Monthly Archives: September 2015

Intersections of Christianity, Islam and Judaism: October 7 One Book #OneLCC Event


Listen and Learn

Intersections of Christianity, Islam & Judaism
October 7 | 1 – 2 p.m. | 3rd floor, Library

Listen and learn from a variety of clergy at this inter-faith panel. Get answers to questions about the major commonalities and differences between Christianity, Islam, and Judaism and ask your own questions.

Who Should Attend
This lecture is suitable for anyone interested in knowing more about these religions. Instructors who would like to bring an entire class to this event should contact Susan Murphy at

About One Book #OneLCC
One Book #OneLCC is a shared community reading experience that encourages students, faculty, and staff to engage in special events, discussions, and college-wide conversations surrounding a thought provoking common read.

Get your employee Appreciation Reward Card stamped at One Book #OneLCC events

You’re Invited: LCC Chapter of MI-ACE – Survey

The LCC Chapter of the American Council on Education Michigan Women’s Network (MI-ACE), is embarking on an exciting venture of exploration to find out what the women of LCC need and want in terms of mentorship and professional development.

Please take a moment to reflect on what you are seeking in your professional life, and then complete this short survey by Friday, October 9.

Please watch for forthcoming details about mentorship and professional development opportunities during the 2015-2016 year.

Aviation Open House October 20!

Mark your calendars for Tuesday, October 20, 2015 for our Aviation Technology Open House hosted by the Lansing Community College Foundation. The event will be held at the LCC Aviation Technology Center in Mason, MI from 5:30 – 7:30 pm and includes building tours, remarks from Dr. Brent Knight, LCC President and a keynote address from Tom Burt of Duncan Aviation.  This is a great opportunity to meet the Aviation Technology Staff, industry partners, and student alumni.  Dinner will be served and free parking is available.

Please RSVP by October 13, 2015 online by clicking here or by phone at 517-267-5944.

Greg & Steve are coming to LCC!

Kids love to sing and dance with Greg & Steve and you will too! Grab your family and join us for this fun and enriching concert that will be held on Friday, October 2 at 7 p.m. at Dart Auditorium. Get your FREE tickets today at

Made possible through a generous grant from the Lansing Community College Foundation, Gretchen’s House Child Care Center. and C-Campus Child Care Grant.

STEMfest is October 10!

STEMfest is Saturday, October 10 from 9 a.m.-1 p.m. in the Arts & Sciences Building! STEMfest is a day for kids grades K-6 to experience more than 50 hands-on math and science activities staffed by LCC’s own faculty and student volunteers. Visit for more information and to register for this FREE event.

Learn More and Share Your Thoughts About Guided Pathways

You’re invited to participate in the next  sessions of “Conversations with Christine” on the following dates:

Wednesday, October 7, 2015
11:00 a.m. – 12:00 p.m.
ADM Board Room

Friday, October 23, 2015
1:00 – 2:00 p.m.
A&S 229 

During these sessions, you will have the opportunity to engage in conversation with Professor Christine Conner about Guided Pathways,  Career Communities, Program Outcomes, and/or Program Maps, and how they fit in with Operation 100%. Coffee and cookies will be served.

Christine Conversation Sessions_OCT 2015

Community Service Fair

Are you looking to engage your students in meaningful volunteer or service-learning opportunities?  This fair will offer volunteer opportunities to students with area organizations in attendance. Promote this event to your students and attend yourself!


Wednesday, September 30, 2015

11 a.m.-2 p.m.

Gannon Building 244

October is Cyber Security Awareness Month

For the past 11 years, the month of October is used to advocate Cyber Security Awareness across the United States of America.  Likewise at LCC I want to take this opportunity to reach out and train all staff and students on cyber threats and offers tips and best practices concerning how to stay safe online.

LCC faces cyber threats every day.  Our network is constantly probed for weaknesses, sometimes reaching over 90,000 per day—that’s more than 1 attack per second.  Similarly, LCC personnel receive emails and phone calls from criminals asking for our network credentials, credit card numbers, and social security numbers.  Moreover, major web site breaches have exposed LCC email addresses to identity theft criminals.

Over the past year, we have done an outstanding job to minimize the impact of cyber thieves.  I would like to offer the following Top 9 best practices on how you can stay safe on the LCC network:

  1. Recognition of phishing emails.
  2. Storage locations of college information and traveling best practices.
  3. Wireless network options.
  4. Sending Social Security Number (SSN) and Credit Card Numbers via email.
  5. Malvertising – watch where you go on the internet.
  6. Password Reuse? Use a password manager.
  7. Lock vs Log-Off my computer?
  8. Don’t’s and Do’s when using Public Wi-Fi.
  9. Records Retention Schedule.


Are you excited for Cyber Security Awareness Month?  Me too!  Please sit back and take a look at the cyber security best practice information below.


