Multi-Factor Authentication II: A Portable 2-Factor Authentication App


Protecting Your Accounts: The Importance of Two-Factor Authentication and 2FAS

One of the difficulties that has arisen as our society grows ever more digital is the need to verify identities. Early applications used simple passwords, then username-password pairs, then increasingly more complex passwords to try and stay secure. This produced several issues, including the need to maintain password databases, the need to secure those databases, and the difficulty of establishing that someone who knew the login credentials was ACTUALLY the person that the credentials belonged to. 

As Bronson mentioned in his post about passwords, multi-factor authentication can help resolve this issue. Because it introduces another source of identity verification, it means that an attacker needs more than just a username and password to gain access to a secured application.

What is Two-Factor Authentication?

Two-Factor Authentication, or 2FA, is a security process in which a user provides two different authentication factors to verify their identity. This adds an extra layer of protection to the login process. The two factors typically include:

  1. Something You Know: This is usually a password or PIN.
  2. Something You Have: A physical device, like a smartphone or a hardware token, that can generate or receive a one-time passcode (OTP).

With 2FA enabled, even if someone gets hold of your password, they still can’t access your account without the second piece of information.

Introducing 2FAS: A Free and Reliable 2FA Solution

OSU has been using DUO authentication to provide this extra layer of security for logins for some time now; however, what if you want to use 2FA for non-OSU apps or accounts? I ran into this a year or so ago when Github began requiring 2FA for logins. Github is a code repository used by many developers to maintain their codebases; it needs to be secure to prevent destruction of the code that lives there. I did some looking and settled on 2FAS as the application I wanted to use.

Reasons I like 2FAS:

  • Easy Setup: 2FAS allows users to easily add multiple accounts by scanning QR codes from supported websites. Sites that don’t use QR codes are also (generally) easy to add. Many of the major sites (LinkedIn, Facebook, Google and so on) have tutorials built into the application to help set up connections.
  • Offline Use: The app generates codes even when your phone is not connected to the internet, ensuring you can always access your accounts.
  • Multiple Accounts Support: You can manage all your two-factor authentication accounts in one place, making it more convenient than juggling multiple apps or devices.
  • Backup and Restore: 2FAS offers a simple way to back up your accounts and transfer them to a new device if needed, minimizing the risk of being locked out.
  • Free to Use: Unlike some services that charge for additional security features, 2FAS provides its core functionality for free.

How to Get Started with 2FAS

  1. Download the 2FAS app from your device’s app store (available for both Android and iOS).
  2. Link Your Accounts: For each account that supports 2FA, go to the security settings and enable two-factor authentication. You will usually see an option to scan a QR code.
  3. Secure Your Account: After scanning the QR code with 2FAS, the app will generate a time-sensitive code that you can use to complete the setup. Moving forward, every time you log in, you’ll input your password followed by the code generated in the app.

Final Thoughts

Implementing two-factor authentication is a simple yet highly effective way to protect your online accounts. Whether you’re using 2FA for personal accounts, business tools, or financial services, it adds a much-needed layer of security in an era of increasing cyber threats. Tools like 2FAS make the process easy, free, and highly reliable, ensuring that your accounts remain secure without complicating your life. I’m using it for several of my accounts and it really is easy.

Take control of your digital security today—enable two-factor authentication and consider using 2FAS to simplify the process!

Zoom AI Companion

Zoom recently introduced AI features that could enhance your Zoom Meetings and provide users with more personalized experiences.  OSU Enterprise IT has announced that some of these features will be available to all those who login to Zoom with their OSU accounts and are available now.

AI-Powered Meeting Assistance

Zoom’s AI assistant can summarize meetings, capture key action items, and generate follow-up tasks automatically. This allows participants to stay focused on discussions without worrying about missing important details. Participants will also be able to chat with Zoom AI Companion about what they missed if they join late and get real-time responses during your meeting. Read some of the tips and tricks for Zoom AI Companion from Zoom employees here.

