your backup.”
Unfortunately, Cryptowall can sometimes infect the deepest portions of a computer’s operating system, and even obliterating every file will still not expunge it, and it may return to cause more problems. The infection also can spread from the host computer to any shared drive connected to it, such as network and thumb drives, as well as program such as Dropbox.
The most important preventative is to be wary of websites you visit and links you click.
“Make sure your computer is up to date with antivirus software and that the operating system is patched and up to date,” Gioia said. “Make sure you are visiting legitimate websites, are downloading legitimate software and be careful with email attachments you are opening.”
Regular password changes help protect employee security, university resources
Posted: November 7, 2014 Filed under: Employees, Policies, Security Leave a commentFaculty and staff at Eastern are required to change the password for their Eastern NetID twice a year. This is done to protect the online security of employees and university resources.
ITS sends emails to employees when the time comes close to the six-month mark since their last password reset. These emails are delivered again when the employee is 20 days, 10 days, five days and one day away from password expiration. If you reset your password anytime within those timeframes, the notifications will stop.
Passwords are critical to employees’ computer and account security, and you should take precautions to keep yours secure. When picking a password, you should be sure to choose one that is easy to remember but would be difficult for others to guess.
Eastern employees are required to use strong passwords for most technology services, including desktop access, email, EIU Online, Banner and PAWS. Password requirements are as follows:
Go to password.eiu.edu
Enter your NetID
When new page appears, authenticate either by using your existing password or by answering your predesignated security questions if you do not remember your password.
When new page appears, click “Change passwords.”
When new page appears, type in new password, then re-type it where indicated.
Click “Change passwords” button.
When changing your password, adhere to the following requirements:
The password must:
– have at least eight characters
– have no more than 15 characters
– have both upper and lower case characters
– have no more than 12 lowercase letters
– have no more than 12 uppercase letters
– have at least one non-alphanumeric character
– have at least three letters
– have a leading letter
– have at least one digit
– have at least one digit not at the beginning or end
– valid punctuation marks are limited to !%*-?:
– have no more than two pairs of repeating characters
– not repeat an old password
National Cyber Security Awareness Month good time to protect against online threats
Posted: October 16, 2014 Filed under: General news, Security Leave a commentOctober is National Cyber Security Awareness Month, and Information Technology Services is urging students and employees at the university to follow the guidelines set out during the observance.
“This is the 11th year (of NCSAM) to raise awareness that cybersecurity is a shared responsibility for everyone in the nation and the world,” said ITS Assistant Director for Information Security Mike Gioia. “It’s a shared responsibility because we’re all connected now. Ninety percent of the population uses the Internet daily.”
ITS’s Information Security Web page notes that NCSAM was created at an effort between government and industry to ensure that every American has the resources they need to say safer and more secure online.
NCSAM focuses on a different cybersecurity issue for each week in October:
• Week 1: Stop. Think. Connect.
Week 1 aims to raise online safety awareness among all Americans and reinforce stop, think, connect and the simple measures everyone should take to be safer and more secure online.
• Week 2: Secure development of IT products
Building security into information technology products is key to enhanced cybersecurity. Security is an essential element of software design, development, testing and maintenance. The software we use everyday on our phones, tablets and computers may have vulnerabilities that can compromise our personal information and privacy. This week will target these stakeholders and educate others about what to do and look for in products.
• Week 3: Critical infrastructure and the Internet of things
The Internet underlies nearly every facet of our daily lives and is the foundation for much of the critical infrastructure that keeps our nation running. The systems that support electricity, financial services, transportation and communications are increasingly interconnected. The Internet of Things—the ability of objects and devices to transfer data—is changing the way we use technology. Week 3 highlights the importance of protecting critical infrastructure and properly securing all devices that are connected to the Internet.
