11 tips to reduce vulnerability with cybercrime
by Jared Rifenbary, Assistant Vice President, First American Healthcare Finance
At the recent 2017 American Hospital Association Annual Membership Meeting, the FBI addressed the audience to discuss the seriousness of Cybercrime and what to do about it. All hospitals and healthcare providers are potential targets for Cybercrime and the threat can come from anywhere. Cybercriminals are after more than just patient information – names, addresses, birthdates and even credit card numbers are at risk.
Many providers are familiar with ransomware attacks – but that is just the beginning. While you can’t prevent cyberattacks, you can help deter and reduce vulnerability. Here are 11 tips from the FBI on how protect yourself.
11 tips to reduce vulnerability with cybercrime:
- Ensure you have a culture of security. People and processes are always the weak link.
- Provide access to information solely to those who need it. Utilize access configurations like read-only.
- Keep software up to date and get any available software patches.
- Utilize antivirus and anti-malware solutions and keep them up to date.
- Disable macro scripts from files transmitted over email.
- Use software restriction policies to prevent programs from executing from common ransomware locations.
- Test systems for vulnerability.
- Back up your data to an off-site center.
- If you’re hacked, then you simply switch to the back-up. Verify integrity of back up data regularly and make sure back-ups are connected to the computers and networks they’re backing.
- Don’t pay the ransoms! That only encourages the criminals to keep attacking.
- Get to know your local FBI office BEFORE you have a problem.
From software to hardware, constant vigilance and regular upgrades are essential. Also, be aware of all technologies that may be storing personal data. Finally, consider leasing equipment to certify that a thorough and professional data cleansing has been completed at the end of the day.
Questions? Contact firstname.lastname@example.org.
Posted in: Practice Management