Two Things You Can Do

If you were to ask Director of Information Security John Craft the two best things you can do to improve your security today, he would tell you to implement Multi Factor Authentication (MFA) on as many of your accounts as possible and to be diligent updating your software. 

At Richmond, MFA is required to log into our virtual private network (VPN), to access your email, or to access sites like Bannerweb from off campus among other specific applications. You also may have had opportunities to set up MFA for your personal accounts on Google, Amazon, and other sites. Information Security at the University of Richmond recommends that you set up MFA everywhere it is offered to you. 

"Multi-Factor Authentication, or MFA, is one of the most effective methods of protecting yourself against credential compromise," says Craft.  In a study conducted by Microsoft it was concluded that 99.9% of account compromise incidents examined during the period of their study would have been prevented had the organizations utilized MFA. 

The University of Richmond utilizes Duo MFA as the default MFA application for access to university-managed applications.  This simple and effective control could prevent you from becoming the victim of account compromise or identity theft.   For more information about Duo MFA simply search for that phrase on SpiderTechNet.

Software updates are an critical component of maintaining a secure computer system. By regularly updating your computer systems, phones, and tablets, you are helping to protect those devices against security vulnerabilities while also taking advantage of updated features for the software. 

You should regularly check for updates on your computers and devices. Windows and Mac OS operating systems are usually set to automatically check for updates, but you may want to verify that your systems are set up this way. In addition, it's important to keep your software applications up to date. Some of these may also have automatic updates, while others require you to manually check for updates periodically. Security vulnerabilities in operating systems and applications are a common pathway for bad actors to attack your computer and gain access to your sensitive data.

Craft suggests turning on automatic OS and software updates wherever possible and setting a regular schedule for checking applications that do not automatically update. “The old saying of 'An ounce of prevention is worth a pound of cure' not only applies to our health but also to our computing systems.  Regularly applying software security updates is a fundamental best practice that can save you a lot of grief if you are the target of a cyber-attack.”

Using Multi Factor Authentication and keeping your software up to date are two simple and effective practices you can adopt that will go a long way towards securing your systems and information. For more information on these and other information security-related topics, visit the University of Richmond Information Security website.