WannaCry and WannaCry2
Medical Practice Network Security Guide
Medical practice network security is paramount when designing a new medical office network. Now that security hazards are on the rise, practices are faced with many technology challenges. Most notably, they need to protect their networks from internet threats. However, to meet this challenge, practice owners must first understand the risks.
Why Are Medical Practices Vulnerable?
Perhaps the greatest threat is a false sense of security and lack of proficiency in technology. Very often, practices push network security issues down the priority list for more pressing matters. In many cases, network security is not a concern at all. To better understand the severity of this phenomenon, consider the following research results:
- According to a survey conveyed by the National Cyber Security Alliance, “More than 30% of those polled by the National Cyber Security Alliance (NCSA) think they’ll take a bolt of lightning through the chest before they see their computers violated in an Internet attack.”
- The SANS/Internet Storm Center publishes a statistic reporting the average attack time after connecting a “clean” (unprotected) computer to the internet. Alarmingly, their data indicated an average of 20-30 minutes.
New Threats
New threats continue to emerge every day, and “lightning” can strike. Whether in the form of lowered productivity, or stolen data. Medical practices cannot be expected to have staff, money, or time to invest in the maintenance of an enterprise-scale network security system. However, this does not mean they should ignore security threats.
It’s Not Personal
Most attacks and security threats are aimed at the general public. In fact, cybercriminals can run software that scans public networks looking for potential weaknesses. After exploiting a vulnerability, a hacker can take over the server or infect it. As a result, the hacker can use these systems as a “zombie army” in larger scale attacks. Or worse, encrypt your patient data for ransom.
What Happens if I Get Hacked?
Forty percent of medical practices will suffer an internet attack, according to a Gartner study. Furthermore, half of the practices won’t know until it’s too late. If you don’t take proper precautions, you could be one of those practices. So, you should ask yourself the following questions:
- How much damage would a severe attack inflict on my practice?
- Can I afford the financial costs, downtime, and hassle?
- How valuable is the lost or stolen data?
- How much would this data loss cost your practice in CMS fines?
- What would happen if a stolen computer containing critical patient data wasn’t backed up?
Each business is different in both vulnerability and risk. The questions above can help you assess the potential damage of an attack on your network. However, there are other threats beyond hacker attacks and loss of information. Know them, and protect yourself.
How much does it cost to be a victim?
A severe cyber-attack is no less harmful than physical theft of valuable data. Know your enemy.
What Are the Threats?
Like any technology, Internet security threats are changing and evolving at all times. Hackers adjust their methods and develop them to take advantage of both technological vulnerabilities and psychological weaknesses of employees. Some current threats are:
Security Holes or Vulnerabilities
These are “bugs” in operating systems and software that can be exploited by hackers. When a vulnerability is discovered, the race begins: hackers hurry to develop exploits, which are pieces of code that use the vulnerability to penetrate or disable a program or a whole network, before the software developer releases a patch to close the hole.
Direct Attack
Though less common, in the medical practice world direct attacks do exist. A disgruntled worker, patient, or a competitor can try to hack into the network with different intentions. From pure curiosity to data theft, many reasons can cause a hacker to come knocking on your office network door.
Viruses
Often confused with worms, viruses are pieces of executable code that can cause harm to a computer system or server. Viruses often spread themselves through email by disguising themselves as legitimate attachments. Typically, a user unknowingly activates the code thereby infecting their system. Viruses can range from merely annoying to severely damaging.
Worms
Similar to viruses and much more widespread are computer worms. Unlike viruses, which infect programs and files, worms do not attach themselves to any other software and are self-sustained. Worms often spread themselves using over a business network. As a result, these infections could delete or corrupt important business files and patient data.
Trojan Horses
These are software programs that capture passwords and other personal information, and can also allow an unauthorized remote user to gain access to the system. It’s necessary to use a firewall with strict control for outgoing traffic to prevent these viruses.
DoS (Denial of Service) Attacks
DoS attacks have can be easily avoided by using a business class firewall to protect your network.
Spam
Though not officially defined as a security threat, spam can seriously damage productivity and represents a potential risk, due to the current rise of malicious software delivered by spam messages, as well as “phishing.” Phishing is a method used to acquire personal information such as passwords, bank account, and credit card numbers, and more, through sophisticated email messages that claim to have come from a particular provider (eBay for example) and appear quite authentic to the unsuspecting recipient.
Spyware
Spyware is malicious code sometimes found in various freeware or shareware software and file sharing clients. It takes a toll on system performance and sends user data to the spyware creators.
Inappropriate or Illegal Content
Though not considered a security threat, inappropriate content can severely damage employee productivity. Web sites with illegal content often contain files with viruses, worms, and Trojans horses embedded in the available downloads.
How Can I Protect Myself?
If you have read this far, you have passed the toughest challenge for medical practice network owners. You should now have a pretty clear picture of what the possible threats are and how they can harm your system.
The next step is to evaluate the risks and allocate the resources:
- Assess your needs and invest correctly. Consider the damage if a competitor retrieved customer information. Think of the cost to your business that can be done by website downtime.
- Don’t go overboard. Investing valuable time and money in resources, you do not need. For example, a home-based business of three employees does not necessarily require content filtering to avoid questionable content online.
- Outsource whenever possible.Network security consultants, as well as companies dedicated to network security service provisioning, can be very helpful if you do not have an IT staff.
Ten Step Approach to Medical Practice Network Security
Before you go out and shop for firewalls, anti-viruses, and network security service providers, be sure to set the goal. Assess your needs, examine your current resources, and estimate the potential benefits of having a secure network. The following is a ten stop approach to rock-solid medical practice network security.
The Basics
1. Awareness
Perhaps one of the essential ingredients of a secure network is awareness. Familiarize yourself with various security threats. Be sure to check the availability of security updates and software patches. Increase awareness among your workers. Have them read this document, if necessary. Make sure they do not bring unprotected mobile devices into the network, that they do not open unexpected email attachments, and so on.
2. Security Policy
Technology is only one tool used in the enforcement of certain rules meant to keep your data safe and your business running smoothly. In addition to technology, a security policy should consist of various standards and behaviors. One example is requiring users to have complex passwords. We strongly recommended consulting with a network security specialist for any size office.
3. Firewall
A firewall acts as the safety guard between your network and the Internet. Firewalls differ from one another. Some provide in-depth firewall protection and additional security services. While others just provide Internet connection sharing. The primary purpose of a firewall is to keep out unwanted traffic.
Many hardware firewalls offer additional services such as email antivirus and anti-spam filtering. When selecting a firewall, first define the requirements of your business. Many firewall vendors provide customizable firewalls with pricing depending on the range of services you choose. Whenever possible, get technical assistance from a local network security service provider.
4. Desktop and Server Antivirus Software
Scan data files and email for viruses using an antivirus suite like Symantec Client Security. Then, keep the virus definitions up to date. Also, keep in mind that simply having an antivirus doesn’t guarantee complete virus protection. Properly trained staff will also help avoid virus infection.
5. Patches and Updates
Microsoft and other software vendors provide updates meant to fix bugs security issues in their software. So, you should apply Windows updates regularly.
6. Backup
Always backup your data regularly locally, and to the cloud. By backing up locally, you can quickly restore your data. Furthermore, cloud backups will protect your patient data if there’s a fire or other natural disaster.
7. ISP and Gateway Failover
For businesses that are dependent on Internet connectivity, it is crucial to have a backup Internet connection
8. Anti-spam and Anti-spyware
Spam filtering should be in place to protect the mail server and staff from viruses and spam. Spam and spyware are not only annoying, but they can be quite dangerous to your network security and, of course, productivity. Another threat to productivity is sites with questionable content, as well as file sharing software.
9. Filter Internet Browsing on Desktops
Internet filtering is the best way to deal with questionable websites.
10. Remote Access VPN and Site-to-Site VPN
Virtual private network (VPN) technology allows you to connect two or more networks in a private connection, creating a tunnel of encrypted data between the two points. It was widely adopted to replace expensive private networks by using less expensive broadband connections. Furthermore, VPNs provide privacy and encryption for data transferred over the Internet.
A VPN is especially useful if you have two or more branches in your business or would like to access your office network remotely. For example, your sales representative does not have to carry confidential information on his laptop when visiting abroad. All he has to do is connect to the Internet and access the data in the office through a secure connection. Numerous security appliances offer VPN server and endpoint capabilities. If accessing your office network increases productivity, or if you have been accessing your office network without using a secure VPN, you should select a gateway appliance that offers this feature.
Protect Your Medical PracticeAbout Innovative Computer Systems
Innovative Computer Systems is a Managed Services Provider specializing in Healthcare Information Technology (HIT) and Corporate Business Technology. We work closely with our clients to understand their daily workflow requirements. Some of our clients include leaders in Ophthalmology, Facility Maintenance, Pediatrics, Law, Urology, Dermatology, Commercial Real Estate, Internal Medicine and Ambulatory Surgery.
About the author
Steve Gerbino is the Founder and CEO of Innovative Computer Systems. With over two decades of IT experience, his mission is to provide the best Information Systems and support for Healthcare Practices and Small Businesses.
Related posts