  1. Recognition of phishing emails.


Did you know that 91% of all hacking attacks begin with a phishing email?  Fraudsters send fake emails or set up fake web sites that mimic LCC’s sign-in pages (or the sign-in pages of other trusted companies, such as eBay, PayPal, or Office365) to trick you into disclosing your user name and password. This practice is sometimes referred to as “phishing” — a play on the word “fishing” — because the fraudster is fishing for your private account information.  Other fraudsters are trying to get you to visit malicious web sites or open a malware-infected attachments.

Once they gain access, they can use your personal information to commit identity theft, charge your credit cards, empty your bank accounts, read your email, and lock you out of your online account by changing your password.  The will take control of your computer and scan the network, join a bot net, or sit and listen for your keyboard activity…passwords, bank account details, and credit card numbers.


Let’s take a look at an example:


From: Sharon McPherson []

Sent: Friday, June 12, 2015 9:42 AM
Subject: My Resume

Good day.

I witnessed your website today Fri, 12 Jun 2015 and found it very interesting.  I was praying there was any possibility of employment, just to prove my competence.

As you will see in my CV, I am very qualified and have a very broad experience in this line of employment. I am confident it will be worth your time reviewing it, and I am even more positive you will find me very appropriate in your business. Please see my attached CV.
I’m very much looking forward to hearing from you.

Many thanks,

Sharon McPherson


Did you find 6 red flags?  Let me explain:

-Unfamiliar sender with an unsolicited email

-Sender asks multiple times for you to open the attachment

-If you are not in HR, or work with resumes, then the email was sent to the wrong person

-Poor grammar…’witnessed your website’

-Email is from a ‘free’ email account (,,, etc.)

-No contact information in the email


  1. Storage locations of college information and traveling best practices.


In an effort to properly organize LCC information and minimize confidential information exposure, I would like to recommend the following locations for your documents:


  1. Files created/stored for inter-office use should be stored on Divisional/Departmental workspace (N: drive), LCC-all-public (O: drive), or on SharePoint (for files that require collaboration).
  2. Files created/stored for use only by you should be stored on your personal H: drive. These files are not needed by your coworkers and will be deleted when you retiree/leave LCC.

I recommend that you do not store documents on your local workstation, thumb drive, or external hard drive.  First, they are not backed-up by ITS backup systems.  Second, they are not accessible remotely.  And finally, if the workstation/drive is lost or stolen, there is a risk of a breach of information.  The solution is to store your information on the networks drives listed above.

Likewise, when traveling with LCC laptops, please ensure the device is encrypted/password protected with Bitlocker Drive Encryption.  When traveling, please power off (not sleep, hibernate, etc.) the laptop, this ensures the encryption cannot be subverted.  And finally, keep the laptop ‘extra’ secure.  For example, you should store it in a locked car trunk, we’ve lost too many laptops that were visible in the back seat of a locked car.

  1. Wireless network options.

If you are bringing your own device (computer, phone, etc.) onto campus, do not connect it to the LCC wired infrastructure with a network cable.  If you need internet service, please connect your device to the correct wireless network:

  • LCCStudent: LCC employees, students, and third parties (contractors, auditors, etc.) who bring their own devices or do not have a computer provided by the college or anyone else who has been assigned an active LCC account should connect to LCCStudent with their LCC credentials.
  • LCCVisitor: This network is designed for those individuals that do not have LCC network credentials, such as those who are just visiting one of LCC’s campuses, those who only need internet access for a limited time period, and anyone who wants to become an LCC student.  It doesn’t require LCC credentials but does require a simple text message to their cell phone for authentication.  As a temporary-use network, it runs substantially slower and require re-authentication every 2 hours.


  1. Sending Social Security Number (SSN) and Credit Card Numbers via email.


Never send SSN and Credit Card Numbers through email.  First, SSN’s are Personably Identifiable Identifier (PII) and can be used to steal a person’s identity. If stolen, the criminal could make loans, get a driver’s license and file a bogus tax return.  If the identity information is stolen, LCC may be at some fault and need to assist the owner with identity protection—at our expense.  Second, email is unencrypted so anyone with access to any spot on the path can load a free sniffer to capture all of your information…from your home, ISP, commercial data centers, etc.  This means that you should assume your email is being searched and saved by the ‘bad guys.’  It’s the equivalent of entering your SSN or credit card number into an unencrypted/http web site.

There are several solutions to minimize risk of sending SSN’s:  snail mail, hand-delivery, and fax are better options with lower chances of exposure to criminals.  If you must email the information, then you have several options.  First, leave the SSN off the document, and after delivering the document, follow-up with a phone call to pass the SSN to the recipient.  Second, encrypt the email’s info using a free file encryption tool called 7-Zip.  It’s available at:  I can provide instructions if needed.


  1. Malvertising – watch where you go on the internet.

Do you think you are a fairly cyber-secure individual?


