Recent and ongoing cyberattacks emphasize the need to improve your security posture in order to protect your information, data, people and reputation. This message will cover two areas we need to collectively strengthen: (1) Use multi-factor authentication in all digital services you subscribed, and (2) Quick installation of patches/updates.
Multi-factor authentication in all digital services
- Multi-Factor authentication has been available for a long time for financial and health care providers and is now a standard feature for many social media, email and collaboration services. These services are frequently targeted by cyberattacks as well, and it is equally important to protect the respective accounts, whether they are used officially or in a personal capacity. Links to instructions on how to enable this feature on some common services are provided below; I also want to remind everybody that according to established policy the passwords for these services must be different from the one used for the @thareja.org account. Below is the non-exhaustive list of third part services and the corresponding links to enable multi-factor authentication. If the service you are using is not in the list please perform a google search.
- Facebook – https://www.facebook.com/help/148233965247823
- Twitter – https://help.twitter.com/en/managing-your-account/two-factor-authentication
- Instagram – https://help.instagram.com/566810106808145
- WhatsApp – https://faq.whatsapp.com/general/verification/about-two-step-verification
- LinkedIn – https://www.linkedin.com/help/linkedin/answer/544/turn-two-step-verification-on-and-off?lang=en
- Apple – https://support.apple.com/en-us/HT204915
- Google – https://support.google.com/accounts/answer/185839?co=GENIE.Platform%3DAndroid&hl=en
- Dropbox – https://help.dropbox.com/teams-admins/team-member/enable-two-step-verification#enable
- Box – https://support.box.com/hc/en-us/articles/360043697154-Two-Factor-Authentication-Set-Up-for-Your-Account
- Microsoft – https://www.microsoft.com/en-us/account/authenticator
Installation of patches/updates
- The global digital ecosystem is rapidly changing, and vendors frequently release security updates to close newly identified vulnerabilities. Every hardware device and software application needs regular updates, known as patches. When these “patches” are published, a race starts between attackers who immediately start developing malicious tools to exploit them and users of the hardware/ software who need to apply the patches before they are exploited. All entities involved in the operation of ICT resources need to ensure that all of their systems are updated in a timely manner. This also applies to every individual who is using devices or software that are not managed by the organization. To name only one example, Apple released an important security update for their mobile phones and tablets, so please ensure that this is installed on your devices.
While we collectively strengthen the above areas, THAREJA continues to enhance our capacity to prevent, detect and respond to cyber security attacks. On the prevention side, If you haven’t taken the cyber security training please do it now.
The protection of the organization’s system, information, and reputation is a collective effort.
Your CyberSecurity Officer