< Return to Video

2025ART InfoSec

  • 0:00 - 0:03
    ART 2025 INFORMATION SECURITY
    1. MULTI-FACTOR AUTHENTICATION
  • 0:04 - 0:07
    MFA stands for
    Multi-Factor Authentication.
  • 0:07 - 0:10
    It’s also called Two Step
    or Two Factor Authentication.
  • 0:10 - 0:13
    Multi-Factor Authentication
    provides an extra step of security
  • 0:13 - 0:16
    for your online accounts and apps.
  • 0:16 - 0:18
    This extra step could be a code
    that’s sent to you via email
  • 0:18 - 0:20
    or a code generated by an app
  • 0:20 - 0:24
    whenever you try to log in
    to an account that has MFA set up.
  • 0:24 - 0:26
    You have to provide that special code
  • 0:26 - 0:30
    in order for your online login attempt
    to be successful.
  • 0:30 - 0:32
    This is to prevent an unauthorized login
  • 0:32 - 0:34
    by someone who gains
    access to your login info,
  • 0:34 - 0:37
    or gains access to your device.
  • 0:37 - 0:39
    As a company, MFA is required
  • 0:39 - 0:42
    in order to access
    your company login and resources.
  • 0:42 - 0:44
    Most of you have this setup
    through Microsoft Authenticator,
  • 0:44 - 0:48
    but you can set up MFA
    for many other online accounts.
  • 0:48 - 0:50
    Here are some recommendations:
  • 0:50 - 0:53
    Go to your settings in any online account.
  • 0:53 - 0:57
    Once you find the MFA feature,
    turn it on for that account.
  • 0:57 - 0:59
    You’ll select your preferred settings
  • 0:59 - 1:03
    and usually the options are something like
    "receive a code via text message"
  • 1:03 - 1:06
    or "set up in an authentication
    app" like Microsoft Authenticator.
  • 1:06 - 1:10
    Different accounts will have
    different preferences and options.
  • 1:10 - 1:12
    As a side note,
  • 1:12 - 1:17
    it is not recommended to use SMS or
    text message as an authentication method,
  • 1:17 - 1:19
    as it is not considered secure.
  • 1:19 - 1:23
    Push notifications
    or an app code via an authentication app
  • 1:23 - 1:26
    are the preferred method
    and much more secure.
  • 1:26 - 1:31
    Then confirm that the MFA you just set up
    works by giving it a shot.
  • 1:31 - 1:35
    If you have questions or need help
    setting up MFA on your company account,
  • 1:35 - 1:39
    please reach out
    to ServiceDesk@msnpath.com.
  • 1:43 - 1:45
    There’s so much noise out in the hall.
  • 1:46 - 1:48
    We didn’t know
    it was "shot clinic" day.
  • 1:48 - 1:48
    Great.
  • 1:50 - 1:52
    ART 2025 INFORMATION SECURITY
    2. PASSWORD SECURITY
  • 2:05 - 2:07
    Oh, hello again.
  • 2:08 - 2:12
    It’s Clint,
    one of your Computer Helper Guys.
  • 2:12 - 2:14
    It’s nice to be-a back with you.
  • 2:16 - 2:18
    It’s nice to be back with you.
  • 2:19 - 2:22
    Let’s talk about password security again.
  • 2:26 - 2:30
    Yeah, I know some of you
    were squirming a little bit.
  • 2:32 - 2:36
    You have those passwords
    in a notepad in your pocket,
  • 2:36 - 2:39
    or you have them
    on a checkbook registry.
  • 2:40 - 2:42
    I say it because it’s happened!
  • 2:43 - 2:47
    Or you might have some
    of the same passwords for everything.
  • 2:47 - 2:54
    And I know things like password complexity
    and length requirements can be annoying.
  • 2:54 - 2:56
    It’s not meant to annoy you.
  • 2:56 - 2:59
    Hey, look, it’s a new day,
  • 2:59 - 3:02
    and it’s a good day
  • 3:02 - 3:05
    to get your password security
    under control.
  • 3:05 - 3:08
    Let’s talk about how you can do that.
  • 3:10 - 3:12
    Password complexity
  • 3:12 - 3:18
    Your company password is required
    to be at least 15 characters
  • 3:18 - 3:21
    and contain a certain level of complexity.
  • 3:21 - 3:26
    It would be wise to apply the same
    standard to all of your passwords,
  • 3:26 - 3:28
    even for personal accounts.
