Employee Celebrations
Longevity is one key contributor to a successful company. As we start 2024, our President Rebecca Pritts is celebrating her 20th year at MCG, Inc. When she started with the company, we were just 8 people, and had just begun charting our course in the world of Managed Services.
Fast forward 20 years, and we are a well established Managed Services Provider offering our customers a full suite of security tools along with our Help Desk services and proactive 24/7 monitoring. Rebecca has been a huge contributor towards achieving this goal, and has helped us bring on new talent and expand our offerings. We are grateful for her consistent contributions, and her leadership.
BrainStorm
BrainStorm is a learning management SaaS platform that was created with empowering and engaging solutions to help end users adopt their software.
Companies are wasting a lot of money each year on software that is underused by their employees. Working with BrainStorm allows companies to get the most out of their enterprise software by utilizing effective adoption and training techniques. These techniques will make your users want to learn, which will increase their usage, which will then also increase their confidence in feeling equipped to protect the organization from security threats.
Through a few different areas, a personalized change management strategy can be developed to help transform your team. With user confidence, you can reduce help desk calls. When engaged in the learning, users are also more likely to stick with it and continue their use. A dedicated customer success manager can help with these areas in order to reach your desired scale. Plus, the learning solutions are not one-size-fits-all, instead they suite different types of learners.
Visit here to learn more information, and let us know if you are interested. MCG, Inc. may soon be offering this to our customers!
Warning from Microsoft
Microsoft recently issued a warning that threat actors are adapting their techniques in order to bypass multi-factor authentication (MFA) protections.
Many companies and their employees access work resources from personal devices like a cell phone or home PC. These devices may be less managed making them a prime target for token theft. Token theft is a method increasingly being used by hackers, especially since it can be a relatively easy way to bypass MFA. Two common methods include Adversary-in-the-middle (AiTM) frameworks and pass-the-cookie attacks. Hackers use AiTM frameworks to intercept tokens. For example, a false framework can be inserted between an employee and a work application they are trying to access, and if successful, the bad actor can seize the user’s credentials and the generated MFA token. A pass-the-cooke attack will compromise browser cookies to gain access to corporate resources. If a hacker can break into a user’s device, they can steal a cookie that was already created and stored after authentication, and pass it to a different browser or system. This method would bypass company security checks.
Due to attacks being ever present, Microsoft has a few recommendations for staying safe. First is visibility; companies should know which devices employees are using to log into various resources. Using compliance tools along with other device-based conditional policies can make it easier to track and update devices with security patches, antivirus software, and more. Companies can also follow security baselines to decrease the risk of user’s devices being compromised or experiencing token theft. Phishing-resistant MFA solutions can be used for added protection. Lastly, users with advanced tenant privileges can be moved into a separate cloud-only identity, in case any on-premises services get compromised.
To learn more about bypass MFA attacks from how to detect and respond, to protecting your company, visit here.
