Security professionals, financial advisors, and even government agencies suggest that in 2020, cyberattacks can be more devastating on a business than a natural disaster. If your office faced a cyberattack today, would you have a plan to follow to recover your valuable data?
As dental software providers, one of our ongoing goals is to ensure dentists keep their practice data safe and secure, regardless of which software they use. Healthcare practitioners, such as dental providers, are always targets for cyberattacks because of each practice’s valuable information and records. While paperless recordkeeping boasts increased security for your practice records, it is crucial to keep in mind that data needs to always be safeguarded from potential threats. In this blog post, we have four simple steps that you can follow to ensure your dental practice’s data is sufficiently secured in the event of a cyberattack.
Step 1: Keep your software and computers up to date
Whether you store your dental records on an all-in-one practice management software or you use other options, chances are that the software you use rolls out regular software updates. Our first simple step to data security is keep your software updated. We have discussed the importance of keeping your software up to date in previous blog posts. To summarize, software updates provide users with the latest security to counteract potential threats, which are continually evolving. Additionally, these software updates fix bugs that could potentially lead to unprotected data.
Along with software updates, ensure your computer platforms and operating systems are regularly updated as well. Updated computers and operating systems incorporate advanced security measures and bug fixes that are necessary to prevent the latest threats. For example, as of January 2020, Microsoft no longer supports outdated platforms such as SQL 2008, Windows Server 2008, and Windows 7. Since these platforms are no longer supported, the software no longer receives security fixes in automated updates, leaving the system vulnerable to viruses, spyware, ransomware, and other malicious threats. Although you may require a periodic investment to keep your system up to date, it is best to always make sure you are using supported versions of the technologies used in your practice.
Step 2: Maintain proper user credentials
In addition to keeping up with software updates, make sure your workstations’ passwords are private and strong enough to minimize threats. News stories, statistics, and testimonies can attest to the issues bad passwords can create for a businesses. For instance, 81% of hacking-related security breaches are caused by insufficient passwords. As shown through multiple studies, weak passwords can be the downfall of an entire organization. Not only can an outsider easily access your valuable practice data but, with poor passwords, a team member could access something they are not supposed to.
How can you strengthen your password security? For starters, if you can, ensure each team member has their own secure login information to eliminate the risk of password-sharing and similar problems. Additionally, ensure all passwords are unique and strong; everyone should avoid using personal information in their passwords, such as their name or birthday, as these could be easy to identify for a potential hacker. General phrases such as “password” should always be avoided. Password specifications vary from source to source, but universally, almost everyone agrees on these general principles:
- Keep your password long (recommendations vary, but generally 8-16 characters)
- Use a mix of capitalized and lower-case letters
- Integrate numbers and symbols into your password
- Ensure passwords are periodically changed
Lastly, to keep your workstations as secure as possible, passwords should change every few months. The passwords should also not recycle any words or patterns as a precaution. If you or your team members struggle to remember multiple unique passwords, consider using a password manager to keep track of everything. For more tips on how to create a strong password, read this article.
Step 3: Backup your practice’s data
Our third simple step for protecting your practice’s valuable data is backing up your data regularly. While you can do everything possible to protect your data in the event of a cyberattack, some things are uncontrollable. For example, natural disasters can cause devastating and irreversible damage to your practice’s servers if they are kept in your office. To ensure your practice data is as secure as possible, look into secure Cloud backups. Doing regular data backups not only prevents significant data loss if a cyberattack struck your office but also ensures your practice’s data is secured off-site. Microsoft Azure is an example of a Cloud solution, and it is the one ABELDent uses for Remote Backup Services.
By checking off these three simple steps, you are taking the necessary actions towards securing your practice data.