Josh Awalt has been named Eastern Illinois University’s interim assistant director of information security, officially effective May 1.
Awalt replaces former Assistant Director of Information Security Mike Gioia, who resigned earlier this year to head up the new information security department at Rose-Hulman Institute in Terre Haute, Ind.
Awalt has been a member of Information Technology Services’ information security team since December 2012. The Charleston native holds a bachelor’s degree in information technology from Western Governor’s University and a master’s in information security from the same institution.
“I’m really excited about the opportunity I have been given to fill the position and am looking forward to working with the rest of campus and helping Eastern,” Awalt said.
In his more than three years at Eastern as a security administrator, Awalt has focused on identity and access management issues. He also has taken on special projects related to regulatory risk assessment across campus, dealing with issues such as HIPAA (the federal Health Insurance Portability and Accountability Act) and FERPA (the Family Educational Rights and Privacy Act).
Taking on the job of interim assistant director of information security is a natural career progression for Awalt. Before coming to Eastern, he was security administrator at Heartland Dental in Effingham for two years, where he received specialized training in information security and acquired several infosec proficiency certificates.
“I always tried to specialize in the field of information security, and when the position at Eastern first arose, I saw it as a chance to gain valuable work experience,” he said. “It’s a really great opportunity. I practically grew up at Eastern (his mother, Julia Awalt, has been an employee in Housing and Dining Services for many years) so there are a lot of familiar faces. It’s been a busy transition, but it’s been easier because I know a lot of people on campus and will be able to work well with them.”
Awalt said his No. 1 priority will be to protect sensitive information at the university. To achieve that goal, he will work to implement an information security framework to examine various needs, look at different aspects of those needs and develop solutions.
“There are a lot of unique things about Eastern, so a framework will be a good way to identify security concerns but give us the flexibility to determine what works best for us,” he said.
The greatest security threat on campus, he said, is phishing — attempts to obtain financial or other confidential information from Internet users, usually by sending an email that looks as if it is from a legitimate source.
“Everyone is affected by phishing,” he said. “Faculty, staff and students. And it happens every day.”
Awalt said his unit continues to educate email users at Eastern about the dangers of phishing, and he credits them for regularly reporting phishing attempts.
“We’ve had really good feedback from end users,” he said. “They understand and report threats, and we turn around and remove them. They are our first-responders.”
Eastern Assistant Vice President of Information Technology Kathy Reed said Awalt possesses all the skills needed to successfully fill the assistant director post.
“Josh brings several information security-related certifications and course work to the position as well as his experience both at EIU and with previous employment. For occasions when you would have contacted Mike Gioia in the past, please work with Josh,” she said.
Still a resident of Charleston, Awalt is married, and he and his wife, Katie, are expecting their first child in September. He enjoys golf and outdoor activities such as hiking.
Microsoft has rebranded its Lync collaboration and communication platform by folding it into and combining it with its Skype for Business application.
Along with the name change, the instant messaging and video conferencing tool has received a refreshed look and some new features. This update was released as a Windows Office Update as part of the April monthly update for Office 2013.
The Skype for Business application is available for use by users at Eastern through Information Technology Services and Microsoft Office 356 email/communication client.
“Here at Eastern, if you were using Lync before, it will update automatically to Skype,” said ITS Associate Director of User Services Dave Emmerich. “The interface has a slightly different look, and there are some minor changes.”
Detailed information about signing into a Skype for Business conference through your Outlook calendar is available on the ITS website at http://www.eiu.edu/its/helpdesk/kb/012/kb0120005.php
Skype for Business is a web and video conferencing platform that enables high-definition video conferencing, screen sharing and instant messaging. Skype for Business is available on Windows, Mac, iOS, Android and PantherMail Web. Logging into your Office 365 account through the Outlook Web app automatically signs you into Skype for Business.
Some good uses for Skype for Business can include:
- Student group project chatting
- Instructor virtual office hours
- Inter-office communication
(more secure than third party instant message services)
Skype for Business Web offers:
- HD video, which brings life and expression to Skype for Business, letting people “see what you mean” in new ways.
- Voice over IP (VoIP) so you can connect to your meeting from anywhere without getting hit with call origination fees.
- Instant messaging, which ensures that you can communicate silently when necessary, such as when you’re in a coffee shop or on a train.
- Desktop, application, and PowerPoint sharing so your content can be seen by other meeting participants, enabling you to continue collaborating without missing a beat.
- Screen sharing.
According to Microsoft, Skype for Business is based on the familiar Skype experience that more than 300 million people use every month to connect with other users. It is built right into Office, so features such as presence, IM, voice and video calls, and online meetings are an integrated part of the Office experience.
Skype for Business is a communications and collaboration platform that brings together an experience inspired by Skype with enterprise-grade security, compliance and control. It is built right in to Microsoft Office, so initiating chats, calls and meetings is an integrated experience within Office. All customers are expected to be transitioned by the end of May.
With the April 15 deadline for filing federal and state income taxes fast approaching, now is an opportune time to consider strategies for avoiding tax-refund identity theft.
Identity theft has been a longstanding problem. By appropriating a victim’s Social Security Number and other personal information such as name, address and age, identity thieves are able to open credit accounts, make purchases, conduct financial transactions and commit other thefts and frauds.
More recently, identity thieves have been using victims’ personal information to commit tax-refund fraud. A data breach earlier this year involving fraudulent returns filed via the digital tax preparation service TurboTax brought this threat to light.
Since then, there have been numerous reports of fraudulent tax return incidents across the nation.
Tax-refund fraud is expected to soar this tax season and total $21 billion by 2016, from just $6.5 billion two years ago, according to the Internal Revenue Service. One reason: It takes just a victim’s name, birth date and Social Security Number to file a tax return.
According to the Identity Theft Council, a non-profit advocacy group, there are steps that individuals can take to lessen the risk of tax identity theft or deal with its consequences after it occurs.
DON’T GIVE OUT INFORMATION
Be wary of email links and attachments that seek your data. Realistic-looking emails can harbor malware that could steal your personal information—a practice known as phishing. The IRS reminds taxpayers that it never initiates contact by email, text messages or social media.
Another pre-emptive action to take is to sign up at http://www.irs.gov and create an online account in your name so that tax fraudsters cannot do the same. This could help prevent identity thieves from creating an account and obtaining a copy of your past returns – and all of your pertinent information — by filing IRS Form 4506.
Unfortunately, there is no way to find out if someone has already filed a tax return using your Social Security Number until you send in your own return and receive notification that one already has been submitted in your name. Filing early can beat thieves to the punch.
Meanwhile, be careful. Experts say to use strong passwords and change them frequently. Update computer applications, especially antivirus software, and make sure that wi-fi access is password-protected.
If you prepare your own taxes using a commercial product, make sure your personal information is accurate. What about filing a paper tax return? That may not help either. If thieves can get your Social Security Number and other information via another source, they can still file a false return.
IF YOU ARE A VICTIM, ACT QUICKLY
File a report with law enforcement.
File a complaint with the Federal Trade Commission at http://www.identitytheft.gov or the FTC Identity Theft Hotline at 1-877-438-4338.
Contact one of the three major credit bureaus to place a ‘fraud alert’ on your credit records:
Equifax, http://www.Equifax.com, 1-800-525-6285; Experian, http://www.Experian.com, 1-888-397-3742; TransUnion, http://www.TransUnion.com, 1-800-680-7289
Contact your financial institutions and close any accounts opened without your permission or tampered with.
Check your Social Security Administration earnings statement annually. You can create an account online at http://www.ssa.gov.
MORE INFORMATION FROM THE IRS
For additional information about tax-related identity theft, visit the IRS identity-protection page at http://www.irs.gov/Individuals/Identity-Protection. Or call the IRS’s identity theft hotline 800-908-4490.
A new Information Technology Services website page is now available for requests to create group accounts.
Group accounts include email, Web page, log-in or other services for departments, courses, events, student organizations and similar university entities, as opposed to individual accounts for faculty, staff and students.
To request group account, go to https://panthershare.eiu.edu/sites/itsres/SitePages/Account%20Create%20Request.aspx
The new site streamlines, speeds up and automates the account request process.
Among the information requested on the form is sponsor NetID or email, sponsor office or department, sponsor phone number and co-sponsor NetID or email, as well as requested account name, organization or group name, department phone number and expiration date. The form also asks the submitter for the purpose of the account, as well as the functionality request for the account: Web, shared email mailbox, service account, generic computer logon or other account functionality.
Another new aspect of the account-create request page is that it will show whether an account with the same name has already been created in the past and already exists.
The form also automatically forwards the request to the ITS Information Security group for approval.
The new request page replaces a precious format that had been outdated by new technology.
It’s always phishing season when it comes to email scams. Here are some timely tips from Information Technology Services’ Information Security unit to prevent becoming a phishing victim:
Phishing is the act of attempting to acquire information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.
Phishing has become a prevalent form of attack used to acquire sensitive and confidential information. If you believe you have received a phishing email or your account has been compromised, click the link below to learn how to report, combat and protect the university’s sensitive and confidential information from phishing attacks.
If you receive an email that you feel is a phishing attempt please forward the email to the following address: firstname.lastname@example.org
When your account has been identified as compromised ITS will lock your account. Once locked you will not be able to access your email.
To resolve this you will need to call the Help Desk at 217-581-4357 to reset your password and unlock your account.
• Eastern will not use email to ask for account information, passwords or other sensitive information.
• When in doubt about suspicious emails, report and then delete it.
• Look for unfamiliar or misspelled words and company names.
• Never click on links, download files or attachments from unknown senders.
• On average, 33,000 phishing attack occur per month.
• A total of $687 million has been loss due to phishing.
• 45 percent of phishing attacks are successful in obtaining account information.
• Top attacks are successful through trusting fake emails from banks, service providers and professional network colleagues/business associates.
Streaming video is the most popular content passing over the residence hall portion of Eastern’s campus Internet, taking up about half the 900 megabit per second bandwidth of that portion of the network dedicated to student usage.
Netflix is the largest single source of streaming video content on the network. That is followed by Youtube video content in second place, and general Internet destinations such as Facebook and other websites in third, according to statistics from Information Technology Services’ Network Systems unit.
“Almost half of what students use (of network bandwidth) is streaming video,” said ITS Network Engineer Randy Ethridge. “It’s always been about 50 percent. It’s not more users but the fact that what they are streaming is high resolution video, so it uses more bandwidth.”
Video games also show up as network content, but are not a large user of bandwidth.
“We are consuming all the bandwidth we have from 8 p.m. to 2 a.m.,” said ITS Network Engineer Steven Steele.
Eastern’s campus network is divided up into a resident hall side for students and an administrative side for employees.
While streaming video is the biggest content draw on network bandwidth at Eastern day in and day out, a snapshot of usage for the weeks of Oct. 10-16, 2014, and March 2-8, 2015, showed that on the university’s wireless network, Apple mobile devices are the most prevalent hardware.
Average numbers of devices were: 6,130 Apple mobile, 5,774 PCs, 2,855 Android mobile, 2,602 Macintoshes, 695 iPads, a combined 476 Microsoft and Sony gaming devices and 168 Windows mobile. Smart phones outnumbered laptops 9,153 to 8,376.
“There were more mobile devices and fewer PCs for those two timeframes,” said ITS Network Engineer Mark Barrow.