  • 3:28 - 3:33
    There are a couple of ways to make sure
    your passwords are more complex.
  • 3:33 - 3:38
    You can use a random string
    of characters, numbers, and symbols.
  • 3:38 - 3:46
    Another way is to create a memorable
    passphrase with 5 to 7 unrelated words.
  • 3:46 - 3:51
    Get creative with spelling
    to make it even stronger.
  • 3:51 - 3:54
    Password uniqueness
  • 3:54 - 3:57
    Use different passwords on every account.
  • 3:57 - 4:00
    Yep, this one is touchy.
  • 4:00 - 4:03
    I know, but this is one
    of the biggest vulnerabilities.
  • 4:03 - 4:09
    If a data leak occurs that exposes
    your username and password on one website
  • 4:10 - 4:16
    online criminals will try to use that
    same username and password on other sites.
  • 4:16 - 4:20
    Would your bank account be protected?
  • 4:20 - 4:23
    Thankfully, there’s a tool made
    exactly for this task.
  • 4:23 - 4:26
    You’ve heard of it before:
    password manager
  • 4:27 - 4:36
    A password manager is an app that you
    can have on your phone, computer, or both
  • 4:36 - 4:41
    that is encrypted and can store all
    of your username and passwords securely.
  • 4:41 - 4:45
    They can even generate
    random, unique passwords
  • 4:45 - 4:48
    for you when you create new logins,
  • 4:48 - 4:53
    so that you don’t even have to think about
    what your password is going to be.
  • 4:54 - 4:58
    Let’s take a quick look
    at how password managers work.
  • 4:59 - 5:02
    Hey, this is my password manager.
  • 5:02 - 5:04
    Just kidding.
  • 5:04 - 5:06
    Just kidding. Just…
  • 5:07 - 5:09
    Just kidding.
    It’s Kevin.
  • 5:09 - 5:12
    He keeps all of my passwords safe.
  • 5:13 - 5:17
    Oh, no!
    An online criminal! Ahhhhhh!
  • 5:17 - 5:19
    -Give me your passwords!
    -Nope.
  • 5:19 - 5:21
    Nope.
  • 5:21 - 5:24
    Nope. Nope. Unh-uh.
  • 5:24 - 5:27
    You have to have the right password.
  • 5:29 - 5:30
    Unh-uh.
  • 5:32 - 5:33
    No.
  • 5:38 - 5:39
    Correct.
  • 5:40 - 5:41
    Yes!
  • 5:41 - 5:44
    We’re just fooling!
    This wasn’t a real situation!
  • 5:44 - 5:47
    This is Kevin.
    He’s a Computer Helper Guy.
  • 5:47 - 5:50
    And…NOT really an online criminal…
  • 5:50 - 5:53
    This is Calah!
    She’s a Computer Helper Girl!
  • 5:53 - 5:56
    That’s how password managers work.
  • 5:57 - 5:59
    Back to you, Me!
  • 5:59 - 6:01
    Ha! That was awesome.
  • 6:01 - 6:04
    Some password manager options
    are available
  • 6:04 - 6:09
    on Self Service on the Mac
    and Company Portal on your PC.
  • 6:10 - 6:13
    But hey, there are many more.
  • 6:13 - 6:17
    You might check with your colleagues
    to see what they’re using
  • 6:17 - 6:23
    or reach out to ServiceDesk@msnpath.com
  • 6:30 - 6:32
    ART 2025 INFORMATION SECURITY
    3. PHISHING
  • 6:38 - 6:39
    Next, let’s talk about phishing.
  • 6:39 - 6:43
    I know… phishing, fishing…
    low hanging fruit.
  • 6:43 - 6:46
    But we’re talking about
    phishing with a P-H.
  • 6:46 - 6:48
    Phishing scams are emails
  • 6:48 - 6:53
    or online messages designed to look
    like they come from a trusted source.
  • 6:53 - 6:57
    The goal is to trick you into clicking
    a link or opening an attachment
  • 6:57 - 6:59
    that would expose you
    to sending personal data
  • 6:59 - 7:03
    to a scammer
    or launching malware or a virus.
  • 7:03 - 7:08
    Thankfully, if you’re paying attention,
    you can usually recognize the signs.
  • 7:08 - 7:13
    Phishing messages will often come with
    urgent or emotionally appealing language.