Real-Time Transcription and Translation

The platform has integrated real-time transcription and translation services powered by AI, enabling participants from different linguistic backgrounds to communicate more effectively. This feature helps to foster inclusivity and ensures that language barriers don’t hinder collaboration.

AI Companion in Whiteboard

AI Companion can help jumpstart brainstorming by generating topics for discussion based on your prompt. After a prompt or using content already available, AI Companion can generate content for your whiteboard, and then help you organize with mind maps and flowcharts.

Enhanced Data Privacy

With AI handling more of the workload, Zoom has placed a strong emphasis on data security and privacy. The AI features are designed with encryption and compliance standards in mind, ensuring that your data remains secure. Zoom does not use any customer audio, video, chat, screen sharing, attachments, or other communications-like customer content (such as poll results, whiteboard, and reactions) to train Zoom’s or its third-party artificial intelligence models. Read more about Zoom AI Security and Privacy here.

Conclusion

Zoom’s latest AI features offer a significant upgrade to the virtual meeting experience. Whether through smarter meeting summaries, seamless translation, or automated scheduling, these tools are designed to make virtual collaboration more efficient and user-friendly. Stay ahead of the curve by leveraging these new capabilities in your daily workflow. Check out the Zoom AI Companion website for more information.

Traveling Abroad? Essential Tech Tips for the Savvy Traveler in 2024

As you embark on international adventures, ensuring smooth technological connections and security is paramount. Here is a comprehensive guide to help you navigate the digital landscape of your foreign destination with ease and confidence. 

Considerations covered in this article:

VPN: Your Global Gateway

When traveling, a Virtual Private Network (VPN) becomes your indispensable digital companion. Various countries implement restrictions on popular websites and services, which can significantly impact your online experience. For instance, travelers might encounter challenges accessing their favorite platforms, such as Google Maps, Gmail, or social media sites like Facebook and Instagram. These restrictions can range from reduced speeds to complete blocks. 

A VPN creates a private and encrypted connection between your device and the internet. When choosing a VPN, look for established providers renowned for their robust security protocols and commitment to user privacy. Features to consider include:

  • Strong Encryption: The use of advanced encryption protocols ensures your data remains secure, making it difficult for unauthorized users to intercept. 
  • Stealth or Obfuscation Capabilities: These features allow your VPN connection to appear as regular internet traffic, helping bypass firewalls and defeat restrictions in countries with strict digital monitoring. NordVPN’s obfuscated servers and ExpressVPN’s stealth mode are prime examples. 
  • Global Server Network: Select a VPN with servers located in various countries. This ensures you have options to connect to a nearby server for faster speeds or a server in your home country to access region-locked content. 
  • Backup VPN Provider: Consider a secondary VPN service, like ProtonVPN, as a backup in case your primary VPN encounters issues or blocks. 

Before your trip, thoroughly test your chosen VPN to ensure it meets your needs and troubleshoot any potential issues. 

Data Management and Device Fortification

Digital Travel Lightly and Securely: When traveling, minimize the storage of sensitive and confidential information on your devices. Unnecessary data, such as financial records, sensitive work-related documents, or politically sensitive materials could become liabilities if devices are lost, stolen, or compromised. 

Backup and Cloud Services: Prioritize backing up essential documents such as passports, visas, and travel itineraries. Cloud storage services like OneDrive, iCloud, Dropbox, or Google Drive are excellent options for creating secure off-site backups. Store digital copies and ensure you can access them offline, as internet connectivity may not always be available. 

Password Management: Use a password manager like 1Password or LastPass to generate and store unique, complex passwords for all your accounts. This ensures that even if one account is compromised, the rest remain secure. 

