Announcements

1. The Help Desk Has been Made more accessible by integrating with cofess

2. The Next Teams Training will be on 1-17-24 at 12 pm. Please feel free to be there if you need any additional assistance.

 

The Forms Bureau

Understanding the Forms Bureau

The forms bureau was created with a two-fold purpose in mind. First to reduce paper and reduce the amount of lost paperwork. Second  We have a lot of forms, and because of this, we needed a way to ensure we were all doing them the same way for the same reasons.

Components of A Form

Every form has 4 attributes that are present in Every Form.
1. A form Title- A form Title is defined by the Form name 2. A Form Code- A form code allows us to view form versions and ensure that the forms we’re using are identical 3. Content – Content makes up the different form field types and controls the data that is passed into a workflow. Content is made up of fields, text, calculations, and uploaded information.

   a. Required Fields- these are marked with a red asterisk *
   b. Other Fields-these are everything else4. Workflows- These define how the form is processed and who it goes to, and this varies based on the form you are sending. For example, a purchase order request will go to payables and accounting, however, if you select IT for the department it’ll come to me first.

Accessing the Forms Bureau

It’s important to us that you have the tools available to do your job. That’s why the Forms Bureau exists naturally we want to help make sure you know how to access it!

 Step 1: Go to cofess.cityoffaith.org(this can be found in the CityOfFaith Bookmarks tab at the top of every employee's web browser)
The first step to accessing the Forms Bureau is to go to cofess.cityoffaith.org. This is the official website of City of Faith and the portal through which you can access all our company resources.( if you have never been to Cofess or logged into your COF email you should really see your supervisor)

Step 2: Login using your assigned login info
Once you have accessed the website, you will need to log in using your assigned login information. This will give you access to all the services and resources available on the website.

Step 3: Hover your cursor over Policies & Forms
After logging in, hover your cursor over the Policies & Forms tab. This will reveal a dropdown menu with different categories of forms.

 

Step 4: Click the Group your job description falls under
Click on the group that your job description falls under. This will give you access to the forms that are relevant to your job.

It is important to note that everyone has access to HR & Accounting forms. Through the HR & Accounting forms, you will be able to make purchase requests, complete HR forms, and submit receipts for purchases.

Step 6: Accessing the forms
Once you are within the page assigned to your job description, you will see forms listed. Each form has a title, description, Form ID, and date of the latest update. Click on the title to access each form.
Step 7: Completing the forms
Most forms are digitally embedded forms that will ordinarily submit to your supervisor. These forms are similar to the End of Shift report (Security) and the File Accountability form (Case Mgmt). Once the page loads, complete all the required blanks and click submit or update depending on the requirements of the form.
Some Forms may even require you save a URL for later to update information as needed.

 

 If you have any questions or encounter any issues while accessing or completing the forms, reach out to the IT Department by submitting a ticket at cityoffaithit.freshdesk.com. From there, you will use your COF email via google or Cofess Info info to log in and submit a ticket.
Alternatively Just go to Cofess and Hit the help icon in the bottom right of the screen.

 

 Next week I’ll review some specific forms that affect us on the daily and make sure we all understand how those should be filled out!

—

Announcements:

1. Tomorrow will be our second refresher over Microsoft Teams at 9 AM. 

2. Per our movement toward NIST compliance going forward no device,, should have resident information stored on it. When I conduct visits all computers, tablets and other COF-owned devices will be evaluated for compliance.  If you have questions about this see me.  

 

We’re now in the fourth week of our cybersecurity series. Over the past weeks, we’ve learned about password managers, how to install LastPass, the dangers of phishing and other socially engineered online scams, secure password creation and sharing, and other tools we use to protect ourselves.

Good Cyber security is like onions there are multiple layers of safeguards and walls in place. Each one serves a purpose. The first line of defense is always using best practices and internet common sense.

 

 One note do not use the same password for everything even slight variations make it harder for malicious people.

 

This week, we’re focusing on what to do if you suspect you’ve been a victim of a cyber threat or your computer is infected.

 

Step 1: Identify the Issue If you notice any suspicious activity such as unfamiliar emails in your sent folder, unexpected password reset emails, or unauthorized transactions, you may have been targeted.

1. Check Your Accounts: Regularly review your online accounts for unauthorized activity or changes. This includes email, social media, bank accounts, and any other services you use.
2. Monitor Your Emails: Be aware of unexpected password reset emails, emails about changes to your account settings, or emails from unknown senders.
3. Look for Performance Changes: If your device is running slower than usual, crashing, or displaying frequent error messages, it could be a sign of malware.
4. Watch for Unusual Network Traffic: An unexpected increase in data usage could indicate that a malicious program is using your network.
5. Be Aware of New or Changed Files: If you notice new files on your system that you didn’t download, or if existing files were modified without your knowledge, it could be a sign of a security breach.
6. Check Your Browser: Unexpected changes in your browser, such as new toolbars, extensions, or a changed homepage, could indicate a problem.
7. Use Security Tools: Use the security tools available in your operating system to scan for issues. City of Faith Utilizes a program called Trend Micro for our security. If your system does not have this or you don’t know how to use it please see IT

Step 2: Report the Incident Immediately report the incident to our IT department at City of Faith IT email Include as much detail as possible about what you’ve observed. Screen Shots are always helpful. It’s best practice to tell IT what you clicked on and when the problem started  Occurring.