  • 7:13 - 7:17
    They’ll be requests
    to send personal or financial information.
  • 7:17 - 7:22
    There may be an unexpected attachment,
    web addresses that don’t look quite right,
  • 7:22 - 7:25
    and it could be from an email address
    that kinda looks odd,
  • 7:25 - 7:28
    like if you get an email
    claiming to be from Microsoft
  • 7:28 - 7:34
    but the email address is weird
    like CustomerSupport@microSAFT.com.
  • 7:34 - 7:38
    Sometimes poor grammar and misspellings
    can be a dead giveaway.
  • 7:39 - 7:43
    Some of these phishing messages
    have gotten pretty good and look good.
  • 7:43 - 7:47
    Trust your senses.
    If it looks off, it probably is.
  • 7:47 - 7:50
    Resist the urge
    to click anything in the email.
  • 7:50 - 7:51
    Report the messages as phishing,
  • 7:51 - 7:55
    and you can do that inside of Outlook
    using the Phish Alarm button.
  • 7:55 - 8:01
    Just select the email message and
    look for the Report Suspicious Email icon.
  • 8:01 - 8:04
    This is not to be confused
    with the Report Phishing option,
  • 8:04 - 8:06
    which is not the one you want.
  • 8:06 - 8:08
    The Report Suspicious Email button
  • 8:08 - 8:12
    is in slightly different places
    depending on your version of Outlook.
  • 8:12 - 8:14
    Once reported,
    if the email is deemed safe,
  • 8:14 - 8:17
    it will automatically
    come back to your inbox.
  • 8:17 - 8:22
    Sometimes these phishing messages
    will come up in the form of a web pop-up,
  • 8:22 - 8:24
    and it will look alarming like...
  • 8:25 - 8:26
    “We’ve detected a virus!
  • 8:26 - 8:30
    Call Help Desk at 1-800-bluhbluhbluhblah
    immediately!”
  • 8:30 - 8:34
    Don’t call that number, and don’t click
    on the pop-up. This is a scam.
  • 8:34 - 8:37
    We will never ask you
    to “Call Help Desk” from a web pop-up.
  • 8:37 - 8:41
    If you have legitimate malware, our
    security software will detect the threat
  • 8:41 - 8:44
    and the Information Security Team
    will reach out to you.
  • 8:44 - 8:50
    But if you’re in doubt, you may always
    contact ServiceDesk@msnpath.com.
  • 8:50 - 8:53
    So let’s leave them fish
    in the water.
  • 8:57 - 9:01
    ART 2025 INFORMATION SECURITY
    4. ONGOING SUPPORT
  • 9:02 - 9:05
    Finally, I know all of these things
    can be a bit daunting,
  • 9:05 - 9:09
    and most of you are not computer experts
    or Computer Helper People.
  • 9:09 - 9:12
    Well, we recognize that
    that can be a struggle sometimes.
  • 9:12 - 9:17
    Thankfully, you do have some computer and
    technology experts who are in your corner
  • 9:17 - 9:20
    ready to help and serve you
    in your work when you need help.
  • 9:20 - 9:23
    And we truly want to be an asset
    and a resource for you.
  • 9:23 - 9:26
    So, if at any time,
    anywhere in the world,
  • 9:26 - 9:30
    you need help getting this kind of stuff
    straightened out, please reach out to us.
  • 9:30 - 9:36
    You can start that conversation by sending
    an email to ServiceDesk@msnpath.com
  • 9:36 - 9:39
    or go to the Service Desk Portal
    on the Intranet.
  • 9:39 - 9:42
    Service Desk hours are 8 a.m. to 5 p.m.
    Eastern Standard Time,
  • 9:42 - 9:46
    and Service Desk will respond
    as promptly as possible.
  • 9:46 - 9:51
    And we - Service Desk, Technology Support,
    and Information Security - as a team
  • 9:51 - 9:53
    will be in your corner,
    ready to help.
Title:
2025ART InfoSec
Video Language:
English
Duration:
09:59
Jennifer Govea edited English subtitles for 2025ART InfoSec
Jennifer Govea edited English subtitles for 2025ART InfoSec
Jennifer Govea edited English subtitles for 2025ART InfoSec
Jennifer Govea edited English subtitles for 2025ART InfoSec
Jennifer Govea edited English subtitles for 2025ART InfoSec

English subtitles

Revisions Compare revisions