Device Security Essentials: Enable your device’s built-in firewall and install reputable antivirus/anti-malware software (e.g., Defender, Bitdefender, Norton). These tools provide an extra layer of security against cyber threats. Additionally: 

  • Phishing Awareness: Be cautious of phishing attempts, often disguised as emails or messages from seemingly legitimate sources. Avoid clicking links or providing personal information without verification. 
  • Multiple Devices for Sensitivity: Consider using a separate device for sensitive tasks like online banking or conducting important business transactions. Alternatively, a burner phone with a local SIM card can provide enhanced privacy and security. 

Effective Communication Across Borders

Connecting with loved ones back home during your travels is essential. However, communication barriers can arise when popular apps from your home country are blocked overseas. 

Local Communication Apps: Research and familiarize yourself with messaging apps that are prevalent in your destination country. For example, WhatsApp is widely used across Europe and South America, while Line dominates in Japan and Thailand. Adopting these local alternatives ensures seamless communication within the region. 

Country-Specific Communication Platforms: In countries like China, where online services are highly localized, apps like WeChat are indispensable for messaging, payments, and even ordering food. Ensuring you have access to such platforms is vital for a smooth daily life and maintaining connections with locals. 

Backup Communication Methods: Before your trip, inform your contacts about potential communication challenges and establish alternative methods: 

  • Email as a Backup: Consider using email providers less likely to be blocked, such as Outlook, as a reliable backup communication channel. 
  • International Messaging Apps: Signal and Telegram are popular options for secure, international communication, offering end-to-end encryption and the ability to send messages without a phone number or local SIM. 
  • Local SIM Card: Purchasing a local SIM card upon arrival can be a cost-effective way to stay connected. These provide local data plans and seamless connectivity. Look for official provider kiosks (e.g., Vodafone, Orange, AIS) at airports or visit reputable local mobile stores. When buying a SIM, ensure the data package suits your needs, and inquire about tethering options if you plan to connect multiple devices.  

Relying solely on Google Maps can be risky when traveling to certain countries, as it may face restrictions or have limited coverage. To ensure you don’t get lost in translation, consider the following tips: 

Local Map Apps: Explore and download comprehensive offline map applications specific to your destination country or region. For instance, Baidu Maps or Amap (Gaode Maps) in China, Naver Map in South Korea, or Maps.me for global offline mapping. These apps often include public transportation information, which is invaluable for urban exploration. 

Language-Based Navigation: Learn basic navigation phrases and directional vocabulary in the local language (e.g., left, right, straight). Store essential addresses and destinations written in the local script on your phone. Request hotel staff to write critical location names in the local language to ensure accurate communication with taxi drivers or when asking for directions. 

Translation Apps: Equip yourself with powerful translation tools like Google Translate or DeepL. These apps not only help with translating written text but also often offer voice translation, making communication with locals, taxi drivers, or rideshare providers much more manageable. 

Embrace Local Culture and Legal Norms

Technology Etiquette and Legal Matters: Respect for local customs and laws surrounding technology use is paramount to being a responsible traveler. Here are some key considerations: 

  • Drone Regulations: Some countries have stringent laws regarding drone usage, including restrictions on specific areas or the requirement of permits. Always research and comply with local regulations before flying your drone. 
  • Photography and Privacy: Be mindful when taking photographs, especially of government buildings, military installations, or certain cultural sites. Respecting local sensitivities can prevent unintended violations. 
  • Phone Etiquette: Learn the local norms regarding phone usage in public spaces. Making loud calls in libraries, temples, or other quiet venues may be frowned upon in some cultures. 
  • Social Media Savvy: When sharing your experiences online, avoid posting content that might be offensive or disrespectful to locals. Stay informed about potential cultural taboos, and refrain from engaging in controversial topics that could cause misunderstanding or offense. 

By embracing local customs and legal norms, you can foster positive relationships with locals and ensure a more harmonious and memorable travel experience. This cultural awareness will contribute to a smoother journey and allow you to create meaningful connections with the places and people you encounter on your adventures. 

