No Treats, Just Tricks: Don’t Let These Cybersecurity Scares Haunt Your Office

In honor of cybersecurity awareness month and Halloween, I'm highlighting the top five horror scenarios your office could face without the right cybersecurity tools in place.  

1. You’ve been a little lax with your security thinking a cyberattack could never happen to you, but someone got into your network and stole your patient data. 

A firewall, either as a dedicated appliance or software on your router, acts as a gatekeeper, controlling what traffic flows in and out. Many internet service providers (ISPs) offer basic firewall functionality for home and small offices. However, larger organizations with dedicated internet connections (DSOs) or multiple locations will likely need to implement their own, more robust firewall solutions. 

You should also consider setting up a separate guest network for visitors. This network should be isolated from your internal network, preventing access to sensitive business systems like your practice management software (PMS). 

2. You're faced with the black screen of doom, and once you’re up and running again, you find all your data has been wiped.  

Cyberattacks, hardware failures, and other unforeseen events can wipe out your data in an instant. Ensure your patient information is always protected by routinely backing up your systems. Even if you don't want to invest in something more sophisticated to store your data, there are tools like Dropbox and File Vine that allow you to back your information up in the cloud. A cloud-based PMS will automatically back your data up in the cloud. 

3. Your office manager comes to you looking sheepish and says, “I probably shouldn’t have clicked that link, but in my defense, it looked like an email from our vendor.” 

It's amazing how frequently -- even with training -- people click on links and attachments they shouldn't. In fact, it’s the primary cause of malware infections. Some of the tools I’ve already mentioned can help with that, as can a good email filtering service. But the best thing you can do is train your staff and make sure they’re aware of what they need to look out for.  

4. Your front-desk employee is insistent: “I only turned around for a few minutes. I just don’t think someone could have copied the patient information off my computer screen”  

You should always be guarded about sensitive information. There should only be a few people who have access to administrative passwords. Documents with personal identifiable information, health information, or employee data should never be left out where people can see it. It's amazing how frequently that happens, and it's an extremely common attack vector that nefarious actors use.