I got one of my usual google feeds today where 2 posts were relevant to our security discussions: the first was a question posted on a google chrome forum about what to do in the case of an email compromise:

What to do if a hacker has synced your data through chrome before you changed your password.

… I've already changed my password. Just worried if my information is still accessible due to the hacker syncing my data. If so, is there any way I can fix this or Google-chrome can intervene and fix it?

The response was quite lengthy but explained multi factor authentication and how to prevent this situation.

 You can find the original post here:

https://support.google.com/chrome/thread/278971169/what-to-do-if-a-hacker-has-synced-your-data-through-chrome-before-you-changed-your-password?hl=en

The second article was almost the complete opposite. New Hampshire Public Radio had an attack and was posting preemptively to notify end users, which is now required by the FTC. Their quote was the following:

“Thanks to our robust cybersecurity measures and preparedness, we have managed to mitigate the impact of this attack,” Boucher said.

You can find the original press release here:

https://www.nhpr.org/nh-news/2024-06-07/nhpr-reviews-potential-data-breach-from-cybersecurity-attack

I find these posts fascinating. Which one would you prefer: experiencing a cyber attack and having to use google for answers? Or feeling confident that the measures you have put in place were worth the effort? Think about where your business stands right now.

Let’s talk about Multi-Factor Authentication…what it is and why we care.

When a computer requests access to your email or other system, it wants to verify you should have access. You enter your user name and password. It used to be that that password would verify your identity. Now with passwords being compromised, and programs being breached, your passwords are no longer enough. We need our systems to be more robust. To do that, we send a second check to a phone or email, so if one system was compromised, then a secondary system will catch and verify your identity.

There are several ways to set up two-factor authentication. An email or text message is the simplest form, but if your phone or email was the original method compromised, this may not be safe. We recommend using either an additional app or program to verify. On our phones we can set up facial recognition, or an authentication app that requires facial recognition to sign in to. There are new security features built into Windows 11 as well that can use pieces of hardware to verify computer identity. This will continue to change, but what will not, is that Multi-Factor authentication is here to stay. It is one of these best ways we can reduce email and data breaches.

There are a lot of factors we at Siligent put in place as part of a cybersecurity plan including training, security tools, business processes, practice runs, and drills. We can help you evaluate whether you have “robust cybersecurity measures and preparedness.” We want to keep you from being one of those desperate enough to google advice at one of the most vulnerable moments of your life. Contact us to learn more.