Securing your practice against cyber attacks is a quick guide for the employees. There are just a few very basic things you can do to ensure you are not jeopardizing your network. Sometimes what you don’t know can really hurt you so every once in a while, I like to come out with the basics as just a reminder that even the most innocent things could put you in a very vulnerable position.
Securing Your Practice Against Cyber Attacks
- The Physical – We often take this for granted. There are some simple basic things we can do like password protecting our screens for when we step away. Or, keeping a clean desk and not leaving ePHI in view of anyone who walks by. Another important thing is to shred documents. Simply tearing them up is not enough sometimes. A few more easy ways to get in trouble would be not closing file cabinets, not erasing notes on white boards and leaving USB drives around for anyone to take a peek at.
- Email – I can go on and on about email. The hackers work very hard to fool you into clicking and giving up credentials and personal information. There is Phishing, Spear Phishing, embedded links, spoofing and scary threats that can fool you into opening emails that can hurt youu.
- Password Management – This one is a killer! No matter what I say or do, I cannot get people to change to a complex password! Password1 is NOT a good password!! The hackers have an algorithm they run to detect easy passwords. The throw it out there hoping to score. Sadly, they do!
- Mobile Devices – Keep people’s personal laptops and phones OFF of your network. Enough said!!
- Secure Website Browsing – When end users venture out onto the Internet, it’s easy to get tangled up in the vast web of threats lurking on many website pages. Some of them are readily apparent, but others are well hidden. You need to be VERY careful of where you make purchases and provide personal information. Always make sure there is an “s” after http. It should look like this; https://
I never want to scare you. I just want you to be educated and informed. No one wants to hurt their practice and their patients. If you are ever in doubt, contact Tier3MD or Tier3MD Secure and we are happy to help you.