ORRacle

New IT Security Procedures and Services

Comments: 0

Security is the “safety” of IT. As companies grow and networks become more and more interconnected the need for security rises. Infections, corruption, and other intentional and unintentional activity can be spread to all the connected devices in a system. To reduce these risks, there are measures we can take. 

The current transition to Google and the upcoming implementation of Odoo are parts of these efforts. Cloud-based systems are not immune, but they are better protected and easier to recover than network-based systems. This is why we want all your files in Google Drive. We realize that some of you may need assistance in this area, and we are taking steps to provide that assistance.

Here is what to expect in the coming days and weeks:

Requests for Password Changes

change passwordYou will see more requests for changes to passwords for your critical systems. I realize that changing passwords frequently can be somewhat painful. But regularly changing them can reduce the chance of your password being compromised. Furthermore, people tend to use the same password in multiple systems. Frequent password changes provide extra protection in the event your preferred password is somehow compromised.

The Introduction of Multi-Factor Authentication                                      

Multi factor authenticationMulti-factor authentication (MFA) is a fancy way of describing the process used to verify that a request is coming from a legitimate person by contacting that person through another means - a text message, an email, a phone call, etc. Most of you have used this on other systems, including our Microsoft tools or to process credit card expenses. The thinking is, “We can verify it is Bruce making a request if we send a code or a message to a different device that is previously known to be in his possession.” Bad actors can steal credentials, but they are not likely to have the associated phones. You will see more of these authentication processes to help improve security.

The Introduction of New Ways of Collaborating

Collaborate with shared docsFor years, the only way we knew to collaborate was to send copies of our documents (such as Word or Excel documents) to everyone involved, have them mark them up, and then have someone collate the results into a central document. Or we put a document on a “Shared Network Drive” and let everyone edit it one at a time. But with Google Docs, we can actually have several people working on the same document in real-time. Why is this a security issue? It is because a collaborative document is only found in one place. With the increased security of that document in a data store on Google (or Amazon, or some other cloud-based storage). This prevents documents from residing as attachments in email clients, a very insecure way of protecting sensitive documents.  

Putting Files in a Secure Place

Cloud based drivesWe will ask that all of your files be migrated from your personal computer or a network computer to a Shared Google Drive or an Amazon Drive. Cloud-based solutions are much more secure because their data stores are designed for this purpose.  We will help get all that set up for you. 

A New Security Module on Litmos

LitmosWe will offer security training modules on Litmos. These training modules will be good for home and business best practices for safe computing. It will be a productive way to provide everyone with a good set of practices to use when working. 

Help Desk Support Announcement

Louisville GeekWe will soon announce a new way to get desktop support. We have set up a relationship with Louisville Geek (LG) to assist in providing support to ORR associates. Be on the lookout for that announcement, as it will include instructions for sending held desk requests to LG. 

Your IT Team is working hard on providing an environment that is safe, secure, and productive. These solutions are in line with our Core Values, and by adopting them we can make certain that we can securely continue the mission of ORR.

About the AuthorBruce Aldridge

Bruce is the Vice President of Information Technology and ePMO for ORR Corporation.

prev
Next