• Week 4: Cybersecurity for small and medium-sized businesses and entrepreneurs
Small and medium-sized businesses are an important part of our nation’s economy, but they often do not see themselves as a target for a cyber attack. Strong cybersecurity practices are vital within these organization. Entrepreneurs are recognizing the cybersecurity field as a burgeoning marketplace. This week will focus on what emerging and established businesses can do to protect their organization, customers and employees, as well as cybersecurity as a business opportunity using tools such as the DHS C3 Voluntary Program.
• Week 5: Cybercrime and jaw enforcement
This week will help draw awareness to cybercrime and educate law enforcement officers about how to assist their communities in combating cybercrime and educate the general public with ways to protect themselves from becoming victims of identity theft, fraud, phishing and other crimes.
Gioia said that taking proper safety precautions online is important “because hackers don’t care who you are, they just want access to your information, so you need to take steps to protect yourself.”
“Make sure your computer antivirus software is up to date,” he said. “Browse only to websites you know; don’t go to unknown sites. And practice safe social networking; don’t give up too much personal information online.”
Gioia said ITS’s Information Security group is constantly working to increase security measures at Eastern, searching for and implementing new security tools and working to increase cybersafety awareness.
“Compromised account are down, but that doesn’t mean we are going to stop informing and educating people,” he said.
The Information Security group Web page can be found at http://www.eiu.edu/its/security/index.php and the Stay Safe Online page can be accessed at http://staysafeonline.org/ncsam/landing-page/
ITS, private industry cooperate to improve IT security, cut costs
Posted: October 3, 2014 Filed under: General news, Projects, Security Leave a commentA cooperative initiative between Eastern and private industry may help improve IT security for both.
Information Technology Services’ Information Security unit, and Heartland Dental, an Effingham-based dental services company, are working together to share data about online security threats and other security issues that both entities confront on a regular basis.
“This is going to improve our security posture across the network,” said ITS Assistant Director for Information Security Mike Gioia. “Collaboration is key in this environment, and having knowledge of threats is always critical. Heartland may see threats we don’t and vice versa, so we can warn each other. That fact that they are a corporation and we are higher education means the threats will be different, so it’s good to have an expansive knowledge of what is going on.”
ITS Technical Associate for Security Administration Josh Awalt was employed in the security office of Heartland for several years before taking his current position at Eastern, and thus had a familiarity with the company and its assurance strategies. He reached out to Heartland and its network and security architect, Justin Henderson, about general security issues and learned that Heartland was installing an application called Security Onion, a set of Linux software components for intrusion detection, network security monitoring and log management.
Awalt and Gioia investigated Security Onion and decided the application might be useful to the university because it is effective and because, being open-source, it is available at no cost.
“With budget constraints, we were looking to replace an old intrusion detection system — that was no longer being supported by Cisco — as cost effectively as possible” Awalt said.
Because Security Onion is free of charge, being open source, the only major expense involved would be the server hardware on which to host it and interfacing it with the campus network.
Awalt spent two days at Heartland learning how to install, configure and administer the software, and saw it operating in a live environment. And later, Henderson visited Eastern to confer with Gioia and his security team – including Tim Lewis and Cathy Ashmore — about the product and its use.
“Collaboration is a general trend,” Gioia said. “We collaborate across the state with other universities on security through listservs and membership in organizations, and we collaborate with the federal government, as well. Having more inputs, more intelligence on what’s going on helps everyone.”
“Cross-pollination between Eastern and Heartland is only going to make both of us stronger,” said Heartland’s Henderson.
Gioia said the initiative is in its early stages.
“We have to figure out what it takes for supporting hardware and the associated network costs, but it’s tremendously cheaper than going out and buying products,” he said.
Tablets, laptops require extra physical security considerations
Posted: December 20, 2013 Filed under: Employees, General news, Security, Students | Tags: laptops, security, tablets Leave a commentThere are enough threats to contend with when you are working on a computer workstation on a hard-wired network. When you work wirelessly, with a tablet or laptop, there are even more problems to deal with.
