Critical Security Alert

In light of recent security incidents, it is critical that you take appropriate actions to secure your systems and content.

Specifically, if you use a secure file transfer system, it is essential that all users and administrators follow the below MPA Best Practices version 5.2:

Apply Multi-Factor Authentication (MFA): Remote Access (TS-2.9) and Authentication & Authorization (TS-1.6)

• To any Internet facing systems, including webmail and web portal
• To all remote sites and locations

Remote Access (TS-2.9)

• Use secure methods for remote access (e.g., SSH, SFTP, etc.)
• Disable remote access to content transfer systems

Authentication & Authorization (TS-1.6)

• Use unique usernames
• Passwords and passphrases: regularly reset, do not share or reuse
• For unauthorized or unusual activity: monitor, detect, log, and lockout immediately
• Remove old accounts
• Remove media after 48-72 hours, unless directed longer by a client

Application Hardening Guidelines (TS-1.16)

• Disable unnecessary, unused, or unsecure identities
• Disable or restrict unnecessary functions and services

Default Account (TS-1.2)

• Change usernames, passwords, passphrases
• Limit the use of these accounts to special situations that require these credentials

We strongly recommend you check your logs for any suspicious activity and follow MPA Best Practice, Incident Response (OR-4.0). Please contact us at support@ttpn.org if you have any questions.