Have I Been Breached and What to Do About it?

Have I Been Breached and What to Do About it?

have-I-been-breached-resize-r2

img-jed-fearon

Jed Fearon

Solution Advisor, 17+ years of experience in MSP Solution Development, Sales and Marketing Communications

“Only Amateurs Attack Machines”

Internationally renowned security technologist Bruce Schneier made this notable and quotable comment over a decade ago. He recently added, “The professionals are getting better and better.”

So true. Security has got to be one of the hottest topics in business these days. With COVID related work from home concerns and online vaccination scams, the situation is getting riskier by the moment.

What will they think of next?

Every week, we’re inundated with news stories about new hacks and data breaches. Even security technology companies are getting hacked.

Unfortunately, much of the stolen information lands on The Dark Web, where bits and pieces of personal identifying information (PII) are auctioned off to the highest bidder.

Since there is no honor among thieves, your PII can be sold to multiple parties over many years. No exclusivity!

Would you like to know if you’ve been hacked and what you can do to stay safer online?

This brief “How To” article will help you:

  1. Determine right away if any of your user ID and password credentials have been compromised.
  2. Demonstrate how anyone with Administrative Privileges to your Microsoft 365 account can activate an additional level of security through Multi-factor authentication or MFA.

Have you been compromised?

Chances are you have. Why is this likely? Most people make the following mistakes regarding the use of passwords:

  1. Their passwords are simple, easy to guess, and seldom changed.
  2. The same passwords are used across a large volume of business and personal email accounts.
  3. People share passwords.
  4. If one account is compromised, it’s incredibly easy to infiltrate the user’s other accounts.
  5. Cyber crooks have access to sophisticated and inexpensive software that automates the process.

There’s a website called haveIbeenpwned that helps you quickly determine if your information has been hacked and exposed to the public.

This doesn’t mean money gets instantly removed from your bank account. Criminals are certainly interested in getting their hands on your money.

They’re also interested in stealing identities, accessing and selling your healthcare benefits, extorting people, and businesses as well tapping into everyone in your address book so they can rinse and repeat.

I recommend you take the following steps right now:

  1. Visit haveibeenpwned
  2. Enter your email address, and the site will instantly generate a report showing every breach involving your email address.
  3. You can also enter your password and find out if you’ve been compromised.
  4. If you see any results, immediately change all of your passwords.
  5. Then make sure you get a password manager like LastPass or 1Pass to simplify and automate the process.

Haveibeenpwned has a partnership with 1Pass, but there are dozens of other options.

Learn More: The Best Password Managers for 2020

Each is a better alternative than keeping your passwords stored in web browsers, Excel spreadsheets, yellow stickies, and diaries.

Why is this so important? Everyone is under a constant state of attack.

Learn More: The World's Biggest Data Breaches

Are you ready to add an additional level of security?

It’s time to set up Multi-factor authentication. MFA adds another step to the login process to verify you are who you say you are.

Here’s how it works:

  1. After you enter your user ID and password (or click on the icon for the secure website through LastPass or 1Pass because you took my advice and signed up), you will be prompted with a pop up that requires you to enter a code.
  2. The code is then sent to you via text or a phone call.

While this system is not perfect, it’s certainly better than just knowing your user ID and password.

Setting up MFA in Microsoft 365

Step One

Log into Microsoft Online.

If this does not take you to the Admin Section, go to the nine dots (pictured below in the top left corner) and click on the image to find Admin. If you don’t see Admin, you don’t have access permissions and need to find out who does.

Have-I-Been-Breached-3

Step Two

This leads to the Admin portal of Microsoft 365. Click on Users on the left pane and then Active Users.

Have-I-Been-Breached-6

Step Three

You should now see a list of users that you have in your portal. There is a menu bar that goes across the top just above the list of users. Click on Multi-factor authentication.

Have-I-Been-Breached-5

Step Four

This should take you to a new page that provides a list of all users within your organization again but looks a little different than before.

Step Five

It should now have a third column that shows MFA’s status for each user in your portal.

Step Six

If you click on one of the users, it will then provide you another pane to the right that has some Quick Steps.

Have-I-Been-Breached-1

Step Seven

Click on Enable to turn on MFA for that user.

Step Eight

Upon completion, the setting will change to Enabled.

Step Nine

Instruct the user to go to a browser and type in Office.

Step Ten

Using credentials, the user will log into the recently enabled MFA account.

Step Eleven

Once the correct password is entered, the user will be walked through adding their cell phone to their account and enabling MFA using either a text message or an application installed on the phone such as Microsoft Authenticator.

Step Twelve

Once this step is completed, go back to the portal to confirm the status has changed from Enabled to Enforced.

When all of the users have Enforced next to their name, MFA activation is complete.

One quick disclaimer: some accounts in your portal may be used for services like applications or scanning. You may not want to enable MFA on these as it may break that service.

Additionally, I suggest you create one account with a Global Administrator role that you will NEVER use and set its password to Never Expire, and do not enable MFA on this one.

You should store this account profile for one single purpose: to safeguard if you accidentally lock all admins out and cannot get back in.

Next Steps?

Part one of this article is easy for anyone to do right now. Visit Haveibeenpwned and enter your email address or password where prompted and get instant results.

Part two is typically best managed by an in-house IT professional or a managed IT services provider.

If you have hundreds of user accounts, enabling them manually is not a recommended best practice.

ProviDyn is a Microsoft Certified Partner MSP and we’re always excited to help businesses get more out of their Microsoft 365 experience.

Learn More: 5 Ways Microsoft 365 Can Transform Your Business

Are you growing with at least 10-20 people or $4M in annual sales? The ProviDyn team has decades of experience, and we look forward to guiding you.

Call 404-551-5492 or contact info@providyn.com if you would like to schedule a brief conversation.