Security – News and General

How to Best Manage Passwords

How to Best Manage Passwords

The average person can have nearly 100 passwords (or more!) when combining professional and personal accounts and services. That is a lot to remember! Many often use the same email and password for many (if not all) accounts, so they have less to remember. This is the number one liability for accounts online: password reuse. If a popular streaming service suffers a security breach, you may not be too concerned with someone watching a show on your account. However, if your log in information for this service is the same for your banking or other sensitive accounts, the damage can be much more severe. When sites suffer a breach, the hackers immediately try those credentials on banking, email and other sites to see how many areas they can log into with one password. So, it is vitally important to have a different password for every account. In addition, to be really secure, your passwords should all be at least 15 characters (some cybersecurity analysts recommend 25 characters.) How is it humanly possible to remember up to 100 unique lengthy passwords? It’s not! That’s where password managers come into play. A password manager will become your best friend, because it takes care of three critical tasks for you:
  1. It generates lengthy, complex passwords for each of your accounts or logins
  2. It stores these complex passwords in a digital “vault”
  3. It automatically fills in this complex password every time you log into a site
People often say “I’m already using my Internet browser to save my passwords – isn’t that the same thing?” No! Browsers are designed for us to surf the Internet, and although they can store passwords, it doesn’t mean that your passwords are secure. It also means your passwords would be in one browser, so they wouldn’t be available if you use a different browser. Whereas with a password manager, you could log into your personal vault from any browser, making them much more versatile. What if the Password Manger is compromised? Great question! LastPass has been hacked multiple times, but the number of compromised passwords? ZERO. LastPass encrypts all passwords, so the company never sees your passwords, keeping your passwords secure even if a security incident occurs. To find the best password managers for you, your family, and/or your business, we recommend Googling “Best Password Managers”, and you will see a number of reviews of the top password managers available today. Also, please contact your Program Manager to ensure your organization is enrolled in designDATA’s complimentary Dark Web Scan offering which will notify you if any account in your organization has shown up on the Dark Web. Stay safe out there! by Imran Khan

Phishing Scams Aim to Exploit Coronavirus Fears

How To Keep Uninvited Guests Out of Your Zoom Event

Zoom is a videotelephony and online chat services through a cloud-based peer-to-peer software platform and is used for teleconferencing, telecommuting, distance education, and social relations.  With most of the country working from home and using Zoom as well as other cloud-based communications there has been an uptick in hacking stories.  So, what are we to do?  Let’s look at a few ways we can practice Zoom Safety. At designDATA we believe the following best practices will help:

  • Create separate passwords for each virtual meeting;
  • Establish a Zoom waiting room for meeting participants
  • Lockdown the meeting once everyone invited to attend has joined
  • Do not publicly post-meeting links on social media or any other public forum

Changing Password over VPN

Even with so many working remote in these tumultuous times, security practices such as regular password expiration dates keep looming before us. While we at designDATA are always here to walk you through how to handle this process, here are some tips on how you can do so yourself!

While you are working in the office, you have the convenience of being on the same network as your domain, meaning that if your password needs to be changed, all you need to do is the simple CTRL+ALT+DEL to pull up the ‘Change a Password’ menu.
While the process is largely the same when remote, you also need to make sure that you are connected to your VPN, which simulates being connected to your office network. For most of our customers using the Sophos VPN, that will be the little traffic light icon you should find in the lower right-hand corner of your screen.

Once connected to the Sophos VPN, you can enter the ‘Change a Password’ screen as normal by pressing CTRL+ALT+DEL, and choosing your password. Remember that you will need to enter your new password twice, just as a confirmation!

Once you’ve changed your password, make sure you’re still connected to the VPN by checking to see that the icon is still showing the “green light” and then LOCK your computer twice. This is to ensure the new password is confirmed both on the network as well as on your local computer, as it doesn’t always do so the first time around. If you want to be absolutely sure that it has worked after locking and logging back in twice, you can also sign out and back into the VPN. If you can sign back in, it’s been changed at the domain level as well!
If you’re working from a Mac, or you aren’t a VPN user, your instructions will be different and are specific to your organization. Please contact the designDATA service desk for assistance.
Remember, if you have any issues with any of this, our technicians are standing by to help assist you with your password update or any other needs. We can be reached at service-request@designdata.com, or by calling your client-specific service desk numbers, 24/7.

Status in Microsoft Teams

Microsoft Teams has a Status feature (also sometimes called Presence) that lets people know your availability.  This feature works automatically, but you can also control it manually if you need to:

To access it, click on your portrait in the top-right of Teams, and then mouse-over your current status to see your available statuses. 

If there’s a meeting going on in your calendar, Teams will auto-update your status to “In a Meeting,” or to “On a Call” if you’re on a Teams call.  If you’re idle for a period of time, it will auto-update to “Away.” 

You can manually choose a different status if you want to override the auto-chosen status.  Just be sure to click on “Reset status” when you’re done to let Teams go back to automatically updating your status. 

Lastly, you have an option to “Set status message” to let people know what’s up, such as “On a lunch break, back at 1pm.” 

Data Privacy and ZOOM

During this time, as the majority of the Global Workforce works from home, many people are using Zoom.  While the video conferencing application is very popular, there have been privacy concerns.  Some of the concerns are not unique to Zoom but are standard for any web conference/meeting app, such as the host’s ability to record the session, something that can also be done in Teams.  However, other Zoom ‘features’ are a little “big brother-ish”, such as the attention tracking feature and the data collection mechanics. It is designDATA’s recommendation to create a separate account for Zoom when creating your login, instead of using your Facebook or Google credentials.

Here’s a recent report from Consumer Reports and a CNET Article on data privacy concerns with Zoom. If you don’t have a decent password protecting your meeting, don’t be surprised if you get trolls (or uninvited guests) joining in.

(credit: Jamey Wester)

designDATA’s plan of action during COVID-19

As many of you may have heard, the President has extended the social distancing guidelines to April 30th with the possibility of going past that date. designDATA will continue working remotely and suspending onsite engagements according to the Federal guidelines.

During these times while working from home, we understand a focus on productivity and collaboration is of high importance. Our aim is to be of greater resource to you and your organization during these times.  If you are in need of IT solutions at this time please contact us at https://www.designdata.com/contact-us/ .

Access our blog via our website for tips and tricks on cybersecurity, Microsoft Teams, eSign solutions, other relevant subjects to improve IT productivity in this remote working environment.  https://www.designdata.com/resources/blog/

Cybersecurity and Today’s CFO

CFOs can no longer respond with “that’s not my department” when it comes to cybersecurity. In a recent article by Harvard Business Review, CFOs were outed for not taking an active role in their organization’s cybersecurity efforts. Today’s financial executive must focus on more than managing financial risk—they must become an engaged member of the security team.

Data breaches are extremely damaging, costing executives their jobs, destroying brands and causing vital information to be lost. CFOs need to start becoming more competent in cybersecurity methods and implementing practical solutions for keeping data safe and managing risk.

To start building a cybersecurity plan, schedule a free onsite consultation with us to discuss performing a penetration and vulnerability test for your organization. This assessment will help you identify holes in your defenses and uncover areas that hackers can exploit and access critical data. Using the results of these tests, we can work together to fix existing issues and create a cybersecurity plan that protects your people, processes and data.

This article was written for Association TRENDS. Check out the original posting HERE.