What is CMMC? CMMC Update Archives CMMC Links
Security Awareness Training Public Speaking Expert Witness
Newsletters Whitepapers Articles Videos Interviews Additional Resources
Cyber Security News & Tips by Glenda R. Snodgrass for The Net Effect
[ View this email in your web browser ] [ Visit our archives ] [ Sign Up for this Newsletter ]

November 14, 2023

Good morning, everyone!

This week’s critical vulnerabilities:
  • QNAP has released updates to fix critical vulnerabilities in its NAS devices
  • SysAid has released a critical security update to its on-premise service management software

Patch All the Things!



You can't solve a process problem with technology

A few weeks ago, I wrote about Maintaining work/life balance: the cyber security perspective, and the latest Okta breach reminded me yet again why this is so important:

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop, exposing credentials that led to the theft of data from multiple Okta customers.

Many years ago, one of our clients got a bad malware infection from reading his personal AOL email on his company computer. Just yesterday, someone posted a question in an online security forum that began with "If I access my personal hotmail account on my company laptop" and my immediate reaction to his question was "You're fired." This is obviously a problem that won't go away easily, but it can go away with the right policies, processes and training!

Your organization should have a written security policy that prohibits things like logging into personal accounts (email, social media) on company computers. Your security awareness training for employees should include everything in your policy, with examples like this Okta breach used to explain why this policy exists and how important it is. Most people will try to do the right thing if (1) they know how and (2) they understand why they should.

If you want help developing good policies and processes, let me know! That happens to be our particular specialty.

Stay cyber safe this week!

Remember, you can read past editions of this newsletter on our website, along with tons more information under the Resources tab.

Have a great week!

Glenda R. Snodgrass

Glenda R. Snodgrass
grs@theneteffect.com
(251) 433-0196 x107
https://www.theneteffect.com
For information security news & tips, follow me!



Security Awareness Training Available Here, There, Everywhere!

Thanks to COVID-19, lots of things went virtual, including my employee Security Awareness Training. Live training made a comeback a few months ago, but many organizations are retreating. No worries. Wherever you and your employees may be, I can deliver an interesting and informative training session in whatever format you prefer.

Contact me to schedule your employee training sessions. They're fun! ☺

TNE. Cybersecurity. Possible.

Speak with an Expert

Contact

The Net Effect, L.L.C.
Post Office Box 885
Mobile, Alabama 36601-0885 (US)
phone: (251) 433-0196
fax: (251) 433-5371
email: sales at theneteffect dot com
Secure Payment Center

Site Map

Home
Employee Training
Security Awareness Training
Public Speaking
Expert Witness
Workshops
About

Resources


CMMC
Newsletter
Whitepapers
Articles
Videos
Interviews

The Net Effect, LLC

Copyright 1996-2024 The Net Effect, L.L.C. All rights reserved. Read our privacy policy