Need Reliable Computer Services: Call (352) 224-3866

Your Small Medical Practice Needs Protection Against Ransomware

Think your practice’s small size will protect you from cybercriminals?

Think again – smaller organizations in the healthcare community aren’t flying under the radar. You’re in just as much danger as larger medical practices, or perhaps, even more so, if you don’t have the right cybersecurity measures in place.

Case in point – a Wyoming community health system, with no more than 90-beds, was hit by ransomware late last year. In the aftermath, they had to cancel appointments and suspend services, severely affecting their patients, and their ability to operate.

What would happen if you were hit by ransomware today?

The Truth About Cybercriminals’ Taste In Targets

Nearly half of all reported data breaches in 2019 affected small businesses, mainly because they’re incredibly easy targets. The fact is that most cybercriminals aren’t spending all that much time or effort in any attack – they’re just sending phishing emails, setting up malware traps, and other largely passive and automated tactics.

That means that your safety doesn’t depend on your size – it depends on what you’re doing to protect yourself…

How Should You Protect Your Practice?

1. Confirm that anti-malware and antivirus settings are deployed to automate all updates and to continually conduct system and device scans.

2. Access controls should be configured so that shared permissions for directories, files and networks are restricted. The default settings should be “read-only” access to essential files, with limited permissions for write access to critical files and directories.

3. Train your staff to ask themselves these key questions before opening an email:

  • Do I know the sender of this email?
  • Does it make sense that it was sent to me?
  • Can I verify that the attached link or PDF is safe?
  • Does the email threaten to close my accounts or cancel my cards if I don’t provide information?
  • Is this email really from someone I trust or does it just look like someone I trust? What can I do to verify?
  • Does anything seem “off” about this email, its contents or sender?

4. Macro scripts in office files should be disabled when sent over email.

5. Software restriction policies should be created or other controls implemented that prevent the execution, especially in the common locations where ransomware lurks, such as temporary folders used by the most common web browsers.

6. If you have you have a data backup solution, then it doesn’t matter if your data has been encrypted. You can just replace it with your backup, simple as that.

That’s why you should make a considerable investment in a comprehensive backup data recovery solution so that you can restore your data at a moment’s notice when necessary.

Be sure to:

  • Back up data on a regular basis (at least daily).
  • Inspect your backups to verify that they maintain their integrity.
  • Secure your backups and keep them independent from the networks and computers they are backing up.

Do You Have Expert Cybersecurity Assistance?

Nexgentec will deploy a range of robust cybersecurity measures for your practice, including firewalls, patching, antivirus software updates, intrusion, and gateway protection. Furthermore, we will support your cybersecurity processes and practices, by implementing 2-factor authentication, employee security training, and password reset policies for your company.

Like this article? Check out the following blogs to learn more:

Microsoft Accounts Targeted For Months, Hackers Serve A Security Reminder

Essential List of Cybersecurity Terms to Know in 2019

Microsoft Data Breach Highlights Need for MSP Collaboration and Security

Call Us: (352) 224-3866