By Rick Boyles, President, Computer Networks, Inc. – 3/3/2015 —
The most recent hack on Anthem just serves to underscore what Computer Networks Inc. has been saying all along…secure your computer network. Businesses and medical practices in Hampton Roads and beyond need to begin thinking about the Internet and their staff members from the perspective of:
“What steps do I have to take on my computer network to prevent my clients’ information from leaking out to the Internet?”
I read recently in a Verizon report that the majority of data leakage was the result of vulnerabilities already known to, and not patched by, IT. As HIPAA consultants in Hampton Roads, we find this deplorable. If you knew that there were issues why didn’t the patches and bug fixes get applied? Probably because someone wasn’t paying enough attention or because they let other things get in the way, or because someone other than a professional IT firm is minding the network.
Another reason might be because the person in charge of applying patches is not using a tool to patch programs, other than Microsoft programs, such as Adobe Reader and Adobe Flash (which had three weeks of consecutive out-of-band patches last month.
By way of example, our IT firm and HIPAA consultants in Hampton Roads patch monthly unless there are “out-of-band” (emergency) patches, which are applied ASAP.
There are state Data Breach laws which will come into effect if you lose a customer’s social security number, date of birth, credit card number, etc. The Virginia State Attorney General is allowed to impose a civil penalty “…not to exceed $150,000 per breach…” if you lose a customer or an employee’s personal information. Ouch! That should make businesses and medical practices in Virginia Beach, Norfolk, Chesapeake, Portsmouth, Suffolk, and throughout Hampton Roads take notice.
You have to start protecting the computer part of your business/practice just like the physical part. Put up multiple layers of defense, then keep a low profile. Most criminals will move on to an easier, less hardened target if they encounter formidable defenses.
Businesses and medical practices in Virginia Beach, Norfolk, Chesapeake, Portsmouth, Suffolk, and throughout Hampton Roads should start with a UTM (Unified Threat Management) device, which is a fancy acronym for a firewall with a bunch of security features that layer those features to protect you hundreds of times better than the $35 firewall/router you got from the Best Buy or Radio Shack.
Next, don’t let your staff run willy-nilly across the Internet. Have them restrict their work to business websites and leave the surfing for their home machine. That tweak can be done by the UTM, too.
You need to be running a centrally managed anti-virus software that updates hourly and scans nightly. And, your staff needs to look at ALL incoming emails and not open any email or email attachment unless they are positive that they were expecting it and know the sender was sending it to them on this day and at this time.
About our IT Firm and HIPAA consultants in Hampton Roads
Our IT firm was founded in 2004 by Rick Boyles. Our typical customer has 10 to 150 workstations, is a small business or medical practice, and relies heavily on e-mail, the Internet, and their computer network for running their business or medical office. Clients hire us to provide computer network security, Security Risk Analysis, managed IT services, HIPAA Risk Analysis, HIPAA Risk Assessment, and more. They do not want to incur the overhead and cost of a full-time IT staff, and they do not want to risk their IT to a self-taught employee who knows “a few things” about computers. We serve Virginia Beach, Norfolk, Chesapeake, Portsmouth, Suffolk, and Hampton Roads, Virginia.