What is LACCD Information Security Awareness?

LACCD has adopted Board Policy 3720, Computer and Network Use, and associated procedures to assure that all who access District information systems use those resources responsibly.  In support of this policy, the District requires mandatory annual information security awareness for all employees to help you understand your role in protecting the District’s information resources, and to acknowledge your agreement to comply with the District’s Administrative Procedure 3720, Computer and Network Use.   

How do I access the security awareness content? 

1. Log into the Vision Resource Center by clicking "Login Now", and enter your District email address in the form "username@email.laccd.edu." You will be directed to the LACCD Single-Sign-On (SSO) page to complete login.

2. Click on "My Transcript," as shown below.

3. The title is "LACCD|Information Security Awareness 2023-2024". Click "Open Curriculum" to begin. 

4. If you have any issues accessing the content, email infosec@laccd.edu. 

When is it due?

Completion of LACCD Information Security Awareness 2023-2024 must be complete by June 30, 2024. 

What is the LACCD Phishing Awareness Campaign?

Malicious attackers on the Internet have become very sophisticated in sending phishing emails to LACCD employees that attempt to gain access to our information systems, or for financial gain. The District is conducting a phishing awareness campaign for all LACCD employees. This campaign is designed to help our employees recognize these phishing attacks so they can protect themselves and our community from harm.

Why Are We Doing This?

Studies have shown that routine simulations of phishing attempts reduce email recipient’s susceptibility to phishing. The goal is to improve everyone’s ability to resist phishing attacks, and in turn, protect your personal information and the personal information of our students and employees. These simulations are also recommended by our auditors and insurers.

How Will the Campaign Work?

The LACCD Information Security Team will periodically send a simulated “phishing” email to your inbox that will contain links that attempt to collect your password or other information. If you do click, no personal information will be collected. You will be notified that you clicked on a potentially dangerous link, and receive tips on how to identify phishing emails in the future.

Will There be Consequences for Clicking on the Simulated “Phishing” Email?

No; the purpose of this campaign is purely educational. You will be notified immediately if you click on a dangerous link, and provided with guidance. Managers will not have access to the simulation results of individual employees. Users who repeatedly click on simulated phishing emails will be offered additional information security training.

What Should I Do if I Recognize the Email as Phishing?

Anytime you receive a message that looks suspicious, or you are unsure whether is legitimate, please forward to  @email for analysis. Otherwise, you can simply delete and disregard the email.

What if I have additional questions?

If you have any questions about the Phishing Awareness Campaign or any other questions about information security, please email @email for assistance. 

What is a Shared Mailbox in Outlook?

A Shared Mailbox allows several individuals to access a common inbox, enabling them to collaborate efficiently. Users with access to the Shared Mailbox can send emails on behalf of it. Any modifications, like reading, categorizing, replying to, or deleting emails, will be instantly visible to all users who have access to the Shared Mailbox. Below are tutorials explaining how to access a shared mailbox and send an email on behalf of the shared mailbox address.

How to Access A Shared Mailbox in Outlook
STEP 1: After opening the Outlook desktop app, click on the left pointing arrow on the left side of your screen.
STEP 2: You will find your new shared mailbox below your personal district email. Here, you will be able to check your inbox, drafts, sent items, archive, conversation action settings, conversation history, junk email, and the outbox.

 

 

Content

How to Send an Email on Behalf of the Shared Mailbox Address
Step 1:  Click "New Email" to compose a new email.
Step 2: Click "Options" tab and select "From" in the "Show Fields" group.
Step 3: Lastly, click "From" > "From" and choose the shared mailbox in the global address book to send emails.

What is the District's Multifactor Authentication (MFA) Policy?

All LACCD students, staff and faculty must use Multifactor Authentication (MFA) at all times to access District email and Office365 applications. This means you will have to approve all "sign-ins" to your District email account using a second method after entering your password. You must also use MFA to access SharePoint, OneDrive, and all other Office365 applications. 

Why does the District require MFA?

Attackers on the Internet sometimes use “phishing” techniques that lead you to a fake website and trick you into entering your email address and password. The attackers use this information to attempt to scam people. By requiring MFA, an attacker will not be able to access your email even with your password, making phishing attacks less likely to succeed.

What if I already registered for MFA?

If you have already registered for MFA for District email and Office365 applications, then no further action is required from you.

What do I do if I have not yet registered for MFA?

The first time you log into District email or any other Office365 application, you will be required to register for Multifactor Authentication (MFA) for District email using one of the following two methods:

• Register to receive text confirmation messages to a mobile device.
• Install and configure the Microsoft Authenticator application on an iPhone or Android mobile device Instructions for both methods are provided below.

How to Register for MFA Using Text Messaging

1. From a web browser, visit https://aka.ms/MFASetup. This will take you to Microsoft’s Office365 Sign-In Page. Enter your District email address (username@laccd.edu or username@student.laccd.edu), and click “Next.”

2. You will be taken to the District’s sign-in page. Enter your password, and click “Sign In.”

3. You may receive a screen asking if you want to stay logged in after completing the process. Click No.
4. If you have not already registered for MFA, you will see the screen below that says “More information required.” Click “Next.” If you see a different screen than the one below, you have already registered for MFA, and no further action at this time.
5. The next screen will ask you if you want to provide security verification with an Authentication phone or Mobile App.
6. Under “Additional security verification”, select “Authentication phone.” Then select the Country Code of your mobile phone, and enter the phone number. Then click “Next.”
7. You will be sent a text message to the number you provided. The text message will say “Use verification code XXXXXX for Microsoft Authentication,”, where XXXXXX is a six-digit number. Enter the number provided into the text message in the space provided, and click “Verify.”
8. If you enter the correct code, the screen will say “Verification Successful.” Click “Done.” If it does not say “Verification Successful”, follow the prompts to try again.
9. Your registration is now complete. You will be led to a screen where you may select additional authentication methods if you wish. If not, simply close the browser.

How to Register for MFA Using the Microsoft Authenticator App

1. From a web browser, visit https://aka.ms/MFASetup. This will take you to Microsoft’s Office365 Sign-In Page. Enter your District email address (username@laccd.edu or username@student.laccd.edu), and click “Next.”

2. You will be taken to the District’s sign-in page. Enter your password, and click “Sign In.”

3. You may receive a screen asking if you want to stay logged in after completing the process. Click No.
4. If you have not already registered for MFA, you will see the screen below that says “More information required.” Click “Next.” If you see a different screen than the one below, you have already registered for MFA, and no further action at this time.

    

5. The next screen will ask you if you want to provide security verification with an Authentication phone or Mobile App. If you wish to receive verifications via a mobile application installed on your iPhone or Android device, select “mobile app,” then click “Set up.”
6. The instructions to proceed are shown on the screen. Install the Microsoft authenticator app for Windows Phone, Android or iOS on your mobile device. From the app on your mobile device, click the three dots in the top right corner of the screen. Click “add account, “work or school account.”, and “Scan a QR code.” Scan the QR code into your app. If successful, the account will be registered in your authenticator app. Click “Next.”
7. There are two methods to verify your identity through the Microsoft authenticator app. Select “Receive notifications for verification” and click “Next.”
8. The authenticator app on your mobile device will send you a pop-up message. Click “Approve.” 
9. If the authentication is successful, it will send you to a screen asking for a backup mobile phone number to use in case your mobile device cannot be located. This step is optional; if you do not wish to enter a mobile phone number, click “Done.” 
10. Your registration is now complete. You will be led to a screen where you may select additional authentication methods if you wish. If not, simply close the browser

What do I do if I need assistance?

If you are a student, please contact the student services center at your college for assistance.

If you are faculty or staff, please contact the Office of Information Technology helpdesk using the directory below:

What do I do if I do not have a mobile device and/or cannot receive text messages?

If you are a student, contact student support at the email address for your college, provided above.

If you are LACCD faculty or staff, the District has a limited number of hardware token devices available that will send you One-Time Passwords (OTP) to verify your identity. To request an OTP device, complete the form available here and submit to infosec@laccd.edu.

I am a student or adjunct faculty member and I check my LACCD email from my Gmail/Hotmail account. Will that still work after MFA is required?

No. Some email providers, such as Gmail and Hotmail, allow you to configure your mailbox to check other email accounts. This will no longer work once MFA is required. You can set your District email account to forward emails to another account as follows:

1. Log into your LACCD web mail by visiting https://mymail.laccd.edu, and log in with your LACCD email address and password.
2. In the top-right corner of the screen, click on the “Gear” icon. 
3. At the bottom right of the page, click “View all Outlook settings.”
4. Click Under “Mail”, then “Forwarding,” check “Enable Forwarding.” Enter the email address you wish to forward to, check “Keep a copy of forwarded messages”, and click “Save.”
   Your email will now be forwarded.

What if I have additional questions?

For technical assistance, please refer to the contact information above for students, faculty and staff. If you have any other questions about MFA, please email @email from your District email account.