Postmaster Notice Class II: Security notice

Security Note: PMBx is not now nor has it been under NSA or other government intrusion or snooping.

Security Classes
You will no doubt have noted the subject for this email has ‘Class III’ included in it. What are those classes and why should you pay attention? Many of you simply ignore the postmaster posts. Believe me I know! 😉
For your convenience, all postmaster posts will carry a Class label which tells you how important the content is to you.
  1. Class I – There is a very high chance you will be adversely affected by not paying attention to this postmaster notice. Ignoring the information in the post carries a very serious risk of the disruption of your email service or breach in your communication security. Consider these posts as highly serious warnings.
  2. Class II – There is a moderate to high risk that ignoring the information in the post will result in service disruption. You might not be immediately or directly affected if you ignore it, but you would do so at your own risk.
  3. Class III – There is a low to moderate risk for ignoring the information in the postmaster notice. These posts would be things like minor PMBx service announcements, etc.
Password Review Results
Recently we completed a sweeping look at each and every user’s password for the level of security. I estimate that as many as 1/4 to 1/3 of all email passwords were highly insecure, and made PMBx prone to further user email box hacking besides the four successful hacks that occurred in one week. Those hacks led to the PMBx host blacklisting which affected all PMBx users. Here are examples of passwords that I found (note: all insecure passwords including these have been changed):
Passwords now must be 12 or more characters and numbers and letters both are required. I will stress security over and over again, but as a PMBx user (if you are reading this email this means you, even if your address doesn’t end in ‘‘), you must take security very seriously! Your passwords are as important as the keys to your vehicle and your house!
Let me say that again; your passwords are as important as the keys to your vehicle and your house! I will generally refrain from ever sending your password to you if you forget it because I see them as that significant.
Phishing Schemes
A phish email is one that is intended to sound official but secretly is trying to get you to divulge your usernames, logins, and passwords.
You will never get an email from asking you to verify your email address and password! And from now on, if you don’t see a ‘Class’ heading as in this email, then assume it is not an official email from me.
In particular, I will never ask you to click on a link in an email. If I tell you that you need to go to a web site, I will explicitly write the name of the web site for you to retype in your browser. That is the only way to be safe.
I suspected, but cannot be sure, that at least one or two of the recent email account hacks was the result of someone ‘confirming’ their account information by an unsuspecting click on a link in an email.  This is the oldest trick in a hackers toolbag of tricks!
Be suspicious! We are to be harmless as doves, but wise as serpents! Falling prey to the enemy out of simplemindedness is not a good excuse if you get hacked.
PMBx Security Standards
Most of you know that I’m a physician, a Pediatrician. I live in a professional world that scrutinizes everything I do for the sake of patient privacy. I use PMBx for my professional as well as personal activities.
Because of that higher level of security, you can be reassured of two very important things.
  • PMBx security is much more important to me than it is to you, most likely. Indeed the benefit of using PMBx is that I’m its most difficult customer to satisfy.
  • PMBx service access and reliability is mission critical to me. Most of my communications with patients outside the exam room is now by email, and not by phone.
You enjoy the benefits of something that is not optional for me as a doctor. I must ask you to be careful not to compromise your email service, as it will affect us all on PMBx, and it could affect also the children that I care for every day.
Warmest regards,

Comments are disabled for this post