Cyber Security: Problem in Chair, Not in Computer
At the beginning of June, I had the pleasure of speaking alongside our CEO Chris Claudio to the Long-Term Care Finance Association (LTCFA) community on different technology topics for senior living organizations. Chris focused his portion of the presentation on ‘Technology Enablement in Healthcare – Exploring the State of Technology in the Delivery of Care’ and I focused on ‘Cyber Security.’
I kicked off my presentation by reviewing the basic security facts which always begins with the acronym PICNIC – Problem in Chair, Not in Computer. Almost all security issues begin with human error. Computers don’t make mistakes but people do. The goal for any organization from a security standpoint is to have enough controls in place to make it difficult for hackers to come after your organization.
Here are my top recommendations for your security arsenal:
- Back Ups – The biggest threat for healthcare organizations is equipment failure and ransomware. Enforce centralized storage and test your backup restore process periodically. If it’s not tested, you don’t have backups.
- Updates – It’s imperative to update your devices to ensure your data is secure. Mobile devices, applications, operating systems and network equipment should be updated frequently. Set your applications to automatically update so you don’t have to worry about manually updating.
- Antivirus – There is no excuse for not having antivirus. There are plenty of free resources and full protection solutions so it’s imperative your organization utilize one of these tools to minimize risk.
- Filtering – Filtering can be cheap or expensive depending on the level you choose but all organizations should at least have the basic level of filtering. Web browser filters have some say on what can be accessed or what can’t. Your organization can set company-wide filters so employees aren’t able to access malicious sites.
- Password Management – It is important to set strong passwords on all devices. Use password management vaults to help avoid password reuse and if available utilize multi-factor authentication on your devices.
These are just a few things that your organization can do to be more secure. If you feel as though your organization is not where it needs to be from a security standpoint, then it’s time for a conversation with our security team.