 

Step 3: Change Your Passwords If an issue is identified IT will recommend all your passwords be changed. Change your passwords for all your accounts, starting with your email and financial accounts. Remember to use LastPass to generate and store strong, unique passwords. See  Here for more information.

 

 

Step 4: Monitor Your Accounts Keep a close eye on your accounts for any further suspicious activity. If you notice anything unusual, report it immediately.

Step 5: Be Cautious of Scam Attempts Be wary of any emails or messages asking for personal information. Always verify the source before clicking on any links or providing information. Do not install anything on your device without first getting IT department approval. All programs must be evaluated for security compliance.

 

Step 6: Educate yourself on Malware Malware, short for malicious software, is any software intentionally designed to cause damage to a computer, server, client, or computer network. It’s a broad term that encompasses various harmful types of software, including viruses, ransomware, spyware, and trojans. Malware can steal, delete, or encrypt your data, alter or hijack core computing functions, and spy on your computer activity without your knowledge or permission. It often spreads via email attachments, software downloads from the internet, or operating system vulnerabilities. It’s important to use antivirus software and follow good security practices to protect against malware.

 

70% OF ALL MALWARE GOES UNDETECTED BY ALL ANTIVIRUS SOFTWARE BECAUSE USERS ALLOW IT IN

 

There are several common types of malware that you should be aware of:

1.          Ransomware: This type of malware disables the victim’s access to data until a ransom is paid.

2.          Fileless Malware: This malware makes changes to files that are native to the operating system.

3.          Spyware: This collects user activity data without their knowledge.

4.          Adware: This serves unwanted advertisements.

5.          Trojans: This disguises itself as desirable code.

6.          Worms: This spreads through a network by replicating itself.

7.          Rootkits: This gives hackers remote control of a victim’s device.

8.          Keyloggers: This monitors users’ keystrokes.

9.          Bots: This launches a broad flood of attacks.

10.        Mobile Malware: This infects mobile devices.

11.        Wiper Malware: This erases user data beyond recoverability.

Each type of malware has its own characteristics and methods of operation. It’s important to have a good understanding of these types in order to protect your computer effectively. Let me know if you need more information on any of these types.

 

Physical Security

Physical Security should be monitored as well. Here are some tips for maintaining a safe and secure work environment:

1. You should not leave your computer open with sensitive information at any given time.

        2. Do not write your passwords on sticky notes and out in the open.

a. The best way to secure your passwords is by using last pass and MFA.  One of the changes coming to City of Faith in the near future is to add MFA to all City of Faith Utilized Software.

 

Recent studies have actually indicated the most secure form of password protection is called Passwordless

Passwordless security is a type of authentication that doesn’t use passwords or any other secret you need to remember to verify who you are. Instead, it uses something you have, like a device or a hardware token, or something you are, like a fingerprint or face scan.

The main advantage of passwordless security is that it gets rid of the risks that come with using passwords. These risks include having your password stolen, using the same password for multiple accounts, and the constant need to manage and remember passwords.
Passwordless authentication also makes signing in easier and quicker, which can make people more productive. It also increases security by getting rid of password-related risks.

When setting up passwordless security, it’s important to choose methods that make sense for the people using them and the devices and networks they’re using. It’s also a good idea to use multi-factor authentication, which means you need to provide two or more forms of authentication before you can access an account.

In summary, passwordless security is considered a best practice because it makes things more secure, easier for users, and reduces the need for managing passwords. However, like all security measures, it should be used as part of a wider security strategy that includes other protections like firewalls, antivirus software, and secure network protocols.

3. Devices when not in use should be kept behind locked doors(don’t leave your office unlocked)

4. Inspect your system for external devices not placed by you regularly. As a general rule we should not have unauthorized devices plugged into our computers you don’t want to be responsible for accidentally uploading a virus to COF.

5. Only use City of Faith Authorized equipment. Don’t use a home device without prior authorization and written approval.

 

Remember, your security is our top priority. If you have any questions or concerns, please don’t hesitate to reach out to our IT department.

 

 

Our next Series will be targeted toward the New Forms Bureau and the Different things available to everyone there. As always if you are having issues please submit a ticket. This article can always be reviewed on the Help Desk Knowledge Base and Cofess.