No one expects to get infected with malware when they visit trusted sites like YouTube or eBay – hardly the seedy sides of the Web.  But when you visit those popular Web sites, your device is actually connecting to dozens of other URLs, imperceptibly, as Web browsers accept connections to render pop-ups, video files and even stealthier interactions.


Malvertising (derived from “malicious advertising”) is the use of online advertising to spread malware.  It involves injecting malicious or malware-laden advertisements into legitimate online advertising networks and webpages.


Ad content is pushed to your browser without your intervention—simply visiting the site could allow malware to compromise your computer.  Moreover, trusted web sites sell advertising space on the cheap and bad guys buy ad space, install their malware, and let trusting users pull the content onto their workstations.


To prevent malvertising from infecting your computer, you need to deny malware the opportunity to find a flaw. Make sure your Web browsers and browser plugins (such as Java or Adobe Flash), as well as operating systems, are up-to-date so that known flaws are fixed.  Another essential and simple step is to install a solid antivirus program.  Finally, the most proactive defense against malvertising is to use an ad-blocking browser plugin such as Adblock Plus available at


  1. Password Reuse? Use a password manager.

Do you also re-use your password between your LCC network, bank, home email, credit card, etc.?  Not so great!  Once a hacker gets a hold of one breached account, they run a 5-second script to try your password against on all major banks, credit cards, social media accounts, etc., to see if they can further steal info and your sweet, sweet money.

But how do I remember so many unique passwords?  I recommend a password manager program–then you only have to remember one password (for the program), plus your laptop/phone lock codes, and that’s it!  Yes!  A password manager program is a small application or secure web site that stores all passwords in a single password encrypted file.  I recommend Keepass, a free password manager, available at:  And please make your ONE password an annoyingly long series of letters, numbers, and symbols that doesn’t contain any recognized dictionary words.  This will give you the best chance at password security. Unbreakable!

  1. Lock vs Log-Off my computer?

I prefer LCC users to 1) always lock your workstation when the workstation is not visible (e.g. they leave the office) per the AUP, and 2) log-off or shut down your computers at the end of the day.

Logging-off is better than locking a computer because there are some remote negative possibilities such as a locked computer might have open, active connections to both internal and external servers, safe or otherwise (e.g. infected web site), while a logged-off session would not.   Also some applications allow incoming connections so closing them down would be more secure.  Logging off is also preferred because some open processes, programs, etc., may remain running and fail to update.  Likewise, if the workstation is locked, any files you may have opened will be locked, possibly negatively affecting the backup process or use of the file by others.

  1. Don’t’s and Do’s when using Public Wi-Fi.

You probably assume that your coffee shop is responsible for the security of their Wi-Fi. WRONG!  Your coffee shop is merely providing free Wi-Fi to get you into their store and wanting delicious peppermint white chocolate mocha.  Do you think IT Security is someone else’s problem?  WRONG!  It’s your job to protect yourself.

If you find yourself in a coffee shop, or doctor’s office, or wherever wanting to join the free Wi-Fi, I recommend:

  • Assume all Wi-Fi networks are suspicious—check with the receptionist to make sure you chose the wireless network provided by the coffee shop, doctor, etc.
  • Never leave your device unattended—not even for a moment. You may come back and still see your computer where you left it…but a thief may have installed a keylogger into it to capture your keystrokes.
  • Use public Wi-Fi for quick browses only, such as Wiki, Google, etc.
  • Do not e-mail messages of a sensitive or serious nature.
  • Don’t leave on your file sharing. This is how we bust students illegally sharing movies!
  • If you must log into a secure website, make sure it is encrypted (HTTPS) throughout the browsing session (and doesn’t drop back to HTTP).
  • If available, use 2-factor authentication for login/password access to sites with confidential info.


  1. Retention schedule.

Do you have tons of stored email or binders and boxes of documents in your office?  Did the person you replace leave you travel receipts from 15 years ago?  As information grows, it reaches a point of saturation where it does not add value to current LCC programs and procedures.  LCC needs to dispose of documents on a regular basis to control the amount of information we retain.  An organized information structure decreases the attack surface for criminals looking to get their hands on LCC information.

The approved records retention and disposal schedule, titled General Schedule #1 for Faculty Records, covers the records created and retained by most of Lansing Community College’s faculty members and deals with syllabi, grade books, quizzes/test, etc.  All other records are or will be covered by divisional Retention and Disposal Schedules.  Please ask your division operations support personnel to get a copy of your record retention schedule, and clean out your office!

In closing, security touches every aspect of everyone’s roles at LCC and just like LCC’s Men’s Basketball Team, we are only as strong as our weakest link.   I would love to discuss your ideas on cyber security, or if you have any questions on the information I provided, please contact me at:  Mr Paul H. Schwartz, Director of Information Security, Lansing Community College, 400 North Capitol Avenue, Lansing, Michigan 48933, 5174835264,