Learn, Do, Secure
Here you will find answers to frequently asked questions about information security at NEIU.
The FAQ page will be updated periodically to cover more topics. Please contact firstname.lastname@example.org if you have any questions that have not been answered on this page.
From here, you can also access the Glossary page. You will find definitions of information security terms that you may or may not be familiar with.
Information Security Awareness Training
Is the training mandatory?
Yes. It is mandatory for all staff and faculty.
How soon do I need to complete the training, and do I need to complete it all at once?
You should complete the training as soon as possible. You can return to the course anytime to continue from where you stopped. You can also start the course from the beginning if you wish to.
Where can I access the training?
You can access the training from Awareness Training Course.
If you are already logged into your NEIU user account, you will be automatically logged in on the training portal. If you are not logged into your NEIU user account, you will be redirected to Nmail to log in using your NEIU NetID and password.
Which browser is best to access the training on?
Chrome is the most compatible browser according to KnowBe4.
See the list of compatible browsers.
How long does a course take?
Each course has its duration. You will see the duration of the course when you log in to complete it.
Will I need to do the training in the future?
You may be asked to complete a refresher module annually or a new module to refresh your understanding and keep you up to date.
I received a notification from "email@example.com via training.knowbe4.com". Is this a scam?
Our training provider is KnowBe4 and you will receive email notifications from the email address above about the courses you are enrolled in. A link to the KnowBe4 training portal will also be included in the email.
If you are unsure of an email, please contact firstname.lastname@example.org or call (773) 442-4357.
Why do I keep getting reminders to complete a course or read a policy?
If you have an outstanding task, you will receive notifications until you complete the task.
Do I get a certificate when I complete a course?
Yes. You will be able to download a certificate after you go through the course and pass the test.
Can I redirect my NEIU emails to an external email account?
Redirecting your work emails outside of the NEIU email system introduces risk to university information held in the emails. You may not redirect your NEIU emails to external email accounts.
NEIU implements email controls to protect the security and privacy of information stored in its email system. Your personal email account may not have the same controls in place, and you may be exposing sensitive work information in your email to a data breach, and violating NEIU policies and related legislation.
Can I redirect my personal emails to my NEIU email account?
You may redirect your personal emails to your NEIU email account, but you should be aware that the University has the right to inspect any information stored within its email system for work, legislative or legal purposes.
What is Phishing?
Phishing is a method used by hackers to trick people into believing a message to make them divulge personal or other sensitive information. The information can then be used for fraudulent purposes including gaining unauthorized access to IT systems and information, impersonating individuals for financial gains, carrying out a ransomware attack, etc.
How do I recognize a phishing email and what do I do if I have responded to one?
See our Cybersmart Tips page on identifying phishing emails and what to do when you receive one.
What does being pwned mean?
Pwned, in cybersecurity, simply means that your user account has been breached either through a phishing attack or a compromised IT system. To check if you have been pwned, a good free tool to use is haveibeenpwned.com.
What do I do if I have been pwned?
If you suspect that your user account has been pwned (breached). Change your password as soon as possible, enable MFA for that account if the feature is available, and also consider signing up for services that notify you when your user account has been pwned.
Use of Personal Devices for Work
Can I use my personal devices for work?
The University issues laptops and other devices for mobile and remote working. However, users who wish to use their personal devices for work must adhere to the University’s IT policies and related legislation.
You should check first if certain information should be held on personal devices so that you are not breaching any privacy laws.
You should have the appropriate controls in place to protect the device you use and the information stored within.
You are to report any suspected or actual data breach incident resulting from the use of your personal or work device as soon as possible to email@example.com so that the University can respond to the incident promptly.
Device and Data Security
How can I protect the information and devices I use?
Our Cybersmart Tips page provides good practices that you should follow to protect your data and device whether at home or in the office.
Virtual Private Network (VPN)
What is VPN?
Virtual Private Network (VPN) protects a network connection when using Wi-Fi by encrypting the network traffic to protect the identity of the user and keep their data and activities private over the internet. It prevents eavesdropping on the network traffic and allows the user to conduct work remotely in a secure way.
Do I need VPN if I work only from the office?
You do not need VPN if you only work from the office. All the network resources that you need for work are available without the need to use VPN when you are in the office.
I work/will be working remotely, can I get VPN?
You will also need to register your device for MFA to use VPN.
What happens if I stop working remotely?
You are required to contact firstname.lastname@example.org to disable your VPN access as soon as possible.