-
MFA stands for Multi-Factor Authentication.
-
It’s also called Two Step
or Two Factor Authentication.
-
Multi-Factor Authentication provides an extra step
of security for your online accounts and apps.
-
This extra step could be a code that’s sent
to you via email or code generated by an app
-
whenever you try to log in
to an account that has MFA set up.
-
You have to provide that special code in order
for your online login attempt to be successful.
-
This is to prevent an unauthorized login
by someone who gains access to your login info,
-
or gains access to your device.
-
As a company, MFA is required in order to access
your company login and resources.
-
Most of you have this setup
through Microsoft Authenticator,
-
but you can set up MFA
for many other online accounts.
-
Here are some recommendations:
-
Go to your settings in any online account.
-
Once you find the MFA feature,
turn it on for that account.
-
You’ll select your preferred settings
-
and usually the options are something like
receive a code via text message
-
or set up in an authentication
app like Microsoft Authenticator.
-
Different accounts
will have different preferences and options.
-
As a side note, it is not recommended to use SMS
or text message as an authentication method,
-
as it is not considered secure.
-
Push notifications
or an app code via an authentication app
-
are the preferred method
and much more secure.
-
And then confirm that the MFA you just set up
works by giving it a shot.
-
If you have questions or need help setting up
MFA on your company account,
-
please reach out to ServiceDesk@msnpath.com.
-
There’s so much noise out in the hall.
-
We didn’t know shot clinic day.
-
Great.
-
Oh, hello again.
-
It’s Clint, one of your Computer Helper Guys.
-
It’s nice to be-a back with you.
-
It’s nice to be back with you.
-
Let’s talk about password security again.
-
Yeah, I know some of you
were squirming a little bit.
-
You have those passwords
in a notepad in your pocket,
-
or you have them
on a checkbook registry.
-
I say it, because it’s happened!
-
Or you might have some
of the same passwords for everything.
-
And I know things like password complexity
and length requirements can be annoying.
-
It’s not meant to annoy you.
-
Hey, look, it’s a new day,
and it’s a good day
-
to get your password security under control.
-
Let’s talk about how you can do that.
-
Password complexity.
-
Your company password is required
to be at least 15 characters
-
and contain a certain level of complexity.
-
It would be wise to apply the same standard
to all of your passwords,
-
even for personal accounts.
-
There are a couple of ways to make sure
your passwords are more complex.
-
You can use a random string
of characters, numbers, and symbols.
-
Another way is to create a memorable passphrase
with 5 to 7 unrelated words.
-
Get creative with spelling
to make it even stronger.
-
Password uniqueness.
-
Use different passwords on every account.
-
Yep, this one is touchy.
-
I know, but this is one
of the biggest vulnerabilities.
-
If a data leak occurs that exposes
your username and password on one website
-
online criminals will try to use
that same username and password on other sites.
-
Would your bank account be protected?
-
Thankfully, there’s a tool made
exactly for this task.
-
If you’ve heard of it before:
password manager.
-
A password manager is an app that you can have
on your phone, computer, or both
-
that is encrypted and can store
all of your username and passwords securely.
-
They can even generate random unique passwords
for you when you create new logins,
-
so that you don’t even have to think about
what your password is going to be.
-
Let’s take a quick look
at how password managers work.
-
Hey, this is my password manager.
-
Just kidding.
-
Just kidding. Just…
-
Just kidding. It’s Kevin.
-
He keeps all of my passwords safe.
-
Oh, no!
An online criminal! Ahhhhhh!
-
Give me your passwords!
-
Nope.
-
Nope.
-
Nope. Nope. Unh-uh.
-
You have have the right password.
-
Unh-uh.
-
No.
-
Correct.
-
Yes!
-
We’re just fooling! This wasn’t a real situation!
-
This is Kevin.
-
He’s a Computer Helper Guy.
-
And…NOT really an online criminal…
-
This is Calah!
She’s a Computer Helper Girl!
-
That’s how password managers work.
-
Back to you, Me!
-
Ha! That was awesome.
-
Some password manager options are available
on Self Service on the Mac
-
and Company Portal on your PC.
-
But hey, there are many more.
-
You might check with your colleagues
to see what they’re using
-
or reach out to ServiceDesk@msnpath.com
-
[VO] Next, let’s talk about phishing.
-
I know… phishing, fishing… low hanging fruit.
-
But we’re talking about phishing with a P-H.
-
Phishing scams are emails
-
or online messages designed
to look like they come from a trusted source.
-
The goal is to trick you
into clicking a link or opening an attachment
-
that would expose you to sending personal data
to a scammer or launching malware or a virus.
-
Thankfully, if you’re paying attention,
you can usually recognize the signs.
-
Phishing messages will often come
with urgent or emotionally appealing language.
-
They’ll be requests
to send personal or financial information.
-
There may be an unexpected attachment,
web addresses that don’t look quite right,
-
and it could be from an email address
that kinda looks odd,
-
like if you get an email
claiming to be from Microsoft
-
but the email address is weird
like CustomerSupport@microSAFT.com.
-
Sometimes poor grammar and misspellings
can be a dead giveaway.
-
Some of these phishing messages
have gotten pretty good and look good.
-
Trust your senses.
If it looks off, it probably is.
-
Resist the urge
to click anything in the email.
-
Report the messages as phishing,
-
and you can do that inside of Outlook
using the Phish Alarm button.
-
Just select the email message
and look for the Report Suspicious Email icon.
-
This is not to be confused
with the Report Phishing option,
-
which is not the one you want.
-
The Report Suspicious Email button
-
is in slightly different places
depending on your version of Outlook.
-
Once reported, if the email is deemed safe,
it will automatically come back to your inbox.
-
Sometimes these phishing messages
will come up in the form of a web pop up,
-
and it will look alarming like,
-
“We’ve detected a virus!
-
Call Help Desk at 1-800-bluhbluhbluhblah
immediately!”
-
Don’t call that number
and don’t click on the pop-up.
-
This is a scam.
-
We will never ask you
to “Call Help Desk” from a web pop-up.
-
If you have legitimate malware,
our security software will detect the threat
-
and the Information Security Team
will reach out to you.
-
But if you’re in doubt,
you may always contact ServiceDesk@msnpath.com.
-
So let’s leave them fish in the water.
-
Finally, I know all of these things
can be a bit daunting,
-
and most of you are not computer experts
or Computer Helper People.
-
Well, we recognize that
that can be a struggle sometimes.
-
Thankfully, you do have some computer
and technology experts who are in your corner
-
ready to help and serve you
in your work when you need help.
-
And we truly want to be an asset
and a resource for you.
-
So, if at any time,
anywhere in the world,
-
you need help getting this kind of stuff
straightened out, please reach out to us.
-
You can start that conversation
by sending an email to ServiceDesk@msnpath.com
-
or go to the Service Desk Portal
on the Intranet.
-
Service Desk hours are 8 a.m. to 5 p.m.
Eastern Standard Time,
-
and Service Desk will respond
as promptly as possible.
-
And we - Service Desk, Technology Support,
and Information Security - as a team
-
will be in your corner,
ready to help.
