By Martin Stranges, President Pittsburgh Computer Solutions
IT security in an office environment can be a very complex issue to tackle. The flow in a busy practice makes matters worse. Simple and effective steps can be taken to eliminate some of the burden.
Email:
Get a junk email address. There’s a lot of free services available and some have great functionality like shareable calendars you may use. We all have to subscribe or sign up for something that requires a contact address. In a lot of cases, these addresses are sold or rented to solicitors. Let this be the catch all for the marketing material and potential ransomware coming your way. Your professional inbox will thank you.
Email attachments and the office staff that opens them have been the bane of IT for decades. Viral threats started out as nuisance or joke programs that were fairly easy to remedy and didn’t usually cause excessive down time. Currently we’re seeing a new breed of programs that encrypt your data and hold it hostage until a ransom is paid. There’s been documented cases where a covered entity had to pay a $16,000 ransom to decrypt their own data. Two easy steps to help avoid the impact of ransomware are:
-
Train your staff not to open email attachments unless they’re absolutely sure it came from a reliable source. Call IT if there’s any question to ensure the email is genuine. We’re always happy to get the call before a problem starts.
-
Since accidents happen, have at least two backups of your data in place. One of them should be cloud based that does revisions or periodic snapshots of your systems.
Antivirus:
Having an antivirus in place is a no brainer. We see a lot of practice workstations with a mix of factory installed antiviruses. Some working, some expired and others that just won’t update on their own. Invest in a cloud managed business class antivirus. You’ll know exactly what’s going on across the entire organization from the dashboard at a glance. It’s also less expensive than paying one at a time for the wrong solution.
Phone:
Have practice email or info on your mobile phone? Lock it. Lost or stolen phones are one of the biggest threats to your office security. Any newer smartphone with the latest updates is capable of encryption without added software. If your phone ends up out of your control, it’ll be useless to anyone that doesn’t have your password.
Faxing:
Ever consider digital faxing? Over the years it has become a more affordable and secure option over paper faxing. It’s actually less expensive to have a digital fax line than a phone line that attaches to a fax machine. Your faxes will show up in an email and not sit on your fax machine for hours until someone notices it arrived. They’re also HIPAA compliant, but make sure you sign up for the HIPAA plan when placing your order. Imagine the cost and time savings when you’re not buying toner or paper and you can even send secure faxes right from your desktop, phone or other mobile device.
Patches:
Take advantage of patches and updates on your phone, mobile devices and workstations. They’re free and the majority of them enhance security. Some devices allow for automatic updates which will save time as well as ensure you’re always as protected as possible.
A little bit of time and effort goes a long way to securing what you’ve worked so hard to create.
Pittsburgh Computer Solutions offers complete IT solutions to keep healthcare providers compliant with privacy and security rules.