In the continued evolution of cyber security threats, healthcare facilities have become one of the biggest targets, as their computers and networks hold a vast quantity of secure patient information that is often needed to continue with proper and quality patient care. When a healthcare facility’s system is locked-down by malware (such as ransomware), it’s impossible to access key patient information — i.e. past medical information and allergies — that is needed in moving forward with medical procedures. With patient care in mind, healthcare facilities are often more inclined than most submit to the demands of a cybercrime…and cyber thieves know it.
Healthcare facilities don’t have to sit by and wait for the next attack, though. There are ways to prevent the next cyber attack, effectively protecting hospitals and healthcare facilities from ransomware and other cyber security threats:
- Update Operating Systems and Software
In a healthcare facility, updating computer systems is not most employees’ main priority…it’s providing patient care. However, the inability to perform these computer updates is often the healthcare facility’s downfall. How? With ransomware technology growing at a fast pace, the use of malicious emails to entice victims is not the only way ransomware can attack. Cyber threats, like WannaCry ransomware, also feed on and weasel their way into entire networks and systems via out-dated operating systems and programs. Keeping your operating systems up-to-date will lessen your risk of developing a ransomware attack.
Updating your operating system is not always as easy as clicking the accept button. It is crucial to read what you’re updating to. So, instead of hitting the “default” setting key during configurations, read through the terms and conditions and know what will be in tow. During this, you can configure the new update to meet the cyber security standards that your IT department put in place.
- Turn On the Firewall
When your systems, especially electronic health records, are connected to the internet, the need for a firewall is inevitable. Not only does it provide protection from outside users, the firewall will inspect messages that go through the system. Make sure you don’t confuse a firewall with anti-virus software, and never assume that anti-virus protection is enough — it’s good to have, but not enough! HealthIT provides a clear statement on how anti-virus protection helps, but the firewall is your best first defense. Think of the differences between anti-virus protection and the firewall this way: “the anti-virus can be thought of as infection control while the firewall has the role of disease prevention.”
- Create and Maintain Back Ups
The best way to protect patient information from ransomware and other malware attacks is to regularly backup your facility’s data. That way, if an attack does happen, all of your data and information can be resumed and rebooted. Pro tip: Regularly check on and test the backup device to make sure it’s working correctly, or keep more than one backup.
- Strong Usernames and Passwords
Usernames and passwords should be required when dealing with confidential information, but they should also be strong, hard to guess, and only known to the user. Users should also log-out each time they step away from a computer. Create an extra layer of security by taking a look at these do’s and don’ts for creating a strong login code:
Do
- Use a combination of upper and lower case letters
- Add numbers and special characters
- Use at least 8 characters in length
- Change every so often
Don’t
- Use nicknames
- Use personal information (birthdate, names of family or friends, etc.)
- Keep the same password for every device
IT Protection for Healthcare Facilities
As one of today’s biggest targets for cyber thieves, hospitals and healthcare facilities require detailed, complex cyber protection. Updating the software regularly, creating a firewall, backing up information as often as possible, and creating a stronger login code are just the most basic ways you can begin to protect your hospital, clinic, or healthcare facility from the next cyber attack. For a more comprehensive approach, contact an IT company like Integracon. Our healthcare industry-specific IT package uses specific, layered measures to protect your clinic, hospital, or facility, but it also removes the burden of IT compliance from your hands…effectively letting you focus elsewhere.
