...nd people by clearly outlining actions that are not acceptable. 1. Do Not Share Passwords Passwords are personal credentials and must never be shared—verbally, in writing, or digitally. This includes coworkers, volunteer...

...ay: Suspicious login activity Unexpected login alerts, unfamiliar locations, or password reset emails you did not request Malware or security warnings Pop-ups, antivirus alerts, or messages indicating a potential infecti...

...ecure your accounts From another device: Change your Crosspoint (Microsoft 365) password immediately Update passwords for any other accounts accessed on that device (email, banking, etc.) Revoke active sessions if possib...

...quirements Device Protection: All devices must be secured with a passcode, PIN, password, or biometric authentication (Face ID, fingerprint). Automatic Lock: Devices should automatically lock after a short period of inac...

...thentication (MFA) must be enabled Devices should be protected with a passcode, password, or biometric lock Public or shared computers should not be used to access sensitive information Files must not be downloaded and s...

...her instructions from IT. Do not continue clicking, downloading files, entering passwords, or responding to any messages connected to the suspicious link. When reporting the issue, include: The email, text, or website wh...

...hishing is a fraudulent attempt to gain access to sensitive information—such as passwords, financial data, or internal systems—by pretending to be a trusted source. These attacks most commonly occur through email, but ca...

...to a system. This adds an additional layer of protection beyond a username and password. What are authentication factors? MFA typically includes a combination of the following: Something you know (password or PIN) Somet...

Personal Password Compromise If you suspect that any of your passwords have been compromised, you must act immediately. Required Action: Notify the IT Department or the Director of Operations without delay .  Why Th...

Password Management All employees of Crosspoint Church are required to maintain secure password practices across all systems. A password management tool should be used to securely store credentials. While no standard pla...

...sures Preventative Measures HIPAA-compliant EHR system Secure billing platforms Password-protected devices Annual HIPAA training for staff   Data Breach Response Notify leadership immediately Contain breach Assess s...