CYBER SECURITY CHANGES

Greetings from your resident cyber security guru:

As the current security threat landscape is ever-changing, we have identified two gaps in our systems that could lead to potential issues for the Utility. Much like the replacement of a failing pole or a past due account, the IS department needs to take steps to remedy known vulnerabilities to ensure we are following best practices in providing a stable PUD 3 network.

Personal Email on PUD 3 Computers/Devices

There is significant risk to accessing personal email on a PUD 3 system. With non-PUD 3 email (e.g., gmail, Hotmail), we cannot ensure that links or attachments are scanned for safety and validity. A lapse in judgment or an accidental click could lead to catastrophic consequences on the network. This is different than when an email comes to your @masonpud3 account. We have systems in place where links and attachments get checked and tested before a user can open them.

With this in mind, we will be working to remove access to web-based personal email from PUD 3 devices. This removal will go into effect within the next month. You may continue to use your personal device to access personal email on the PUD’s Wi-Fi network.

Multifactor Authentication

Another change that will be coming is the adoption of Multi-Factor-Authentication (MFA). If you haven’t already been required to set this up with your various existing personal online accounts, be prepared because it’s coming! At first, PUD 3 will only be enabling MFA for employees who have had security incidents, or are part of the IS dept. Once enabled, this change will primarily affect users who are trying to log in to PUD 3 systems (Office365 systems, Outlook, Teams, etc.) across any device/computer. This will require the installation of the Microsoft Authenticator app on a device. This app will provide the extra authentication step that helps ensure the login is legitimate and your identify is validated. We will likely be moving towards a multifactor authentication model for all employees in the future, but for now, it will just be applied to the users described above.

Please let me know if you have any questions.

Thank you for your partnership in ensuring we have a safe and reliable network.

Joel Moore
joelm@masonpud3.org
ext: 5245

AnnouncementsAsia ClineNotify, Announcements