By Jamison Moore, Director of IT
Over the last six months—as we have all adjusted to a new work-life balance—new threats and opportunities have sprung up around IT security. Many of the challenges we are facing during remote work are just like what we face in the office, but without the hands-on support of coworkers or a more secure network. The IT team continually works behind the scenes to keep laptops up to date and to secure servers, but attacks also target each of us, as users, directly. Following a few simple security steps can help keep all our accounts safe at work and at home.
Create a Strong and Unique Password for Every Service
Coming up with a strong password is an important security step. A tool that can help is a password manager, whether through your web browser, such as Chrome, or from a third party, such as 1Password or Bitwarden. Both integrate directly with your browser and phone, letting you generate secure passwords that you don’t have to remember.
If you use the same password for different services, you’re relying on each of those services to ensure that your password is kept secure. If there is a breach in one of your online accounts, it may enable hackers access to other accounts, which they now have a password for. By using a unique, strong password for each of the online services or vendors you interact with, you protect yourself from the hassle of having to clean up accounts, change a bunch of passwords, and send out that embarrassing, “If you got a message from me on Facebook, don’t click that link. Sorry!” message.
Set Up Multi-factor Authentication
Multi-factor Authentication (MFA) is a security tool that relies on something you know—your password—and something you have—your phone or laptop. With MFA, even if your password leaks your account is safe. A secondary factor is required to login, usually a six-digit code either from an authenticator app or via text message. MFA also lets you use Single Sign On more easily, so you won’t even need your password when logging into your email or Ruppert Learns learning management system.
Pictured right: With MFA, logging in can be as simple as tapping a number on your phone, no password required
Ruppert’s IT team is expanding MFA across the company, so if you’re interested in adding this extra layer of security to your account, send us an email firstname.lastname@example.org
Be Skeptical of Strange Emails
A recent uptick in phishing emails—messages designed to steal your credentials—has been mitigated by Mimecast, our email security software, but a few still get through. If you receive an unexpected message asking you to click a link and provide your email or social media credentials to view a file, collect a payment, or receive another message, DON’T! Forward all suspicious emails to email@example.com so we can take a look, or reach out on Teams to Tim Vo (or anyone in IT). If you think you might have accidentally clicked a bad link or provided your credentials, don’t hesitate to contact us.
If you would like to know more about phishing, Windows security, or securing your home network, check out one of our favorite resources, Decent Security (https://decentsecurity.com/). If you have any security questions or concerns, let IT know at firstname.lastname@example.org or reach out over Teams. Thanks for reading!