Cybersecurity Awareness - April 2025


Article Body

NEED TO KNOW NEWSLETTER        APRIL 2025

Security Risk: Using work credentials

 

Using your work email and passwords
Unsupported image type.Unsupported image type.Unsupported image type.Unsupported image type.within external systems can be risky. Your IT Department can only protect systems they control, and external systems might not be as secure. This could expose your organization's sensitive information and compromise its systems.

What are those security risks?

  • Unauthorized Exposure
    • If an external system is compromised, your work credentials could be stolen. 
      • The identifier “@yourorganization.com” email clarifies that the credentials belong to your organization, making it a target.
  • Expanded Attack Surface
    • Even if the external system doesn’t have sensitive data, a stolen password can be used to access other systems where you have permission.
  • Loss of Security Control:
    • External systems are outside your IT Department’s control and cannot enforce security standards or respond to breaches within or outside the organization.

Best Practices for Preventing Data leaks.

  • Use Microsoft Login: If available, use the “Login with Microsoft” option to avoid storing your password on external systems
  • Use Unique Passwords: Never reuse your work passwords or login ID’s for external or personal accounts.
  • Enable Multi-Factor Authentication (MFA): MFA adds an extra layer of security by requiring a second verification method (e.g. mobile app. or text code)
  • Never Share Credentials: Don’t share your passwords or user IDs or store them in unsecured locations.
  • Monitor for Suspicious Activity: Regularly, check your account activity and report any unauthorized access immediately.

 

What to do if credentials are compromised:

  • Change your Passwords/Passphrases immediately: Update your email password/passphrase and any linked accounts right away.
  • Notify your IT / Security Teams immediately: Report the breach to internal security teams to investigate and mitigate further risks.
  • Monitor Account Activity: Look for suspicious activity like unfamiliar emails or unauthorized access.
  • Review Connected Accounts: Check any third-party apps. or services linked to your email account for unusual activity.

 

A Shared Responsibility:

By following these security measures, we can better protect our systems, data, and users from potential cyber threats.

It’s important to remember that cybersecurity is not just the responsibility of the IT Department, but of every employee. Each of us plays a crucial role in maintaining the security and integrity of our organization’s information. By being vigilant and following best practices, we can prevent unauthorized access, reduce the risk of data breaches, and ensure that our systems remain secure and efficient. Let’s work together to create a safer digital environment for everyone.