Final Thoughts

As you prepare for your international journey, approach technology as a tool to enhance your experience rather than a potential hindrance. With careful planning, testing, and adaptation to local practices, you’ll navigate the digital landscape of your destination with ease, ensuring a memorable and well-connected trip. Happy and safe travels! 

Keep Your Home Computer Running Smoothly: Easy Steps for Updating Windows and Mac

For computers connected to the OSU network, Agriculture IT has you covered when it comes to keeping your office machine up to date.  Our IT team handles operating system updates so you don’t have to think about it.  But when you are at home working on your personal computer or using an OSU computer off of our network, it is important to stay on top of updates. 

Why is this important?

Updating your operating system and office productivity software helps keep your computer running smoothly and protects it from security threats.  So while we handle these updates at work, make sure to give your personal computer a quick check at home now and then. 

Here’s how to easily update your home computer, be it either Windows or Mac. If you would like to see screenshots showing these steps, please visit the links in the references section at the bottom of this article.

For Windows Users:[1]

  1. Open Settings: Click on the Start button, then head to “Settings” (the little gear icon).
  2. Find Updates: Select “Update & Security”.
  3. Check for Updates: Click “Click for updates”.  Windows will let you know if there are any available updates.
  4. Install Updates: If there are updates available, click “Install”, and let your computer do the rest. 
  5. Reboot Computer: Once the install completes, reboot your machine.  When the computer reboots, it is a good idea to go through the process a second time, to make sure there aren’t other updates waiting.
  6. Automatic Updates: You can set your Windows computer to check for automatic updates. When you are at step 2 above, look for “Get the latest updates as soon as they’re available” and change the button to “On”. Going forward, Windows should update itself automatically.

For Mac Users:[2]

  1. Go to System Settings: Click on the Apple logo in the top-left corner of your screen.
  2. Check for Software Updates: Navigate to “System Settings” (or “System Preferences” for older versions of MacOS).
  3. Install Updates: Click “Software Update”.  If any updates are available, follow the prompts to install. 
  4. Reboot computer:  Once the installation finishes, it should prompt you to reboot.  When the computer reboots, it is a good idea to go through the process a second time, to make sure there aren’t other updates waiting.
  5. Automatic Updates: You can set your Mac to install updates automatically. When you are in step 3 above, look for the option to “Automatically keep my Mac up to date” and check it. Going forward, your Mac should update itself automatically.

For Office 365:[3]

  1. Open Any Office Application: Open any Office app like Word, Excel, or PowerPoint. The process works no matter which one you choose.
  2. Go to the Account or File Menu: Once open, click “File” (top left corner) and scroll down to “Account.” In some apps, you may see “Account” or “Office Account” directly in the menu.
  3. Check for Updates: In the Account section, look for a section called “Office Updates” and click “Update Options.”
  4. Select “Update Now”: From the drop-down menu, choose “Update Now.” Office will check for available updates and install them automatically if needed.
  5. Wait for the Process to Complete: After selecting “Update Now,” give Office a few minutes to download and install updates. You may need to restart the app afterward.

This should get your computer up to the latest and greatest version of its available operating system and Microsoft Office.  It’s a good idea to check for Operating System updates once per month, as both Microsoft and Apple are continually releasing updates to keep your computer protected.  Please let us know if you have any questions. 

References:

[1] https://support.microsoft.com/en-us/windows/update-windows-3c5ae7fc-9fb6-9af1-1984-b5e0412c556a

[2] https://support.apple.com/en-us/108382

[3] https://support.microsoft.com/en-us/office/install-office-updates-2ab296f3-7f03-43a2-8e50-46de917611c5

How to Inventory Your Technology for Recovery & Claims 

Severe weather, fires, theft, and misplaced items while traveling are already high-stress situations. You may find yourself needing to submit an insurance claim or police report for your phone, laptop, or tablet during one of these situations. You start to make your report and get asked the make, model, and serial number of your device. Would you be able to provide that information without the device right in front of you? 

