{"id":13498,"date":"2025-04-21T12:01:11","date_gmt":"2025-04-21T00:01:11","guid":{"rendered":"https:\/\/kinetics.co.nz\/?p=13498"},"modified":"2025-04-21T12:01:11","modified_gmt":"2025-04-21T00:01:11","slug":"kinetics-kare-foundation-security-notice","status":"publish","type":"post","link":"https:\/\/new.kinetics.co.nz\/?p=13498","title":{"rendered":"Kinetics KARE Foundation Security Notice"},"content":{"rendered":"

[et_pb_section fb_built=”1″ _builder_version=”4.27.4″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_row _builder_version=”4.27.4″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_column type=”4_4″ _builder_version=”4.27.4″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_text _builder_version=”4.27.4″ _module_preset=”default” hover_enabled=”0″ global_colors_info=”{}” theme_builder_area=”post_content” sticky_enabled=”0″]<\/p>\n

KARE Security Update Change Notice<\/h2>\n

In response to increased cyber-activity, Kinetics is planning to roll out two changes across all KARE Foundation subscribers.\u00a0\u00a0This change only impacts subscribers on KARE Foundation<\/a> or KARE Security Plus<\/a> plans.<\/p>\n

[\/et_pb_text][et_pb_text _builder_version=”4.27.4″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”]<\/p>\n

1. Multifactor Authentication (MFA) \u00a0 <\/span><\/strong><\/h2>\n

[\/et_pb_text][et_pb_text _builder_version=”4.27.4″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”]<\/p>\n

Most subscribers are already using these settings but there are a few that have opted for a reduced level of MFA security.\u00a0 We are now increasing the setting for all clients unless we are specifically asked not to.\u00a0 \u00a0In the week commencing May 12th, we will be turning on ‘geo-locking’ and ‘number matching’ for ALL Multi-Factor Authentication (MFA) use, subject to your version of 365 supporting these options.\u00a0 We expect it will take us just over a week to roll this change out across all subscribers.<\/strong><\/p>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=”1_2,1_4,1_4″ _builder_version=”4.27.4″ _module_preset=”default” background_enable_color=”off” custom_padding=”20px|20px|20px|20px|false|false” border_radii=”on|20px|20px|20px|20px” border_width_all=”2px” border_color_all=”#222222″ global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_column type=”1_2″ _builder_version=”4.27.4″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_text _builder_version=”4.27.4″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”]<\/p>\n

These have been options and many of our clients have already opted to turn them on.\u00a0 It is our intent to now make this our default setting. For what it is worth, we understand that Microsoft might be about to do the same.<\/p>\n

There will be no cost for this change, but this will limit users to only accessing their systems in New Zealand and Australia. Any users travelling overseas\u00a0 beyond Australia will need to contact us to have their access relaxed for the period of their travel and their destination and this will incur a small charge.\u00a0 If your organisation does a lot of overseas travel, then we can setup a self-service function for you on request.<\/p>\n

if you have staff based permanently overseas, we will adjust their geo-lock for the country in which they work.\u00a0 We have a number of clients with staff based in North America, Europe or Asia and understand the need to look out for them.<\/p>\n

If you do not wish it to be turned on for you, please let us know.<\/strong><\/p>\n

[\/et_pb_text][\/et_pb_column][et_pb_column type="1_4" _builder_version="4.27.4" _module_preset="default" global_colors_info="{}" theme_builder_area="post_content"][et_pb_image src="https:\/\/new.kinetics.co.nz\/wp-content\/uploads\/2022\/12\/2022Authenticator.jpg" title_text="2022Authenticator" align="center" _builder_version="4.27.4" _module_preset="default" max_height="350px" border_radii="on|20px|20px|20px|20px" border_width_all="2px" border_color_all="#222222" border_style_all="ridge" global_colors_info="{}" theme_builder_area="post_content"][\/et_pb_image][\/et_pb_column][et_pb_column type="1_4" _builder_version="4.27.4" _module_preset="default" global_colors_info="{}" theme_builder_area="post_content"][et_pb_image src="https:\/\/new.kinetics.co.nz\/wp-content\/uploads\/2022\/12\/MFAUpdates.png" title_text="MFAUpdates" align="center" _builder_version="4.27.4" _module_preset="default" max_height="350px" global_colors_info="{}" theme_builder_area="post_content"][\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version="4.27.4" _module_preset="default" custom_padding="|||1px||" global_colors_info="{}" theme_builder_area="post_content"][et_pb_column type="4_4" _builder_version="4.27.4" _module_preset="default" global_colors_info="{}" theme_builder_area="post_content"][et_pb_text _builder_version="4.27.4" _module_preset="default" global_colors_info="{}" theme_builder_area="post_content"]<\/p>\n

We appreciate that MFA can be an inconvenience.\u00a0 Nonetheless, it has become one of the most effective tools to protect you from cyber-crime.\u00a0<\/span><\/h2>\n

However, MFA is not infalliable.\u00a0 Please remain on your guard and report anything that seems suspicious.\u00a0\u00a0<\/p>\n

Geo-locking can be overcome by VPNs, and hackers can steal your MFA token with a ‘man-in-the-middle’ attacks.\u00a0 These are where they have a fake 365 login page and try to trick you into entering your details including your MFA code.\u00a0 KARE Foundation includes an AI-powered browser scanner<\/a> that works to detect these fakes.\u00a0 Nonetheless, security is all about layers or protection, and you are one of those layers<\/strong>!\u00a0\u00a0<\/p>\n

[\/et_pb_text][et_pb_text _builder_version=”4.27.4″ _module_preset=”default” custom_padding=”10px|10px|10px|10px|false|false” border_width_all=”1px” border_color_all=”#222222″ global_colors_info=”{}” theme_builder_area=”post_content”]<\/p>\n

Finally, a note from a recent customer experience.\u00a0 If you experience many MFA prompts in a short time, and you know you aren’t trying to access your system, please don’t hit ‘accept’.\u00a0 Instead contact us for help.\u00a0 \u00a0Remember that you can put your phone on ‘silent’ or flight mode, albeit that makes it harder for us to call you back.<\/strong><\/p>\n

[\/et_pb_text][et_pb_text _builder_version=”4.27.4″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”]<\/p>\n

For more info, refer to<\/strong> How number matching works in MFA push notifications for Authenticator – Microsoft Entra ID | Microsoft Learn<\/a><\/p>\n

[\/et_pb_text][et_pb_text _builder_version=”4.27.4″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”]<\/p>\n

2. Restricting Enterprise Applications in 365<\/h2>\n

[\/et_pb_text][et_pb_text _builder_version=”4.27.4″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”]<\/p>\n

To ensure the safety in your Microsoft tenant, Kinetics are planning to adjust the application permission settings in line with best practice.\u00a0 This means that either Kinetics, onsite IT or designated staff will be required to approve the application. This only needs to be done once per application.\u00a0 The approval prompt will look similar to the image below.<\/p>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row column_structure="1_2,1_2" _builder_version="4.27.4" _module_preset="default" global_colors_info="{}" theme_builder_area="post_content"][et_pb_column type="1_2" _builder_version="4.27.4" _module_preset="default" global_colors_info="{}" theme_builder_area="post_content"][et_pb_image src="https:\/\/new.kinetics.co.nz\/wp-content\/uploads\/2025\/04\/EnterpriseAppsBlocked.png" title_text="EnterpriseAppsBlocked" _builder_version="4.27.4" _module_preset="default" border_radii="on|20px|20px|20px|20px" border_width_all="1px" border_color_all="#222222" box_shadow_style="preset1" global_colors_info="{}" theme_builder_area="post_content"][\/et_pb_image][\/et_pb_column][et_pb_column type="1_2" _builder_version="4.27.4" _module_preset="default" global_colors_info="{}" theme_builder_area="post_content"][et_pb_text _builder_version="4.27.4" _module_preset="default" global_colors_info="{}" theme_builder_area="post_content"]<\/p>\n

If there is no designated staff member or IT staff on site, please raise an IT service request after requesting app approval.<\/p>\n

 <\/p>\n

Why are we making this change?<\/h3>\n

Microsoft have recommended the change because of the increasingly challenging security environment.\u00a0 These ‘enterprise applications’ can act on behalf of users and can have the same access as the users.\u00a0 They are also able to bypass multifactor authentication.\u00a0 This means that if you consent to an ‘enterprise application’ it could read all your data as well as send out mail as if it came you. It is scary to realise you could inadvertently give this access in just one click.<\/p>\n

Existing Applications<\/h3>\n

Please note that this will have no impact on any applications that have already been added.\u00a0 It will only impact NEW requests.<\/p>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"

KARE Security Update Change Notice In response to increased cyber-activity, Kinetics is planning to roll out two changes across all KARE Foundation subscribers.\u00a0\u00a0This change only impacts subscribers on KARE Foundation or KARE Security Plus plans.1. Multifactor Authentication (MFA) \u00a0 Most subscribers are already using these settings but there are a few that have opted for […]<\/p>\n","protected":false},"author":5,"featured_media":13517,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[4],"tags":[],"class_list":["post-13498","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/13498","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=13498"}],"version-history":[{"count":0,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/13498\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/"}],"wp:attachment":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=13498"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=13498"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=13498"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}