Tips for Your Technical Team
If you have a dedicated team that manages security, you can ask them to enable some additional settings to help establish safeguards against cyber threats. According to Microsoft, through a combination of the below security hygiene practices, it is possible to protect against 99% of attacks.1
Account Security
Whether through social engineering, credential stuffing, or even old-fashioned shoulder surfing, bad actors are constantly looking for entry points into your organization. Along with teaching your employees to maintain good cyber hygiene, consider the following suggestions to help protect your organization’s accounts.
-
Enable multi-factor authentication (MFA).
MFA can help protect your network, email, and other systems from unauthorized access. This type of authentication asks for two “factors” of identification, making it harder for attackers to compromise both your password and the second authentication factor needed to access your accounts. Leading practice is to separate the factors to something you know (like a password) and something you have (like a mobile phone) to make it more difficult to compromise both.
-
Don’t use shared accounts.
It’s common practice for sales and customer service teams to use shared accounts to enable faster customer response; however, shared accounts mean a shared password, which increases the likelihood this password could fall into the hands of a bad actor. Shared accounts also typically do not allow for MFA. Ensure everyone on your team has unique credentials.
-
Label emails from entities outside your organization with
external tags.
External email tags (in the subject line or banners on the email) alert your employees to emails which may require more scrutiny because the sender is from outside of your organization. An external email tag does not mean that an email is malicious, but the email should be scrutinized for phishing links, suspicious attachments, or unexpected requests.
-
Consider Domain-based Message Authentication Reporting and
Conformance (DMARC).
DMARC is an email authentication protocol that can be enabled to verify the validity of the sender. This allows your email platform to drop or quarantine messages that do not meet the DMARC protocols. Note: This only works for organizations who have enabled DMARC. First American takes email security seriously and as a part of our commitment to our customers, we have DMARC enabled and authenticate legitimate emails. We encourage our partners to reject any messages you receive from our domain that do not pass DMARC enforcement policies.
Watch out for: MFA Bypass Attacks
As companies implement MFA as a best practice, bad actors have developed tactics to circumvent MFA controls. One common method is phishing for MFA codes, which accounted for more than one million phishing attacks monthly in 2023.5
Another common tactic is through MFA Fatigue Attacks. A common second factor of MFA is approval via push notification, sent to your smartphone through an authenticator app, like Microsoft Authenticator.
To bypass this account safeguard, bad actors will repeatedly push MFA authentication requests to an employee’s smartphone. The bad actor hopes that eventually, either inadvertently or through alert fatigue, the employee will assume the request is legitimate and accept the request, allowing the attacker into your company’s network.
Train your team to never share their unique MFA codes or approve an authentication request if they are not actively logging into their accounts.
Network Security
Targeting employee accounts is just one way a bad actor can breach your network. Bad actors will also attempt to exploit your network infrastructure, looking for any flaws or gaps. Consider the following suggestions to strengthen your network security.2
-
Implement a Zero Trust approach.
A Zero Trust security framework assumes that any connection to your network, internal or external, could be a threat. Microsoft recommends applying three key principles to your network security architecture:
- Ensure all users and devices are verified before allowing them to access company resources,
- Grant only the privileges needed for an individual to perform their job, and
- Constantly monitor your environment for possible attacks.1
-
Update your systems regularly, including firmware, operating systems, and
applications.
Regular updates ensure that your organization is running the latest security patches to help protect your network from known threats. If a tool or technology is no longer supported by the developer, it is best to decommission that tool and opt for an upgrade.
-
Only allow company devices on your corporate network.
Ensure you have a segregated network for guests, including partners or customers, so that only trusted traffic and devices have access to your corporate network. Unknown devices may be infected and allow bad actors into your applications and data.
-
Set up a VPN for your business.
If employees connect to your network remotely, a VPN can help shield your proprietary and confidential information from potentially unsecured networks. Leading practice is to configure your VPN client to launch as soon as an employee logs into their computer, giving them constant encryption whenever accessing company programs and data.
-
Protect your data.
Know your important data, where it is located, and what controls you have in place to protect it. Consider various strategies, like employee education, physical security, monitoring software, and antimalware, in your controls.3
-
Take regular backups of your key systems.
Backups can help protect against data loss in the event of malicious attacks, like data corruption through malware or theft through ransomware. Leading practice is to copy your systems on a consistent, regular basis to minimize the data lost between backups. When you do backup your systems, it is important to also protect these backups with encryption and by storing offline copies.
Foster a Culture of Cybersecurity
Even if your organization employs every security measure possible, there is no guaranteed protection from a cyberattack. New cybersecurity threats are constantly emerging and bad actors continue to brainstorm new ways to bypass your security defenses, often by targeting your employees.
In a changing cybersecurity landscape, one of the best things your organization can do is foster a culture where cybersecurity is front of mind—for your employees and your partners and customers. At First American, we strive to create this culture with you.
When security is front of mind, employees are more likely to identify and report suspicious activity. This can help your technical team respond to threats quickly and strengthen your organization’s defenses. 4
For More Information
The above tips can help reduce your organization’s risk of cyberattack, but this is not an exhaustive list of all cybersecurity best practices.
For more information, visit the references below.
Get CyberSmart
Sign up for Security and Privacy Insights.
Report Suspicious Activity
If you are a current First American customer, please report any suspicious activity directly to your First American representative through an independently verified telephone number.
If you are not a current customer, be cautious of:
- Phishing emails or websites spoofing First American.
- Unexpected phone calls from someone claiming to be a First American employee.
- Questionable text messages about your First American account or activity.
If you encounter any of the above, please send us an email at phishing.abuse@firstam.com so we can help you verify the message or website.
Nothing is too trivial to report. If you have any doubt about the legitimacy of a message from us, please report it.