For work-issued technology, Agriculture IT might have the information if you worked with them on purchasing or if you requested an inventory assessment. For personal items you must build your own inventory list and store it in locations you can access during a natural disaster or when traveling. If you already have homeowners or rental insurance, you may already perform inventory assessments to ready yourself for claims, so collecting the following information for technology will be an additional step in your readiness plan. 

What information should I collect? 

Essential 

  • Make/Brand 
  • Model 
  • Serial number 

More useful for recovery or claims 

  • Physical description 
  • Copy of purchase receipt or invoice 
  • A picture of item 
  • MAC address for items that are internet connected 

What devices should I include? 

You should include any item you use as your primary or day-to-day technology in your inventory. Anything else can be added if it’s important to you for replacement. 

Example of items 

  • Laptop 
  • Tablet 
  • Mobile phone 
  • Desktop computer 
  • TVs and computer monitors 
  • Printers and scanners 
  • Digital and video cameras 
  • Home theater equipment (projectors, stereo, speakers) 
  • Laptop docking station 
  • Technology accessories like expensive headphones, graphic design drawing tablets, etc. 

How do I find this information? 

Manufacturer, make/model, and serial number are usually found on the outside of the device either on a sticker or directly printed on the item. Other terms used to indicate serial numbers are SN, ST, or CN. Dell items use the term “service tag”  For mobile phones, laptops, desktop computers, and tablets, this information can also be found in the device’s system information.  

MAC addresses for networked items are found in the network settings for tablets, laptops, desktops, and mobiles phones. It’s usually found on a sticker on the outside of the device for network capable printers. 

If you need help locating the information for work-issued devices, Specialists in Agriculture IT can assist you. Using phrases like “Where do I find the serial number on an Apple laptop,” or “Where can I find the MAC address on my Android phone,” in an internet search can direct you to visual guides when building your personal inventory list. 

Where do I put this information? 

The more places you store this information, the better chance you have of accessing it when needed. Just like data backups, it’s recommended you store this information in 2 or 3 different locations. Ideally, you will have a collection of files: the inventory list, pictures of the items, and copies of item receipts. Examples of storage types and locations include,  

  • USB drive (external drive or USB “thumb” drive) in a safe location 
  • Cloud backup storage location 
    • Examples include OneDrive, Google Drive, iCloud, DropBox accounts 
  • Printed paper copies in a safe location 
  • Email to yourself 
    • Some personal email, like those through your internet provider, may have limits on how long an email will be stored before it’s automatically deleted.  

If you have a safety deposit box or an additional office or residence, a USB device or the printed paper copies can be stored there or wherever you keep copies of vital documents. 

Additionally, the OSU Police Department provides a “Personal Asset Inventory” service to students and employees for free. This can be accessed by going to my.okstate.edu and clicking on “Personal Asset Inventory” under “Quick Links,” or using the following link, https://apps.okstate.edu/pd_inventory/index.php

Feel free to contact us in Agriculture IT with questions about this article or if you have other cybersecurity questions.

Privacy Risks with Car Rentals

In today’s era of easy car rentals and rapid advancements in automotive technology, modern vehicles are equipped with a range of features designed to enhance user experience. However, many of these features may require access to personal information, which poses significant privacy risks if not managed properly.

Key features and Their Privacy Risks

  1. Bluetooth and USB Connectivity (with Charging) Many modern vehicles are equipped with Bluetooth and USB capabilities, allowing users to sync their devices with the car’s infotainment system for hands-free calling, music streaming, and other features such as Apple CarPlay or Android Auto. However, these features often require access to sensitive data like contact lists and call logs. Once synced, the car may retain this personal information even after the device is disconnected. This means the next person who rents the car could potentially access your personal data, posing a risk of privacy violations.
  2. GPS and Navigation Systems GPS and navigation systems are essential tools for drivers, but they also store sensitive data like home addresses, recent destinations, and frequently visited locations. If this data is not deleted from the car’s system, it could be exploited by malicious individuals, putting your personal safety and privacy at risk.
  3. Onboard Apps and Connected Services Many vehicles now offer the ability to download apps or subscription-based services such as Toyota’s Safety Connect or Lexus Enform. These services may require your personal information to function, including login credentials, location data, or even financial information.

