<div dir="ltr">Due to a possible emerging threat related to Meta (Facebook) Business Accounts (soon to be rebranded as Meta Business Portfolios), the Information Security Office is sending out the following guidance.<br><br>The ISO recommends that all units operating a Meta (Facebook) Business Account:<br><br>1. Regularly audit all roles and permissions for the Business Account to ensure only the appropriate personnel have administrative access.<div>2. Ensure that all users with roles for that account have Two-Factor Authentication configured and enabled - ref. <a href="https://www.facebook.com/help/148233965247823" target="_blank">https://www.facebook.com/help/148233965247823</a></div><div>3. Enable the 2FA requirement on the Meta (Facebook) Business Account - ref. <a href="https://www.facebook.com/business/help/280940009201586" target="_blank">https://www.facebook.com/business/help/280940009201586</a></div><div>4. Ensure that the primary email account used for the respective user's Facebook account has multifactor enabled.</div><div><br></div><div>In the event that a UCR-related Meta Business Account is breached, we ask that the incident is reported to the Information Security Office using ServiceLink - <a href="https://its.ucr.edu" target="_blank">https://its.ucr.edu</a> -> Stay Secure -> Report a security concern.<br><br>If you have any further questions regarding this topic, please email <a href="mailto:infosecoffice@ucr.edu" target="_blank">infosecoffice@ucr.edu</a>.</div><div><br>Thank you.<br><br clear="all"><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div style="border:0px;font-stretch:inherit;font-size:16px;line-height:inherit;margin:0px;padding:0px;vertical-align:baseline;color:rgb(0,0,0)"><font face="monospace"><span style="border:0px;font-style:inherit;font-variant:inherit;font-weight:inherit;font-stretch:inherit;font-size:10pt;line-height:inherit;margin:0px;padding:0px;vertical-align:baseline;color:inherit">---</span><br><span style="border:0px;font-style:inherit;font-variant:inherit;font-weight:inherit;font-stretch:inherit;font-size:10pt;line-height:inherit;margin:0px;padding:0px;vertical-align:baseline;color:inherit">Jonathan Ocab | </span><span style="border:0px;font-style:inherit;font-variant:inherit;font-weight:inherit;font-stretch:inherit;font-size:10pt;line-height:inherit;margin:0px;padding:0px;vertical-align:baseline;color:inherit"><a href="mailto:jonathan.ocab@ucr.edu" rel="noopener noreferrer" style="border:0px;font-style:inherit;font-variant:inherit;font-weight:inherit;font-stretch:inherit;font-size:inherit;line-height:inherit;margin:0px;padding:0px;vertical-align:baseline" target="_blank">jonathan.ocab@ucr.edu</a></span></font></div><div style="border:0px;font-stretch:inherit;font-size:16px;line-height:inherit;margin:0px;padding:0px;vertical-align:baseline;color:rgb(0,0,0)"><font face="monospace"><span style="border:0px;font-style:inherit;font-variant:inherit;font-weight:inherit;font-stretch:inherit;font-size:10pt;line-height:inherit;margin:0px;padding:0px;vertical-align:baseline;color:inherit">Manager, Information Security Operations</span><br><span style="border:0px;font-style:inherit;font-variant:inherit;font-weight:inherit;font-stretch:inherit;font-size:10pt;line-height:inherit;margin:0px;padding:0px;vertical-align:baseline;color:inherit">Information Security Office</span><br><span style="border:0px;font-style:inherit;font-variant:inherit;font-weight:inherit;font-stretch:inherit;font-size:10pt;line-height:inherit;margin:0px;padding:0px;vertical-align:baseline;color:inherit">University of California, Riverside</span></font></div></div></div></div></div></div>