Ransomware is an ever-growing problem that has become a lucrative business for cybercriminals. This business continues to evolve with new creative tactics deployed every day. Cybersecurity Ventures predicts cybercrime will cost the world $6 trillion in 2021.
Here at Medix Dental IT, we urge practice owners to take a proactive approach to cybersecurity. Failing to do so can leave a practice inoperable should it fall victim to a ransomware attack. With a dental practice identified as an easy target due to knowingly having weak and outdated cybersecurity, owners need to protect their practice data now more than ever before.
The first line of defense against ransomware is employees. It is imperative to the success of any digital workplace to invest in cybersecurity training. Dental practices are known for having weak and or outdated cybersecurity, making them a prime target for cybercriminals. At Medix, we recommend scheduling quarterly cybersecurity awareness training (annually at the very least).
Cybersecurity training does not have to be overly complicated. Most typically include a cyber-threats overview, email security best practices, password policies, web protection, and social engineering. Training can be through an interactive platform or by the completion of reading assignments.
Email and web browsing are the two main areas of training that practice owners need to ensure their staff understands and implementing security best practices in their daily routine at work. We suggest sending friendly reminders throughout the year in internal newsletters or print off flyers for staff to reference as needed. Here are two resources on the dos and don’ts of email security that we share with our partners:
Educating practice staff on web browsing protection and allowing website usage for only websites necessary for practice operation reduces risk instantly. Practices should also disable autocomplete for web forms and remember your password features. Enabling these features makes it easier for a hacker to discover if a system were to get compromised.
While 100% protection does not exist, having multiple layers of security is the next best thing to mitigate and prevent cyber threats. Firewalls help shield computers from unwanted network traffic. Having a firewall that includes malware and virus scanning ensures that employee downloaded files do not contain infectious, hidden files before fully downloading onto the computer. Endpoint protection is a security necessity for every business. It provides protection on end-user devices such as laptops, desktop computers, tablets and servers that can be exploited by a cybercriminal. Lastly, ransomware mitigation software is another layer of protection we, at Medix, recommend to dental practices. It lures hackers to cyber-honeypots, which detect attacks and deflect them by immediately shutting down the computer if files are changed or removed. Ransomware mitigation software also allows gaining information on the cybercriminal.
Comprehensive Data Backup Strategy
Having a comprehensive data backup strategy is a business’ cybersecurity safety net. Every dental practice should have a data backup strategy and a disaster recovery plan to withstand a cyber-attack with little to no effect on practice operations and data loss. Here at Medix, we recommend a local backup or disaster recovery device segmented from the practice network to avoid being impacted by a network infection. While data backups are known as set-it-and-forget-it tasks, IT providers should closely monitor them to detect changes and odd behavior. Practices should work with their IT provider on an incident response plan and to ensure their backup solutions are HIPAA compliant.
There are several factors to consider when it comes to backing up practice data. One question we ask – Does your insurance cover lost-data and recovery? For an extra layer of protection, have an adequate insurance policy in place that pays for mitigation, data recovery, and business continuity. If you fall victim to a ransomware attack, having these three items covered in your insurance policy (along with your data backup) will help get your practice operable again.
If firewalls, endpoint protection, and data backup strategy are not in your vocabulary – you are not alone. As cyber-attacks continue to rise, it is critical for dental practices to partner with an IT provider that will serve as a strategic member of the practice team and manage cybersecurity responsibilities. As the leading dental IT provider, we are here as a resource for you. For general questions or partnership inquiries, please email us at firstname.lastname@example.org or call us at 877-885-1010.
Posted in Other