What Information is at Risk?[1]

When renting a car, the following personal data could be at risk if not properly removed:

  • Contact lists
  • Call logs and text messages (hands-free calling)
  • Music streaming account logins (e.g., Spotify, Pandora)
  • GPS history (locations and routes)
  • In-car internet search history
  • Wi-Fi identifiers
  • Device names and pairing information

How to Protect Yourself [2]

  1. Be Mindful of Where You Connect Modern cars are essentially computers on wheels, which makes them vulnerable to hacking and data breaches. To protect your personal information, ensure that your devices are running updated antivirus software and the latest firmware.
  2. When using Bluetooth or USB to connect to the car’s infotainment system, follow these steps to ensure your data is deleted before returning the rental.

Deleting Bluetooth-Connected Devices

  1. Step 1: Access the car’s settings or menu and navigate to the ‘Bluetooth’ or ‘Devices’ section.
  2. Step 2: Find your device in the list of paired devices, select it, and choose the option to unpair, delete, or remove the device.
  3. Step 3: Verify that other personal data, such as call logs or contact lists, is also removed. If needed, delete this information manually.

Clearing GPS and Navigation History

  1. Step 1: Open the navigation menu.
  2. Step 2: Go to the settings or stored locations list.
  3. Step 3: Delete your navigation history and any saved locations, particularly your home address or frequently visited places.

Managing Onboard Apps and Services

  1. Step 1: Navigate to the apps or connected services menu.
  2. Step 2: For each app or service, you’ve logged into, be sure to log out and delete any stored data.

A major concern is that not all renters take the necessary precautions to unpair their devices or delete stored data from the car before returning it. This leaves a significant privacy risk for subsequent users and highlights the need for more awareness and better data management practices when using modern rental vehicles.

If you have questions about information provided in this article or about cybersecurity, please contact an IT Specialist in Agriculture IT!

References

[1] https://www.nationwide.com/privateclient/loss-prevention/articles/protect-your-privacy-in-a-rental-car#:~:text=Your%20sensitive%20data%20could%20be,system%20via%20Bluetooth%20and%20USB.&text=When%20you%20link%20your%20device,you%20have%20returned%20the%20vehicle.&text=You%20can%20help%20protect%20yourself,risks%20and%20safeguarding%20your%20data.

[2] https://fleetdefender.com/are-you-leaving-your-personal-data-on-rental-cars/#:~:text=Step%201:%20Navigate%20to%20the,settings%2C%20contacts%2C%20and%20more.

Strengthening Security: The Importance of Password and Physical Security in the Digital Age

In the modern information age, safeguarding sensitive information has become more critical than ever. Whether it’s personal data, university data, or even your social media accounts, both password security and physical security are crucial in protecting our valuable resources. Here’s why these two components are essential and how you can enhance them.

A close-up image of a computer screen with a lock imposed on it.

Password Security: The Digital Frontline

Passwords act as the first line of defense against unauthorized access to accounts and information. Unfortunately, weak passwords are often the easiest entry point for cybercriminals. With hacking techniques becoming more sophisticated, creating a strong password is not just a recommendation, it’s a necessity. Passwords are like the keys to your digital life. To keep your data and personal information protected you should use secure passwords and/or secure them in a password manager.

Common Weaknesses in Passwords

  • Simple passwords: Many people still use easy-to-guess combinations like “password123” or “abc123.” Also, the shorter the password, the easier it is for cybercriminals to guess or break.
  • Reusing passwords: Using the same password across multiple accounts puts all your accounts at risk if one is compromised. The same holds true for similar passwords.
  • Predictable patterns: Using personal information like birthdays, names, or common words makes it easier for attackers to guess passwords.
  • Lack of multi-factor authentication (MFA): Not taking advantage of MFA adds another layer of vulnerability.

