A Note from Colorado’s Secretary of Technology & CIO
October in Colorado generally means the start of cooler weather, pumpkin everything and of course Halloween. It may be lesser known, but October is also National Cybersecurity Awareness month. Even though there is an increased focus on cybersecurity during October, keeping your data and online accounts safe is important to us at OIT every day of the year. With that focus in mind, we are requiring all state Gmail users to enroll in Google’s 2-Step Verification. This extra layer of security will greatly reduce successful phishing attempts on state accounts -- giving you one less thing to fear this Halloween season!
Secretary of Technology & CIO
Back in 2004 when the U.S. Department of Homeland Security designated October as the month for their National Cybersecurity Awareness campaign, they may not have known just how important cybersecurity would become. In 2015, nearly half a billion personal records were stolen or lost due to cybersecurity attacks. Many of the incidents could have been avoided if the individual users were more educated on cybersecurity.
Governor John Hickenlooper recognizes the importance of the issue and has proclaimed October Cybersecurity Awareness month for Colorado. Our Office of Information Security has published a set of statewide technical policies and standards to help ensure that state system and data are protected -- all technical personnel, regardless of agency, should make sure they are familiar with them. For state employees, the most important thing you can do is to complete the required cybersecurity training and apply what you’ve learned.
By now you’ve probably seen the prompts to enroll your state Gmail account in 2-Step Verification. Most of you have already done so, but some still may be wondering why it is necessary. Our state workforce has fallen for phishing attacks that ultimately could have put our state data and resources at risk. You may be thinking, “That won’t happen to me,” but the reality is that phishing attacks can look pretty professional these days. Many people don’t even realize they’ve fallen for a fraudulent email asking them for their Google username and password. Now, thanks to the security provided by 2-Step Verification, even if you do, the request for the second factor authentication (code) beyond your password will stop most successful phishing in its tracks.
The enrollment period for 2-Step Verification continues through the end of day on Monday, Nov. 14:
Phishing is the attempt to gain sensitive information like usernames, passwords, credit card information through email by appearing to be a recognized and trustworthy source. But have you heard of spear phishing?
Customer Newsletters >