16
Jul
2020

Cover Your Bases
Your employees are who hackers frequently target, so your employees are also your front line of defense. Build awareness among your team so they don’t fall for social engineering, phishing, or other hacker attempts to manipulate their way past your people and into your systems. Malicious actors are favoring phishing tactics in recent months, with schemes that claim “free supplies” for overdrawn hospital resources or even guides to obtaining government-issued stimulus checks. These spam emails impersonate health authorities and distributors of protective gear, like masks. As of late, they have pivoted to offering information about a vaccine for COVID-19, which, at present, does not exist. Ransomware attacks, an especially dangerous scenario for hospitals to face, continue to climb in frequency with demands ranging from $10,000 to $25 million. Although it can be tempting to pay the ransom in exchange for data access, experts advise that the best line of defense is to not give in—ransomware attackers may leave behind the means to infiltrate your systems again. Strong security protocols and a dedicated IT security force can work to expel malicious actors for good. Constant vulnerability management assessments will do the work of identifying and patching weak points in your systems before hackers can exploit them. Multi-factor authentication often requires no more than for a system user to have their cell phone on them, and there are countless options for backing up and encrypting patient data. Last week, we addressed the cyber risks for small-to-midsize businesses, and how a smaller organization may overlook their potential risk because cybercrime against larger entities gets more press. But now more than ever, the research suggests that midsize medical practices have the most to worry about; they’re large enough to compile a sizable amount of health records, but small enough not to set aside time and resources for IT security, which is exactly what a hacker looks for in a target.All For One
Taking on new cybersecurity practices amid a pandemic may not be a hospital’s first priority, but it belongs on the list nonetheless. When it comes to the safety of your systems, it’s important to have a strong baseline and a trusted ally. Our HIPAA Risk Assessment affirms your HIPAA compliance and the safety of your patients’ Protected Health Information (PHI). With a selection of award-winning tools and processes, and extraordinary support custom-tailored to your needs, we evaluate all levels of your organization, including:-
- Network Security — We thoroughly evaluate your network to validate its security and proper monitoring
-
- Data Security — We audit your controls to ensure PHI is properly secured and protected
-
- Infrastructure Security — We assess your workstations, server, and network infrastructure devices to confirm they do not pose a risk to your security posture
- Risk Management — We integrate assessment findings to measure your risk against a negative security event and empower you with risk mitigation tools