Tips for staying safe online offered as part of National Cyber Security Awareness Month

As part of National Cyber Security Awareness Month, Information Technology Services offers advice on how to stay safe on the Internet and be an aware, educated digital citizen.

Seven simple tips:

  1. Use strong passwords. Change any default passwords on your mobile device to ones that would be difficult for someone to guess. Use different passwords for different programs and devices. Do not choose options that allow your device to remember your passwords.
  2. Keep software up to date. Install updates for apps and your device’s operating system as soon as they are available. Keeping the software on your mobile device up to date will prevent attackers from being able to take advantage of known vulnerabilities.
  3. Disable remote connectivity. Some mobile devices are equipped with wireless technologies, such as Bluetooth, that can connect to other devices. Disable these features when they are not in use.
  4. Be careful what you post and when. Wait to post pictures from trips and events so that people do not know where to find you. Posting where you are also reminds others that your house is empty.
  5. Guard your mobile device. In order to prevent theft and unauthorized access, never leave your mobile device unattended in a public place and lock your device when it is not in use.
  6. Know your apps. Be sure to review and understand the details of an app before downloading and installing it. Be aware that apps may request access to your location and personal information. Delete any apps that you do not use regularly to increase your security.
  7. Know the available resources. Use the Federal Communications Commission’s Smartphone Security Checker at

Online security begins with strong passwords

Online security begins with strong passwords.

As part of National Cyber Security Awareness Month, Information Technology Services offers advice on how to stay safe on the Internet and be an aware, educated digital citizen.

Start with strong passwords (containing upper- and lower-case alphabetic characters, numbers as well as special characters) for all accounts, sign-ons, emails and financial accounts.

Rather than using passwords that contain only recognizable words and characters, such as “password123,” employ passphrases to help you generate and remember your strong password. For example, the passphrase “My son’s birthday is 12 December, 2004. Using that phrase as your guide, you might use Msbi12/Dec,4 for your password.

Make sure you have adequate antivirus and antimalware software installed on your computer. Free versions are available online.

Be wary of potential phishing attacks, in which perpetrators seek to acquire your personal identity information. Any email that asks you to log in to some outside system is the beginning of a phishing attack. Legitimate business will never ask users to log in to a link in an email.

“Ransom” viruses such as Cryptolocker – in which perpetrators take over a user’s computer and demand payment to release it – are still prevalent. Other viruses may attempt to steal your credit card or debit card information.

Exercise care when using social media, too. Sites such as Facebook can be fun and valuable tools for keeping in touch with friends, but they also can be used by cyberstalkers. To protect yourself, don’t post times and place where you will or won’t be. Don’t automatically approve “friend” requests for people you don’t know. Don’t list too much personal information about yourself, either. Take precautions when posting photos of yourself, too, and be careful when posting photos of children, too.

October is Cyber Security Awareness Month

We live in a world that is more connected than ever before. The Internet touches almost all aspects of everyone’s daily life, whether we realize it or not. We connect with friends and family, conduct business and banking online and rely on many services, like transportation and electricity, that are supported with online systems.

Technology has spearheaded advancements in healthcare, education, business, music, government and many other industries. As technology advances, our lives become easier and more connected. However, being constantly connected brings increased risk of theft, fraud, and abuse. No country, industry, community, or individual is immune to cyber risks. As a nation, we face constant cyber threats against our critical infrastructure and economy. As individuals, cybersecurity risks can threaten our finances, identity, and privacy. Since our way of life depends on critical infrastructure and the digital technology that operates it, cybersecurity is one of our country’s most important national security priorities, and we each have a role to play—cybersecurity is a shared responsibility.

Recognizing the importance of cybersecurity to our nation, October has been designated as National Cyber Security Awareness Month. National Cyber Security Awareness Month is designed to engage and educate public and private sector partners through events and initiatives with the goal of raising awareness about cybersecurity and increasing the resiliency of the nation in the event of a cyber incident. National Cyber Security Awareness Month takes place each October and is sponsored by the Department of Homeland Security in cooperation with the National Cyber Security Alliance and the Multi-State Information Sharing and Analysis Center.

SafeConnect helps secure online computing environment

Information Technology Services has provided wireless access points throughout Eastern’s campus. The wireless network allows notebook computers and handheld devices to connect to the campus network using wireless/radio frequency technology. SafeConnect provides a more secure computing environment when you connect to the network.

To access the campus network, you will be required to keep your computer’s operating system up-to-date. SafeConnect will check your computer to make sure it is running an approved and properly updated anti-virus program. Computers that do not meet these requirements will be placed on a “quarantined” segment of the network where users will be provided with instructions and tools to update their system to the minimum required configuration.

All computers must have SafeConnect installed in order to be granted full access to network services.

To install SafeConnect:

  1. Verify that your computer has installed an operational network interface card.
  2. Connect one end of your Ethernet cable into the network interface card and the other end directly into the orange data jack on the wall.
  3. Turn on your computer and open up a Web browser. You will see the “Welcome to the Campus Network” login screen.
  4. Enter your NetID and password (the same one you use for e-mail access).
  5. When you see the screen, select “Click Here To Read the Full Policy.”
  6. After you read the policy and indicate that you understand it, close out that window and click “Yes, I Will Install the Policy Key,” and accept the terms and conditions for Internet use.

