It seems as though every few weeks you hear about another cyber threat – scams, viruses, security breaches, Ransomware – take your pick. These menaces take quite a financial toll on companies worldwide. Unfortunately, no is immune to these cyber threats – not even your dental practice.
It is crucial to ensure your practice is protected against an army of determined scam artists. But before you implement effective controls, it is essential to have a clear understanding of what can threaten your practice.
Know Your Enemy
Ransomware is a computer virus that immediately encrypts all recognizable file types so that you can’t access them. Once the virus infects your network, a screen pops up with the hacker’s demand: pay a ransom in exchange for your practice’s data to be “decrypted,” or you lose everything. There is then a countdown or clock, and if the ransom is not paid before the time runs out, all of your practice’s data will be destroyed.
Four Tips to Help Prevent a Ransomware Attack
To protect your business against Ransomware and other similar threats, follow these best practices:
- Train your staff to identify phishing emails. There are numerous companies that can provide your dental practice with tests and training to educate your staff about phishing emails and how to identify possible scams. It is important to thoroughly train everyone in your practice when it comes to opening attachments and clicking hyperlinks.
- Change the Microsoft Active Directory rights of your staff. There is probably no reason for all of your employees to have full access to your practice’s entire database. Only grant database access to the employees that need it to perform their job duties. This layer of protection helps isolate the damage if an attack does occur.
- Implement programs such as Microsoft “AppLocker.” AppLocker and similar products give users access only to the programs they need to utilize. This also helps isolate any threat, which can help minimize the impact of an attack on your dental practice.
- Develop a disaster recovery plan. It has been estimated that only about 35 percent of small- to medium-sized businesses have a comprehensive disaster recovery (DR) plan. Your practice should be included in this statistic. When crisis strikes, it is always better to be prepared in order to protect your business. A DR plan, along with plan testing and data backup, will help prepare you for the unknown, which could be catastrophic.
Talk to you IT provider or enlist the help of a trusted IT company to help secure your computers, network and practice – not to mention client information. This is something that should move to the top of your ‘to do” list.
Published by Matthew Scherer on January 3, 2019