Chief among them is physical theft. Because a tablet or laptop is completely portable, it can easily be lost or stolen. Remember, if you can carry away your tablet or laptop, someone else can, too.
Never let your tablet or laptop go unattended. If you have to leave your office, lock your door or put your tablet or laptop in a desk. Never leave a tablet or laptop in a car. You should be especially careful not to load sensitive files on a portable device, particularly those containing personal information concerning identity such as names, Social Security numbers, phone numbers, ages or addresses, or proprietary fiscal information.
You do, however, want to record the serial number and any other identifying data for your device to identify it in case it turns up later, should it be stolen. And it’s not a bad idea to put your contact information on it so that if someone does later recover it, they can contact you.
If you are a student, take care never to leave your tablet or laptop unattended while studying in the library or while waiting outside a classroom.
An open-source application for tracking laptops and tablets is the free Prey program, which is available for Windows, Mac OS, iOS, Linux and Android devices. After you download the app to your computer, it stays hidden in the background. The program uses your tablet’s or laptop’s GPS capability or the nearest Wi-Fi hotspots to find its location.
For Macs and iPads, if you have already configured the iCloud Find My iPhone service you can use it to locate your missing device, display a message on its screen, make it play a sound at full volume (even if on mute), remotely lock it, or remotely wipe (erase) it to protect your privacy.
A question of security: Password management
Posted: December 5, 2013 Filed under: Employees, General news, Security, Students | Tags: passwords, security Leave a commentWhat was the name of your favorite childhood pet?
If you say XD90WP37, your answer is a good one.
While XD90WP37 makes no sense as a name for a real dog or cat, it makes a great answer to a common security question used for managing the password on your Eastern email, PAWS, Banner or other online university account – because it makes no sense.
Faculty, staff and students at Eastern can change their password by logging in to https://password.eiu.edu There they can access their account either by entering their password or answering security questions that they have pre- chosen for themselves.
Most people write easy-to-answer security questions, such as “What is my favorite color?” or “What was the street on which I grew up?” or… “What was the name of my favorite childhood pet?”
If your answer is a common one, or a logical one, such as “blue” or “Maple” or “Spot,” it could easily be solved by a potential hacker trying to gain access to your account and steal your personal information, plant a computer virus or do other harm.
That’s why it’s important to create question/answer sets that aren’t obvious.
“They need to make some very obscure security questions,” said Information Technology Services’ Assistant Director of Information Security, Mike Gioia. “It’s hard because you want it to be easy enough to remember but difficult for others to guess. It has to be very random.”
People have tendencies to create security questions based on their personal lives, said Gioia – the names of family, pets, colors, locations, etc. These can be guessed by hackers using sophisticated algorithmic code-cracking software. Or, they also can be solved by a much simpler method: snooping through a potential victim’s posts on Facebook and other online sites.
“We as a society broadcast our personal information in social media, so hackers know it’s out there. Using that kind of information for security questions is not a safe way to do things,” Gioia said. “It’s only a Google search away.
Instead of using obvious question/answer sets, account holders would be safer by mixing things up:
“What food do I dislike the most?” “Purple.”
“What was my maternal grandmother’s first name?” “Spinach.”
Better yet, use some alpha-numeric combination for your answer:
“Which is my favorite football team?” “m2p4d8x3.”
A recent account hacking attempt at Eastern underscored the need for security question vigilance.
A student contacted ITS Campus Technology Support to say that he could no longer access his account. A check by a Help Desk technician of the student’s password management log-ins revealed that the account’s password had been changed the previous day. The student, however, did not make the change. A further review by ITS’s Information Security office of the account logs showed that the change was made via a computer with a non-Eastern IP address that traced to a location in Maryland. Further investigation of the IP address linked it to other stealthy attempts to gain access to Eastern accounts by changing passwords — and by guessing the simplistic answers to security questions to do so.
“You’re dealing with con artists,” Gioia warned. “Using obvious security questions is like giving people the key to your house.”
eiuits 