Best Practices for Strong Passwords

  • Use a mix of characters: Combine upper and lower-case letters, numbers, and special characters.
  • Length matters: A strong password should be at least 12-16 characters long. The longer, the better.
  • Avoid common words or phrases: Stay away from easily guessable phrases and information. If your password is a common phrase from your favorite movie, it would be easier to guess than if it were random.
  • Use a password manager: Tools like Bitwarden or Lastpass can generate strong, random passwords and store them securely. This makes it easy to manage your passwords, as you only need the password for the manager to access all other passwords.
  • Enable multi-factor authentication (MFA): Always enable MFA when available. It adds a crucial extra layer of security by requiring a second form of identification beyond just the password. Many forms of MFA will send you text messages or emails to prove your identity, something that a cybercriminal wouldn’t have access to.
  • Regularly update passwords: Periodically changing your passwords reduces the risk of long-term attacks. And especially changing the password to your password manager occasionally would help to mitigate risk of data theft.

To find more tips and tricks for passwords, please visit https://www.cisa.gov/secure-our-world/use-strong-passwords from the Cybersecurity & Infrastructure Security Agency.

Physical Security: Protecting the Hardware

While password security protects the virtual realm, physical security is equally vital. Physical security involves measures that prevent unauthorized access to computers, digital devices, and sensitive documents in your environment. Cybercriminals don’t always operate in the digital world. Sometimes, they gain access to data through physical means.

Common Physical Security Risks

  • Unattended devices: Leaving laptops or phones unlocked in public places can lead to data theft. If you have a computer that is used by the public, making sure that there is a guest user on the machine that limits access to network resources is a must.
  • Weak building access controls: Lack of secure doors, locks, and surveillance can allow unauthorized individuals to enter restricted areas.
  • Stolen or misplaced storage devices: USB drives and external hard drives can be easily lost or stolen, potentially exposing sensitive data. Make sure to keep anything that contains sensitive data under lock and key.
  • Dumpster diving: Discarded paperwork or old equipment can contain valuable information if not disposed of properly.

Best Practices for Physical Security

  • Secure workstations and devices: Always lock devices when they’re not in use and store them in secure locations. A quick way to lock your computer or laptop is to tap the Windows Key + L on your keyboard before leaving your area.
  • Implement access controls: Use keycards or digital locks, or even just traditional door locks to control access to your office areas where computers or sensitive information is kept.
  • Shred sensitive documents: Before disposing of any paperwork that contains personal or sensitive information, shred it to prevent theft.
  • Surveillance systems: Install cameras and alarms in critical areas to deter unauthorized access and monitor activity.
  • Regular audits: Perform periodic checks of your security infrastructure to identify weaknesses and ensure compliance with physical security protocols. Role play as a customer that has access to your office space and identify which areas are prone to security risks.

Combining Both: A Holistic Approach to Security

A layered approach that combines password security and physical security is essential. Even the strongest digital security can be undermined if someone gains physical access to your devices, and the best physical security measures won’t help if your passwords are weak. Here are a few key considerations for a comprehensive security strategy:

  • Training and awareness: Educate employees and family members about the importance of both password and physical security. Awareness of phishing attempts, shoulder surfing, and tailgating can significantly reduce risk.
  • Incident response plan: Have a clear procedure in place in case of a security breach, whether digital or physical. Time is critical when responding to security incidents.

Conclusion

Both password security and physical security are pillars of a strong security framework. While many people focus heavily on digital security, it’s important not to overlook the physical aspects that could make your data vulnerable. By taking a comprehensive approach and implementing best practices in both areas, you can significantly reduce the risk of security breaches, protecting your assets in both the virtual and physical world. Feel free to contact your Computer Support Specialist to address any concerns you may have on securing your environment.

Also be sure to check out CISA.gov and staysafeonline.org for more information on cybersecurity.