Preventing a cyber attack
We are compelled to share yet another warning about the current cyber attack climate. Sophisticated attacks are continuing to increase at an astonishing rate and an alarming number of them are being effective. Here are two tips being discussed right now by the leading cyber officers in healthcare that can be implemented by organizations large and small for very little expense.
First, email flagging. You’ve probably seen emails with an added tag that says something to the effect of “this email originated from an outside source, proceed with caution”. The style and verbiage may vary, but these flags added to emails are an effective way to a) keep your employees thinking about security, and b) tip them off if the email is an attempted look-a-like spoof of an internal email from a co-worker or senior officer. In short, most of you can set this up for free, and they’re effective, Ask your IT to help, or give us a call.
Second, disable hyperlinks in emails. Hyperlinks and attachments in emails are still the most common attack vector for email phishing based campaigns. Disabling hyperlinks forces the receiver to copy and paste a link into a browser. By adding this extra step, you’ve made it more likely that your users will enter the desired website into the browser, rather than relying upon the link in an email – a best practice recommendation. What’s more, mobile phones and other mobile touch devices make mousing over a link to see the true destination more difficult. Users are more likely to just click the link intentionally or accidentally, and then it’s too late.
These two steps should be added to your cybersecurity protection list. Contact your IT or call us if you want more information on setting this up.
Finally, this message has a third purpose – to keep security on your mind. Your employees are the weakest link in a well-developed cybersecurity defense plan. The more tuned in, alert, and aware your workforce is, the less likely they’ll be tricked into triggering an attack.
Stay focused and alert. Click smart.
If you have any questions or if you are concerned about your organization’s cybersecurity, give us a call at (800) 970-0402. We’ll be happy to help.
For more HIPAA information, download our ebook – The Ultimate HIPAA Compliance Handbook.
The HIPAA Security Rule requires the implementation of a security awareness and training program for all members of its workforce (including management). Have your team sign up for weekly HIPAA Security Reminder to help stay compliant.