Security is especially essential for healthcare organizations, as they are a top target for
To help your customers in the healthcare industry protect their data, review their cyber security systems, and ensure they incorporate all five of these security measures.
1. Backup Software
Backup software should be used at all healthcare organizations. If your customers’ systems are infected with ransomware and have backups installed, the files will be safe – considering paying the ransom will not be required. It’s essential that the backup is run daily and there are various backup solutions, both
2. Endpoint Protection
Every healthcare organization must have endpoint protection to help prevent the numerous ransomware attacks they battle. An estimated 54 percent of emails received by a healthcare organization are spam, making endpoint protection essential to protect against known and unknown threats. Symantec recently reported that they “blocked 22 million WannaCry infection attempts across 300,000 endpoints.”
According to the Sans Institute, the firewall is one of the seven hardware devices “of the highest concern and applicability to HIPAA security regulations for systems certification and accreditation.” As the barrier between a healthcare organization’s valuable data and outside threats, the firewall follows an established set of rules and blocks outside information that seems malicious. A healthcare organization should frequently monitor their firewall to ensure it’s configured properly.
All healthcare companies should have encryption on all devices, due to the large amount of patient data their systems contain. File and disk encryption will protect confidential data stored on a healthcare organization’s computers. With whole disk encryption, a password will be required each time the user turns on their
5. Security Awareness Training
Hospitals are hit with 88 percent of all ransomware attacks, and data breaches cost America’s hospitals roughly $6 billion a year, according to security firm KnowBe4. 91 percent of the damaging data breaches started with a spear phishing attack. Security awareness training allows companies to deploy simulated phishing attacks to their users and train them on how to handle the threats they face every day. A Missouri hospital was recently hit by a W-2 phishing scam, and an employee provided the cybercriminal with current and previous employees’ W-2s. Additionally, security awareness training is
For more information on security solutions for your healthcare customers, contact a member of the Tech Data Security and Information Management team today at firstname.lastname@example.org or 800-237-8931, ext. 73246.