College IT staff to campus: be proactive against cyber threats

Since September 2012, the College’s Information Technology security staff has been working on a plan to protect the campus from the ultimate invisible threat — computer hackers.

To combat the viruses, the email phishing and the fraudulent credit and debit charges, the IT security committee, along with the student representatives of the IT planning council, have been working to create a strategy to protect the College’s cyberspace.

The plan that they have come up with is for all students, faculty and staff to change passwords every 90 days.

Switching up passwords should reduce the likelihood of being hacked, and accounts that are compromised will become unusable by computer hackers, further protecting the campus from cyber attacks.

“Most people think ‘this won’t happen to me’ and you might be right,” said manager of IT security Alan Bowen.

But Bowen said that computer security cannot be left up to chance, which is why there must be extra levels of protection.

“The sophistication of social engineering attacks is increasing and you are still at risk if other members of your social circles fall victim to one of these scams,” Bowen said. With the myriad online accounts today, enhancing security is a given — even if it might be inconvenient.

“We know that changing passwords can be painful, so most people don’t do it often enough. Some people never change their passwords and use the same password everywhere,” Bowen said, warning about the risks of “weak passwords.”

“The good news is that you have a lot of control over this by choosing a strong password and changing it often,” he said.

According to the IT security website, a strong password will be complex, containing numbers and both lowercase and uppercase letters, as well as long — between nine and 32 characters.

College students and faculty will be warned 30 days before their passwords expire and then several more times to ensure that no one misses out on password changing.

The importance of IT security cannot be understated: much of what college students do today for school and work exists on the Internet.

Whether it is emails, PAWS, SOCS or YESS accounts, Amazon codes or otherwise, the campus is at risk without a targeted plan for protection.

Bowen’s background at the College lends him empathy in the process.

“As a former TCNJ student and adjunct faculty member, my biggest concern is protecting sensitive information and individuals’ privacy in an environment that engenders openness.”

During the planning process in 2012, two audits of the College’s IT systems were conducted by Pricewaterhouse Coopers. According to Bowen, one surveyed the campuses administrative security controls and one was a “general controls audit” of the “student, financial, and HR systems.”