October cyber awareness: Shielding your digital identity

Key Takeaways

In the blink of an eye, cyber threat actors can easily rob your bank and retirement accounts of lifelong savings.

They already have access to millions of names, addresses, cell numbers and in many cases, bank account numbers as well as social security numbers and birth days. And now we must deal with advanced face recognition as a result of AI (or artificial intelligence) advancements. AI is for another article!

To reach your gate to board your plane, you must pass through security. Do you know what they require – two forms of identification. One that your boarding pass has your name on it and two, your driver’s license (with real id) so they can compare the name and photo. Society accepts this requirement eagerly because know that it protects us during flights by preventing unwanted individuals from entering the secure areas of an airport and boarding flights that they are not booked on.

Do more

Identify your top three work and personal online accounts and verify that MFA is implemented

Airport security is a fantastic way to explain multi-factor authentication (MFA). Not only do you have to put in your username and password to get to a private account, but you also must enter a pin number that the site sends to your cell phone. This is just one example of MFA. Pretty ingenious in my opinion. Who else would be holding your cell phone. Hopefully, no one!

Just like the airport security, your county technology support should have implemented or is in the process of implementing MFA on your main county account. This extra security adds protection to county data. Data that includes resident and employee personally identifiable information, medical information, and other non-public information such as bank account and credit card information. Beyond your main county account, Multi-Factor Authentication, also referred to as single sign-on (where your identity is pre-verified with MFA), should be required for the cloud applications that the county uses for such functions as HR, Finances, Payroll, Case Management Systems and the like. By implementing this security measure, well over 80% of cyber-attacks can be thwarted.

Many organizations and counties already have this extra security measure in place for your email and other online applications. If not, you should be inquiring your manager or IT support as to how MFA can be implemented so that your work accounts have stronger security in places. It may be in the roadmap, or it might be because of the cost. Whatever the reason, it is vital that you support this direction and encourage those that oversee the work technology environment to put such measures in place.

Take this one step further. For your online personal presence, at a minimum you should have MFA implemented on accounts such as banking, retirement, personal email, social media, credit card, mortgage accounts, etc. Wherever, you have personal or financial data, is where you should have MFA in place.

As one county recently shared on the NACo Tech Xchange in answering what they are doing for October Cyber Awareness month:

Their personal email account is where all the password reset emails go. That makes their personal email account their personal crown jewel. If we can teach our employees to be more secure in their personal lives, that attitude will follow them into the office.