IT-Governance: February 2017
Access Control Standard Recommendation
ITS has recommended the implementing the use of multi-factor authentication for administrative users. This will be used as an extra security measure for those who have access to critical systems and sensitive data. After much discussion, the Executive Committee ruled in favor of the recommendation and approved of it unanimously.
Campus wide Phishing exercise and training
The Executive Committee discussed the advantages and disadvantages of initiating the campus wide training exercise in the awareness of online phishing attacks. After much discussion the program was accepted. However, further progress will continue after the pending review and approval from the Institutional Review Board (IRB). Provided by The Chancellor’s Office, the phishing program PhishMe will be utilized to further educate students and faculty on the rise in phishing attacks. This initiative has been brought in response to the increased sophistication of phishing attacks and the high susceptibility of users falling victim to these links.
Standardization of Student Email Addresses
The current student email format was under discussion in how it remains non user-friendly and how faculty members are often not able to tell which student a specific email belongs to. It has been recommended to standardize the student email addresses after July 1st to the new format of email@example.com. The “0000” will consist of the last 4 of the student’s CoyoteID. The consensus was approved by the Executive Committee yet the format was changed to firstname.lastname@example.org.