If you have been getting reminders not to open spam or phishing emails from the IT team, pay attention and follow their instructions!
At CTS, we prioritise the security of our IT systems and data. We understand how crucial it is to maintain a strong and reliable security setup to ensure the safety of our sensitive information, prevent potential threats, and keep our business running efficiently.
These reminders are just the tip of the iceberg of our security setup. Behind the scenes, the IT team has implemented numerous measures to protect our systems and data. One of the ways we are ensuring better IT security is by improving our Microsoft 365 Score. The good news is our score has improved (from 32% to 64%!)!
But what exactly is Microsoft 365 Score? It is like a scorecard that measures how well your organisation’s Microsoft 365 setup protects against security risks. Essentially, it gives you a number showing your systems’ security. The score is based on things like how you manage user access, protect your data, and detect and respond to threats. In simpler terms, think of it like a coach giving you tips to improve your game. The higher your score, the better you are at keeping your data safe and protected from hackers!
What YOU Can Do to Improve IT Security
While our IT team takes care of the technical aspects of enhancing our IT security, everyone at CTS can also play a part in keeping our systems safe. Here’s how you can help:
1. Be sceptical of suspicious emails
Prevention is better than cure! If you receive an email that seems suspicious or too good to be true, it probably is. Watch out for emails asking for personal information, urgent requests for money, or unexpected attachments.
2. Double-check the sender
Check and double-check who’s sending you that odd-sounding email. Pay attention to the email address of the sender. Phishers often use email addresses that mimic legitimate ones but have slight variations. If something seems off, it’s best to verify with the supposed sender through a different channel (e.g., a phone call) before taking any action.
3. Verifying links before opening
Clicking on a suspicious link can lead to harmful consequences. When you receive an email or message with a link, take a moment to think before clicking. Ask yourself if it looks trustworthy. Thankfully, Outlook and Teams can help verify links for you – if a link seems suspicious, they will flag it and protect you from potential risks.
4. Protecting against impersonation attacks
Impersonation attacks are when someone pretends to be someone else via email, aiming to deceive or trick you into taking harmful actions. Be cautious when receiving emails that seem out of character or unusual. Most importantly, don’t share sensitive information. Be wary of password requests, account numbers, or other personal details, especially if they seem unexpected.
5. Report suspicious emails or phishing attempts
If you receive a suspicious email that appears to be phishing or seems like an impersonation attempt, report it to the IT department or email provider. The IT team can investigate and take appropriate action to protect others.
Backend IT Security Enhancements You Should Know
Just so you’re aware, our amazing IT team has made some behind-the-scenes improvements to keep our system safe and secure:
Immediate Quarantine of Phishing Emails: When our email system spots an email that looks fishy and might be a phishing attempt, we ensure it gets locked up in a separate area called quarantine. This way, it doesn’t even get a chance to reach our users’ main email inboxes.
Zero-Hour Auto Purge (ZAP) Policy: We’ve set up a clever system that closely monitors our existing email inboxes. It regularly scans them to catch any sneaky phishing emails that might have slipped through the cracks. If it finds any, it immediately isolates and eliminates them to keep us safe.
Blocking Phishing Domains: We’ve created a list of known phishing domains and added them to a special blocklist provided by Microsoft. This means any emails from these shady sources won’t make it to our systems. It’s like having a solid wall of protection against those malicious emails.
Safe Links: This link verification process acts like our own personal security guard for the links in emails sent through Microsoft’s applications. It checks those links against a database of known bad links. If it finds a dangerous one, it steps in and stops you from opening it, even if you accidentally click on it.
Microsoft Defender 365: This is a powerful tool specifically designed to tackle sneaky phishing attempts. By following Microsoft’s security recommendations, we’ve set up and strengthened these policies to make sure we’re extra secure.
By creating an environment where we prioritise IT security, we can effectively safeguard our important information. Let’s stay alert, keep ourselves updated, and work together to maintain a secure and strong IT ecosystem at CTS!
If you have any questions regarding our security system, reach out to Senior Software Development Project Manager Billy Kum at billy.kum@changirecommends.com.sg.
Commentaires