Login
Sign up
Course Content
Introduction to Cybersecurity & Remote Monitoring
0/3
Why cybersecurity matters
What is Sirix remote monitoring?
Shared responsibility model
Access control & authentication
0/4
Account security
Least privilege principle
Secure login practices
Knowledge check
Secure use of Sirix remote monitoring
0/3
Secure remote sessions
Handling sensitive data
Approved vs Prohibited uses
Threat awareness
0/4
Phishing & Social engineering
Malware & Ransomware risks
Insider threat risks
Knowledge check
Incident reporting & response
0/3
What is a security incident?
Reporting process
What NOT to do during an Incident
Compliance & Policy
0/3
Company security policy overview
Legal & regulatory requirements
Annual acknowledgement
Knowledge check & certification
0/1
Exam
Cybersecurity 101

🔐
Lesson 2.1
Account security
Your login is a key to sensitive systems. Protecting it protects customers, safety, and trust.
Always watching. Always protecting.

🔑
Protect credentials
Use unique, strong passphrases and keep them private.
📲
Use MFA correctly
Approve only prompts you initiated—report unexpected prompts.
🖥️
Lock sessions
Unattended access is still access—lock before you step away.

🛡️
Why account security matters

Your login credentials are the keys to our systems. In a remote monitoring environment, those keys can enable or disable alarms,
unlock approved doors or gates, and access sensitive customer environments.

If an attacker gains access to your account, they don’t just access a tool — they gain access to security operations.
That’s why protecting your account is one of the most important things you do every day.

Compliance and accountability

Access to Sirix systems is controlled and monitored to protect customers and meet security and privacy obligations.
Individual accounts are required to maintain accurate audit logs and traceability of actions.

  • Use only your assigned account (no sharing credentials).
  • Access is role-based (least privilege) and may be reviewed.
  • System activity may be logged for security, investigations, and compliance purposes.
  • Suspected incidents must be reported promptly for assessment and response.

These controls support audit readiness and help protect customer environments and personal information.

💪
Strong password practices
  • Use a unique password for Sirix systems.
  • Prefer long passphrases (easy to remember, hard to guess).
  • Use approved password management tools if provided.
  • Change your password immediately if you suspect compromise.
Never do this
  • Do not reuse passwords across accounts.
  • Do not share credentials or “borrow” logins.
  • Do not store passwords in unsecured notes or documents.
  • Do not send passwords through email or chat.

📲
Multi-Factor Authentication (MFA)

MFA adds an extra layer of protection beyond your password. It significantly reduces the chance of unauthorized access.

  • Never approve an MFA prompt you didn’t initiate.
  • Repeated prompts can be an MFA fatigue attack — attackers hope you approve one by mistake.
  • If you receive an unexpected prompt, deny it and report it immediately.
Red flag: Multiple unexpected MFA prompts in a short time.

🙅
Account sharing is never allowed

Each account is assigned to one person. This protects customers and supports auditability by ensuring actions are traceable.

  • Access is role-based and tied to job responsibilities.
  • Activity logs rely on accurate user identity.
  • If someone needs access, they must request it through the approved process.

🖥️
Lock your access when away
  • Lock your workstation when stepping away — even briefly.
  • Log out at the end of your shift.
  • Never leave active sessions unattended.

Physical access is still access.

🚨
If you suspect your account is compromised

If you notice unexpected MFA prompts, login alerts you didn’t initiate, lockouts, or unusual activity:

  1. Report it immediately to Security or IT using the approved process.
  2. Follow instructions for password reset and session termination.
  3. Do not ignore it — early reporting reduces impact.
Remember: fast reporting helps contain incidents.

💬
Quick scenario
You step away from your desk for two minutes and leave your session active. When you return, nothing looks different.
Still a risk: Even short unattended sessions create opportunities for misuse.
Always lock your workstation before stepping away.

Key takeaway

Account security is not just about protecting a password — it’s about protecting customer environments,
safety-critical actions, and our reputation.

Your login is your responsibility.

If something feels off, slow down — then verify or report.

Always watching. Always protecting.

Previous
Next