There was a time when all it took to protect your organization was an internet firewall, PC antivirus, email filtering, and backup. Today though, many organizations within the U.S. healthcare system are ill prepared for emerging cyber threats and think a solid security policy requires budget they don’t have.
“The percentage of healthcare organizations impacted by ransomware globally nearly doubled, from 2.3% in the second quarter to 4% in the third quarter. Healthcare was followed by manufacturing, software makers, government/military and insurance and legal firms.” USA Today
Below is a checklist to help protect your environment. It is not all inclusive of what is needed but a good starting point.
- Turn off all nonessential computers and lock all computers not in use
- Ensure backups are in place and working. Have multiple backup sites.
- All computers should be patched with updated security settings and antivirus software
- Ensure core features like multiple factors and MCAS are in place and running across the entire environment
- Train employees on types of Phishing attacks and email awareness
- Mandate strong passwords
- Disable inactive accounts
- Restrict file type downloads
- Conduct Security Hardening and Audits
- Restrict company emails to block personal accounts
- Inventory all third-party apps for secure access
- Update Firewalls within the office and for remote workers