If you select “I Do Not Accept,” you will see a popup window acknowledging your decision telling you that you have been declined access to the network.

  1. SafeConnect will do an initial policy check to verify your software, patches and antivirus compliance. This check should take less than 30 seconds.
  2. If your computer does not pass the validation rules, you will be redirected to pages that will help bring your machine into compliance.
  3. Once you have complied with all of the validation rules, you will be successfully connected to the network.
  4. If you still cannot access the wireless network, call the ITS Help Desk at 581-HELP or bring your computer to one of the campus computer labs.

Students to be asked to change passwords at least annually to improve account security

Eastern Illinois University students will be required to change their email passwords at least once per year under a new policy being developed by Information Technology Services.

The new guidelines – from the current status of no required password change and no automatic password expiration for student email accounts – is being undertaken to improve the security of student accounts and simplify the process of recovering lost or forgotten email passwords.

ITS data show that some individual students in the past have gone years without changing their passwords.

ITS will not be imposing a specific date for student password changes to be made but will take a slower approach, prompting students with reminder emails and a splash page upon log-in to PAWS to educate students about the requirement and the benefits of regularly changing passwords. The new policy will be phased in this winter.

As part of the promotion, students also will be encouraged to set up a series of security questions on their accounts to give them access to recover their password should they forget it, as well as alternate email contact information to help ITS personnel communicate with them in the event of lost password-change access.

How to change your password:

If you know your current password and wish to update it, visit and sign in with your EIU NetID and current password.

  • On the Change Password tab, leave All Accounts selected and enter your old password and create a new password, entering it twice to confirm that it is correct.
  • Click the OK button to submit your password change and review the confirmation page to ensure your password change went through.

The change will bring the student password-change requirement in line with that for faculty and staff, who are required to change their passwords intermittently for the sake of account security.

More information about changing passwords can be found at

How to create a secure password for use at Eastern

Creating a secure password for use with applications on Eastern’s network involves just a few simple rules:

Choose a password that is easy for you to remember but would be hard for others to guess.

Do not share your password. You are responsible for all activities conducted on your account. Be aware of phishing attempts and never send your user name and password over email to anyone.

Do not write your password down. Written passwords are easily stolen.

Change your password regularly at The longer you use your password, the more likely it is that someone will be able to figure it out.

Do not store your password in a program. When your email client or Web browser stores your passwords, it is very easy for malware or an unauthorized person to retrieve them without your knowledge.

Rules for strong passwords at Eastern:

  • Not be a previous password
  • Start with a letter
  • Have between 8 and 15 characters
  • Have both upper- and lower-case characters
  • Have at least 1 number
  • Have at least 1 non-alphanumeric character, limited to:
    • Minus sign –
    • Underscore _
    • Colon :
    • Single quotation mark ‘
    • Asterisk *
    • Exclamation point !
    • Dollar sign $
    • At sign @
    • Period .
    • Comma ,
    • Forward slash /
    • Back slash \

Keep safe online, students, as new semester gets underway

As fall semester gets underway at Eastern, students returning to campus should make sure their technology is as up to date as the new academic year.

That means ensuring that their computers have the latest patches installed, their software and operating systems are current, their work is backed up, their passwords have been changed and that they have reacquainted themselves with the technologies they will be using as they return to classes.

Here are some timely tips to students as the new semester gets started:

  • Even though it’s not required of them, students should change the password to their PantherMail account and other accounts that provide online access, in order to protect themselves. Over the long summer break, they may have even forgotten their password and so will need to create a new one. Information Technology Services’ password reset application, available at enables them to do so easily. This advice applies not just to returning students but especially to incoming freshmen and transfers, as well.
  • Students should make sure that they have approved antivirus software running on their computers. Without it, they will not be able to function on Eastern’s campus network. They’ll also need to have SafeConnect downloaded and operating on their computer in order to connect to the campus network. Simply accessing the network will prompt the installation of SafeConnect.
  • Up-to-date operating system patches should be installed on every computer.
  • Students should make sure they are familiar with the use of D2L, Eastern’s integrated learning management system.
  • Coursework, all work from the previous semester and personal data should be backed up in case of computer or hard drive loss or failure. Office 365, available as part of each student’s PantherMail account, provides a cloud-based backup service called OneDrive, which is available free to all students and which provides unlimited storage capacity. OneDrive can be accessed by clicking the OneDrive tab in the upper right corner of the Office 365 screen.
  • Students should avoid unknown websites and refrain from opening email attachments from unfamiliar senders in order to lessen the threat of infections. And the threat of viruses is another reason to make sure that data is backed up.
  • Hackers also may target banking or financial accounts. If students receive emails seeking information about such accounts, they should exercise caution. And if such emails purport to be from Eastern, they should contact Financial Aid or the Business Office to verify them. If you receive an email that you feel is a phishing attempt, please forward the email to the following address: