Information and Educational Technologies

Security

Security Access Request Form

All Security Access Request Form (SARF) related information has been moved to VW Connect and can be viewed at https://vwconnect.vw.edu/sites/tss/helpdesk/pages/SARF.aspx.

Security Awareness Training

Security awareness refers to information security awareness and means understanding the various threats that exist in one's environment and taking reasonable steps to guard against them. The key to successful information security is you.

The state requires that all state employees participate in security awareness training every year. This training site will provide you with valuable information about best practices, policies, and procedures for ensuring secure information systems at Virginia Western, so you can enjoy a safe computing environment.

Directions for MOAT can be found online: http://www.virginiawestern.edu/iet/helpdesk/training/moat.php

Password security and tips

Faculty, staff, and administrators have access to IT systems at VWCC and through the Virginia Community College System (VCCS). To request IT accounts, you must use the official VWCC Security Access Request Form (SARF): IT Accounts and Services Form and obtain the required signatures. Once you have received your accounts, you will need to create and use secure passwords for both your VWCC and VCCS systems. Your VWCC and VCCS usernames and passwords are different.

VWCC faculty, staff, and administrators have both VWCC and VCCS accounts to access a variety of systems available for use. You are responsible for your VWCC and VCCS accounts and anything that happens with your account. Make sure your password is secure, so your account cannot be used for illegal purposes.

VWCC passwords have the following requirements:

  • MUST NOT contain all or part of the user’s account
  • MUST be at least 8 characters in length
  • MUST contain characters from 3 of the following four categories:
    • English uppercase characters (A through Z)
    • English lowercase characters (a through z)
    • Base 10 digits (0 through 9)
    • Non-alphanumeric characters (e.g.,!, $ #, %)
  • Do not use real words.
  • Do not use family names or place names.
  • VWCC requires password change every 90 days.

VCCS passwords have the following requirements:

  • MUST NOT contain all or part of the user's account name
  • MUST be at least 8 characters in length but not more than 10
  • MUST contain at least one English uppercase letter (A through Z)
  • MUST contain at least one English lower case letter (a through z)
  • MUST contain at least one base number (0 through 9)
  • MUST NOT contain any non-alphanumeric characters (e.g.,!, $ #, %)
  • Do not use real words.
  • Do not use family names or place names.
  • Password changes are made regularly.

Once you have established a secure password, keep your password secret. Do not share your password with others. Do not write down your password and keep it near the computer.

Password tips

  • Always immediately change default passwords
  • Do not use simple, obvious or predictable passwords
  • Include at least one number, preferably not at the end
  • Use a varying combination of upper and lower case letters
  • Do not use spaces
  • Do not use names or nicknames of people, pets, places or personal information that can be easily found out, such as your address, birthday or hobbies
  • Create passwords that are easy to remember but hard to guess
  • Do not write your passwords down or post them to your computer monitor
  • Never share your passwords with others
  • Change your passwords regularly

eVA Acceptable Use Acknowledgement

This document acknowledges an employee to be an authorized user of eVA, that you have job responsibilities consistent with the purpose of eVA, have obtained approval for your eVA user account from your COVA Entity’s eVA Security Officer, and be in good standing as a permanent, temporary, or contract employee of a COVA Entity.

eVA Acceptable Use Acknowledgement (PDF)

Security Termination Policy

In order to comply with VCCS security audit procedures all terminated employees that were granted access to the college's information systems must be removed within 24 hours after termination. Departments/divisions that have terminated a Faculty or Classified Staff’s employment at VWCC must notify Human Resources immediately.  Human Resources will then notify the Help Desk of the termination and request all access to the college's information systems be removed from the employee’s account. Supervisors can also send an e-mail to the Help Desk (helpdesk@virginiawestern.edu) to have accounts deleted/disabled.

VWCC

VWCC Alerts

We use VW Alert to immediately contact you during a major crisis or emergency.

Get more info and register