Eastern Illinois University–External Cybersecurity Training
University computing facilities, equipment, and services are provided for the instructional, research, and administrative computing and information technology needs of the university. University technology resources include, but are not limited to, network and internet access, file storage, computers, email systems, and telephone systems.
Acceptable Use
Users of University technology resources are expected to utilize good judgment and reasonable care to protect the confidentiality, availability, and integrity of all networks, computers, equipment, data, and software owned, leased, or made available by the University.
Authentication, Access, Password(s), and MFA
Access to university information and/or information resources must be done using identifiers and authenticators (passwords) that are unique to each individual and/or group. Passwords used by users must meet minimum complexity requirements, be distributed to users in a secure manner and be known only to the intended user. All access granted will be revoked immediately upon separation, end of contractual term from the university, and/or in the event of revocation of an individual’s need to access such information.
- All authenticators (Passwords) used to grant access to information resources must meet the following complexity requirements found here:
Password security Tips:
- Never use personal information such as your name, birthday, username, or email address.
- Use a longer password. Your password should be at least eight characters long.
- Don't use the same password for each account.
- Include a mix of numbers, symbols, and both uppercase and lowercase letters.
- Avoid using words that can be found in the dictionary. For example, Panther1! would be a weak password.
- Random passwords are the strongest.
Duo - Multi-Factor Authentication (MFA)
The addition of multifactor authentication adds a layer of security which helps deter the use of compromised credentials, or the unauthorized use of another’s log-in information. “Multifactor Authentication (MFA)” is a method of computer access control in which a user is granted access only after successfully presenting multiple separate pieces of evidence to an authentication mechanism – typically at least two of the following categories: knowledge (something they know), possession (something they have), and inherence (something they are). EIU utilizes the Duo Security software application for MFA.
Bring Your Own Device
Bring your own device (BYOD) is the act of using a personal computing device (computer, tablet, phone, etc.) for work- or business-related activities. Eastern Illinois University (EIU) does not require employees to use self-purchased devices for business operations. Employees who wish to use personal devices must abide by the policy outlined below. EIU is not responsible for the purchase or costs associated with the use of personally owned devices. In response to an increase in personally owned devices being used in the work environment, EIU has established an official Bring Your Own Device (BYOD) policy.
Email, Collaboration, and Communications Policy
Email, collaboration, and communications policy serves as a set of rules and guidelines governing the way employees use email, collaboration, and communication channels to provide the best experience possible. This policy is in place to mitigate risks to EIU and individuals within the university, to assist the university in understanding our legal requirements, to aid in preventing the spread of confidential information, and to promote a professional and productive work environment.
EIU Network Use Policy
All computers and devices attached to EIU’s network must have appropriate software running to ensure a secure environment for all users. Information Technology Services may provide monitoring software to ensure compliance with this policy. The software will assist users in maintaining their computers and devices in the manner prescribed by ITS.
Software needed to ensure a secure environment includes:
- ITS approved malware protection software.
- Vendor-supported operating system with current security update and patches.
- Monitoring software to ensure that copyrighted files are not freely shared over the internet.
- Other software as periodically deemed appropriate by ITS to ensure a safe and secure Internet and Intranet for all network users.
Phishing
Phishing scams represent a serious threat. "Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication."
Phishing is an attempt to trick you into doing something you don't want to do. Phishing emails try to coerce you into giving away your most valuable information — bank account numbers, credit card numbers, passwords, social security number, even your mother's maiden name. The people behind phishing scams want all your personal info, and they're willing to go to great lengths to trick you into handing over your identity.
If you receive an email asking for your password or other personal information DO NOT RESPOND and instead forward the email to phishing@eiu.edu or call the Help Desk at 581-HELP (4357).
Remember: ITS will never ask you for your password via email.
Learn more about phishing:
SELF-HELP
Welcome to EIU, and thanks for helping to make the university’s systems and data safe! For more helpful information and SELF-HELP links, visit:
Campus Technology Support – ITS Help Desk
Student Services Building - 3040
Phone: (217) 581-4357
Email: support@eiu.edu
EIU - Information Security
infosec@eiu.edu
Last Updated: 5/23/2023