Message From the CIO

As the semester comes to a close, I thought this would be a good time to share some student, faculty, and staff perspectives about technology at Eastern. Earlier this semester, faculty, staff, and students participated in a campus-wide survey of library and Information Technology Services. The survey was conducted independently by Bryn Mawr College, who has been conducting library and technology survey assessments for hundreds of colleges and universities. Response rates for faculty, staff, and students were 145, 131, and 214 respectively. I thought members of the community would be interested in seeing several of the noteworthy results from the survey.  Continue reading

Message from the CIO

This fall Eastern has been the target of an inordinate number of phishing exploits. These attacks are becoming more and more sophisticated both in terms of appearing to be legitimate email messages and becoming more difficult to block them. The most recent spate of attempts do not come from the same email address (some even come from a compromised Eastern email address). Additionally, the content of the messages varied, making it difficult to automatically block them.

While ITS employs a wide range of virus, spam and phishing protections, more and more of these messages will get through. In addition to urging caution and vigilance when responding to email messages, I wish to reiterate two basic guidelines that should ensure no one becomes a victim.

First, as always, never provide your Eastern password to anyone no matter the circumstances or the perceived identity of the requestor. This can take the form of an email from what appears to be a trusted source that links to a webpage that, while fake, appears to look like an Eastern page. One recent example of this type of phishing attempt appeared to have come from an Eastern account that included a link to a fake web page asking for your Eastern password in order that a file could be shared with you. Examine such requests very closely and call the ITS Help Desk or contact ITS Security if you have any doubts.

Second, never send anything of monetary value such as credit card numbers, gift card numbers, or bank account numbers. Legitimate email messages will never ask for such information. If you believe the request is somehow legitimate, telephone the individual supposedly making the request before responding.

In order to further protect Eastern accounts and information, ITS will be implementing multi-factor authentication (MFA) this Spring. ITS will provide details on the exact launch date in later communications. Many of you already are familiar with multi-factor authentication as it is now commonly used by banks and credit card companies. It involves registering a second method of authentication to receive a verification code whenever you log into your account.

So, in addition to providing your Eastern password, you will be prompted to enter a six digit verification code sent to the secondary authentication method you setup. Only by entering both factors, will you be able to successfully log in. This authentication enhancement provides two levels of security. First, if your password is compromised, the person will not be able to log into your account because they will not have the second factor (the verification code) which is only sent to your secondary destination. Second, if you get a verification code number sent to you and you hadn’t entered your password, you will know immediately that someone has compromised your password. In that event, change your password immediately and then contact ITSecurity@easternct.edu.

Safe computing!