Think your practice’s small size will protect you from cybercriminals?
Think again – smaller organizations in the healthcare community aren’t flying under the radar. You’re in just as much danger as larger medical practices, or perhaps, even more so, if you don’t have the right cybersecurity measures in place.
Case in point – a Wyoming community health system, with no more than 90-beds, was hit by ransomware late last year. In the aftermath, they had to cancel appointments and suspend services, severely affecting their patients, and their ability to operate.
What would happen if you were hit by ransomware today?
Nearly half of all reported data breaches in 2019 affected small businesses, mainly because they’re incredibly easy targets. The fact is that most cybercriminals aren’t spending all that much time or effort in any attack – they’re just sending phishing emails, setting up malware traps, and other largely passive and automated tactics.
That means that your safety doesn’t depend on your size – it depends on what you’re doing to protect yourself…
1. Confirm that anti-malware and antivirus settings are deployed to automate all updates and to continually conduct system and device scans.
2. Access controls should be configured so that shared permissions for directories, files and networks are restricted. The default settings should be “read-only” access to essential files, with limited permissions for write access to critical files and directories.
3. Train your staff to ask themselves these key questions before opening an email:
4. Macro scripts in office files should be disabled when sent over email.
5. Software restriction policies should be created or other controls implemented that prevent the execution, especially in the common locations where ransomware lurks, such as temporary folders used by the most common web browsers.
6. If you have you have a data backup solution, then it doesn’t matter if your data has been encrypted. You can just replace it with your backup, simple as that.
That’s why you should make a considerable investment in a comprehensive backup data recovery solution so that you can restore your data at a moment’s notice when necessary.
Be sure to:
NexgenTec will deploy a range of robust cybersecurity measures for your practice, including firewalls, patching, antivirus software updates, intrusion, and gateway protection. Furthermore, we will support your cybersecurity processes and practices, by implementing 2-factor authentication, employee security training, and password reset policies for your company.
Like this article? Check out the following blogs to learn more: