People over 45 years of age are less than 50% likely to be using MFA on their personal accounts.
Multifactor authentication (MFA) is a multi-step account login process that requires users to enter more information than just a password. This could be to enter a code sent to their email, sent to an MFA app on their smart device, answer a secret question, or scan a fingerprint. Most people should be well versed in this process through their personal accounts on platforms like Banking, Amazon, Apple, Microsoft and Facebook.
The process aims to prove something you know, the password or pin, something you have, the displayed code of a physical token or virtual token on a smart device, and something you are, which could be facial recognition or fingerprint. Compromised passwords are one of the most common ways cyber criminals are accessing personal and corporate accounts. Through MFA, these entry points into your home or corporate life are made extremely harder to infiltrate.
There are many vendors that provide an MFA application you can onboard your personal and corporate accounts onto. We urge you to use these in your personal life, especially on any website that may have access to card information or that you make payments through. For your corporate access, if you are accessing any of your work data without more than just password access, raise this as a concern and recommend your company discusses their options with JGC IT Services.
If you do one thing today, make sure your passwords are secure. 14-Characters with a combination of numbers, upper/lowercase letters and symbols is the minimum you should be using to ensure a brute force attempt at cracking it would take decades.
Don’t be that person with the domain account password on a Post-It note at their desk. Use a password manager tool like LastPass to store and save your online passwords. Using a tool like this also simplifies your password refresh process too. It will allow you to use bespoke passwords for each online service you use to avoid duplication of passwords.
Any online service where you are using card services, make sure you use MFA as an additional layer of security. Multi-factor Authentication ensures that you add to the something you know (password) with something you have on your person (smart-device) and a token.
Don’t make it easy for the hackers out there. Get in touch today and see where we can help your business secure your workforce.
There was a 47% Increase in Phishing Attacks through 2022 alone.
Most of us would have received a phishing email. It has become such common place that now email providers have a quick button for ‘Phishing’ to move an email to junk and report it. Despite this awareness, phishing attacks are common place in the corporate world and continue to be one of the most significant threats in the IT world.
Did you know that nearly 50% of imitated brands are accountable to Microsoft. This means users need to be savvy enough to determine the increasingly realistic emails being sent out that appear to be from Microsoft, are fraudulent. However, just one single user being duped by this, can easily leak their corporate credentials allowing an attacker access to your estate.
Cyber criminals are now easily able to evade the basic spam detection and filters provided by email service providers. Using vendors that can offer the very best email security and data loss protection (DLP) will help firstly to block known phishing emails from reaching your inbox, and further protect you by ensuring employees are challenged or restricted from sharing corporate account information.
JGC IT Services can help review your current approach to phishing attacks and provide guidance on ways you can better your security stance.
Web applications and API’s are the top entry points for cyber attacks – make sure they are protected.
Securing your web applications and API’s is becoming one of the most important actions for businesses to take. Whether your web application is hosting your website, client portal, CRM or even a payments platform, protecting it and the data on it, is imperative. There is always the mention of ‘defence in depth’ and this is extremely true when looking at securing your edge and your public facing applications and API’s.
DNS, DDoS, WAF, Monitoring & Software are just a few areas where you need to make sure you have ample protection or investment. With the help and guidance of JGC IT Services, we can ensure that the best advice is provided in ensuring any investment goes into the most efficient form of protection.
To get an understanding of the security products we have to protect your edge please reach out to us through the contact section on this website.
1 in every 4 reported IT security breach is a form of ransomware.
A ransomware attack is where your IT systems will be rendered useless, typically through encrypting your data, until you pay a ransom for the encryption key. The attack may start from one single endpoint but will typically become enterprise wide and this is why the impact is so severe in losing critical business systems.
This type of attack is targeted against businesses of all sizes. The malware software used to encrypt your data can be installed through a number of methods which is is why informing your employees of best practices when it comes to IT security is so important. To avoid irrecoverable business damage and having to fork out hefty ransom payments, you should have a rugged backup and recovery solution in place. With this in place you will have greater chance in recovering your data and getting your business up and running again more quickly.
JGC IT Services can help educate business owners and employees through simulated attack exercises and awareness campaigns. We can also carry out a complimentary review of your network perimeter to make sure you are making it as hard as possible for attackers to gain access externally. Reach out to us today to strengthen your current approach to IT security.
Your email address will not be published. Required fields are marked *
Comment *
Name *
Email *
Website
Save my name, email, and website in this browser for the next time I comment.
Post Comment
