There is no denying the fact that the Internet has changed how we work, play, shop, and communicate with each other. As these technologies continue to advance, this also has opened a new portal for bad actors and other unscrupulous individuals who attempt to use these technologies for financial gain. The security of all our Breeze organizations is one of our highest priorities and concerns. Breeze routinely submits itself to third-party testing of our networks and monitors financial transactions for fraudulent activity. However, research has consistently shown that a large majority of “hacks” and comprised personal data do not originate from a vulnerability in an organization's security measures, but at the user level. Opening an attachment from an email or using easy to guess passwords are examples of access points for criminals.
With this in mind, the Tithely team has crafted this article to help you protect yourself and your organization from these bad actors who want to use your credentials and/or personal information for their own purposes.
-
Account Review Questions
- Have there been any changes to employee statuses recently? If so, ensure that you have updated Tithely User permissions to match. If there are users who no longer need access to your account, this is a good time to go ahead and remove their users.
- When was the last time you changed your password? If it has been more than 6 months, it is likely time to review it and change it.
- Use Multifactor Authentication (MFA) and encourage this across all of your users. If you do not have a verified phone number on your account, add one using the information in this Help Center article.
- Schedule a regular review of your organization and personal accounts. Make this part of your organization's routine!
-
Watch your Email Inbox Closely
When possible, confirm that you know who the sender is before opening an email. Email phishing is the number one method of gaining unauthorized access to personal information. In some cases, this can occur simply by opening an unfamiliar email. If you’re unaware of who sent the message, leave it alone until you’re able to find out for sure. Here is a third party article from the FTC with additional information on how to identify email spoofing/phishing attacks.
-
Keep your Computer OS, Mobile Devices, and Browsers Up to Date
Many recent hacks affect outdated versions of systems. To ensure your security measures are up-to-date, make sure you are installing all software updates as they become available. Browser updates are a key component of overall security and functionality.
-
Lock your Desktop and Mobile Devices
It’s important to lock your desktop and mobile devices after a certain amount of time. We recommend having your desktop computer lock after five minutes and your mobile phone after one minute of inactivity. Doing so prevents unauthorized users from accessing your confidential information when you’re not present at your device.
-
Use Complex and Different Passwords
If a bad actor obtains your password, and that password is used across multiple platforms (Facebook, Email, etc…), then you run the risk of that bad actor gaining access to a greater portion of your personal information. Passwords should be a mix of numbers/letters/special characters and should be a minimum of eight characters in length. Store all passwords in a secure location. While there are several great password management software tools, 1Password is often recommended as one of the best options. If 1Password’s pricing is prohibitive, Bitwarden is also highly recommended from several security experts and offers a free option which may be perfect for your usage. You can also check if your email account has been involved in a security breach by entering it at https://haveibeenpwned.com/.
-
A Note on Internet Security Software
If you are a Windows user, then Internet Security software is absolutely essential as part of your security measures. While it’s true that Macs are less likely to be infected with malware than their Windows counterparts, over the past few years security experts have begun to recommend that Mac users also incorporate Internet security software into their security protocols.
By their very nature, Internet Security software creates some system impact. You may notice that your computer is slightly slower when the software is running a scan or, in some cases, the firewall that is part of the security suite will negatively affect your ability to load certain websites due to the firewall rules. Browser extensions installed in your browser (privacy, anti-malware) have also been known to negatively affect the ability to load some sites or will interfere with particular features. While these security features are greatly appreciated when visiting an illegitimate site, our technical support teams at Tithely will occasionally experience a scenario in which a particular security product interferes with some core functionality within Tithely.
If other websites are able to load (you have Internet access) but Tithely isn’t loading for you in your preferred browser, one possible cause might be your security software. Temporarily disable your Internet Security features and see if Tithely loads/performs as expected. If so, please contact our Tithely Support team, and we may be able to provide you additional information to input into your security software to allow Tithely to function properly.