508-909-5961 [email protected]

Secure PHI with tech defenses

News regarding hospital data breaches that disclose thousands of medical records emerge at a distressing rate, yet these attacks shouldn’t really come as a surprise. All this valuable data will cost a hefty price on the black market, which makes them great incentives for cybercriminals.

The post Secure PHI with tech defenses appeared first on Complete Technology Resources, Inc..

Secure PHI with tech defenses

News regarding hospital data breaches that disclose thousands of medical records emerge at a distressing rate, yet these attacks shouldn’t really come as a surprise. All this valuable data will cost a hefty price on the black market, which makes them great incentives for cybercriminals. Counter this by arming your team with the best systems and protocols, such as:

Routine Access Monitoring

To control access to protected health information (PHI), your IT department must introduce guidelines and restrictions. This guarantees that none of your employees are looking where they shouldn’t be and end up tempted financially. In fact, a Verizon report discovered that healthcare is the only sector where employees present the biggest cyberthreat, with 58% of events implicating insiders.

Healthcare execs must also have their staff undergo security training and enforce policies where they’re reprimanded if they try to access confidential patient data without a valid business-related reason.

Full-disk encryption

Full-disk encryption (FDE) is an inexpensive and quick method to secure private information. It even alleviates the effects of stolen physical assets by restricting reporting requirements and fines.

Even though this recommendation is old news to the healthcare sector, the recent shift to greater mobility should make this a priority more than ever, particularly because stolen or lost devices pose a massive security risk.

Let’s say a healthcare provider’s laptop got stolen. The thief could easily disclose all employee PHIs on the city’s health plan. Encrypted devices would never be subjected to such a scenario.

Resilient infrastructure

Your primary goal is to keep cyberthreats out, but reducing the effect on the network when a hacker has already infiltrated it is just as important. Since email and websites are the most common conduit for malware, you need to set up systems that will contain these threats.

You must not allow the infected device to spread the virus to more of your crucial assets, and don’t ever use devices with high-availability requirements to receive external email or to surf the web. In case such systems fail though, you’d also need to come up with a recovery plan so you can still take care of your patients despite a major incident.

Always remember that your patients already trust you with their life, so you must do everything you can to protect their privacy, too. If the above approaches sound way too technical for you, just give us a call and we’ll make sure these cybersecurity measures have your back.

Published with permission from TechAdvisory.org. Source.

The post Secure PHI with tech defenses appeared first on Complete Technology Resources, Inc..

Read More

Phishing hits businesses at tax time

Phishing schemes abound every season, and tax season is no exception. It's an important time of year in the corporate world and cybercriminals are looking to take advantage of it, which is why your business must ensure that your confidential data is kept under lock and key.

The post Phishing hits businesses at tax time appeared first on Complete Technology Resources, Inc..

Phishing hits businesses at tax time

Phishing schemes abound every season, and tax season is no exception. It's an important time of year in the corporate world and cybercriminals are looking to take advantage of it, which is why your business must ensure that your confidential data is kept under lock and key.

Phishing baits to watch out for

Phishing attacks often consist of fabricated or compromised emails sent to finance/payroll or human resources employees that are made to look like they're from an executive in your company. The message might contain a request to forward employee records, including their W-2 forms, but that’s not all...

Another common scheme, which doesn’t only happen during tax season, involves getting a call from a person declaring to be an IRS employee. And no, caller IDs won’t save you because they can forge that, too. The phisher will inform you that you owe them cash from back taxes and they will threaten legal action if you don’t pay via credit card at that instant.

Always remember, the IRS will never contact you on the phone to let you know that you owe them money. And they certainly won’t threaten you or demand payment over the phone. If they really need to notify you of such matters, they’ll use the postal service and will give you a chance to discuss payment terms.

Standard protection protocols

Don’t worry, the usual security measures against these phishing scams are pretty easy to integrate into your business. Begin by developing a policy that bans the request of private details through email. If an employee ever requires such info, they should get in touch with the person directly, follow your established protocols for the transfer of sensitive information, and minimize the number of people involved in the transaction.

Taking security a step further

Data loss prevention (DLP) systems are also valuable weapons against these types of phishing attacks. They evaluate traffic going in and out of your company, such as web usage, emails and instant messages, and virtually anything sent on your network. DLP systems can filter out private details, including Social Security numbers, and stop them from being sent out.

But beware, DLP systems come with a minor drawback, as they can also block legitimate traffic, like when your accounting department sends tax info to your CPA. Fortunately, an MSP like us can properly segregate the good and the bad traffic to avoid confusing and/or frustrating your employees.

Phishing schemes may be a normal occurrence during tax season, but that doesn’t mean you can’t do anything about it. Don’t let the vulnerabilities in your business, particularly the human element, fall prey to cybercriminals. Send us a message right away and we’ll conduct an assessment of the security of your business, as well as design a risk management plan to help counter future complications.

Published with permission from TechAdvisory.org. Source.

The post Phishing hits businesses at tax time appeared first on Complete Technology Resources, Inc..

Read More

Phishing hits businesses at tax time

Phishing schemes abound every season, and tax season is no exception. It's an important time of year in the corporate world and cybercriminals are looking to take advantage of it, which is why your business must ensure that your confidential data is kept under lock and key.

The post Phishing hits businesses at tax time appeared first on Complete Technology Resources, Inc..

Phishing hits businesses at tax time

Phishing schemes abound every season, and tax season is no exception. It's an important time of year in the corporate world and cybercriminals are looking to take advantage of it, which is why your business must ensure that your confidential data is kept under lock and key.

Phishing baits to watch out for

Phishing attacks often consist of fabricated or compromised emails sent to finance/payroll or human resources employees that are made to look like they're from an executive in your company. The message might contain a request to forward employee records, including their W-2 forms, but that’s not all...

Another common scheme, which doesn’t only happen during tax season, involves getting a call from a person declaring to be an IRS employee. And no, caller IDs won’t save you because they can forge that, too. The phisher will inform you that you owe them cash from back taxes and they will threaten legal action if you don’t pay via credit card at that instant.

Always remember, the IRS will never contact you on the phone to let you know that you owe them money. And they certainly won’t threaten you or demand payment over the phone. If they really need to notify you of such matters, they’ll use the postal service and will give you a chance to discuss payment terms.

Standard protection protocols

Don’t worry, the usual security measures against these phishing scams are pretty easy to integrate into your business. Begin by developing a policy that bans the request of private details through email. If an employee ever requires such info, they should get in touch with the person directly, follow your established protocols for the transfer of sensitive information, and minimize the number of people involved in the transaction.

Taking security a step further

Data loss prevention (DLP) systems are also valuable weapons against these types of phishing attacks. They evaluate traffic going in and out of your company, such as web usage, emails and instant messages, and virtually anything sent on your network. DLP systems can filter out private details, including Social Security numbers, and stop them from being sent out.

But beware, DLP systems come with a minor drawback, as they can also block legitimate traffic, like when your accounting department sends tax info to your CPA. Fortunately, an MSP like us can properly segregate the good and the bad traffic to avoid confusing and/or frustrating your employees.

Phishing schemes may be a normal occurrence during tax season, but that doesn’t mean you can’t do anything about it. Don’t let the vulnerabilities in your business, particularly the human element, fall prey to cybercriminals. Send us a message right away and we’ll conduct an assessment of the security of your business, as well as design a risk management plan to help counter future complications.

Published with permission from TechAdvisory.org. Source.

The post Phishing hits businesses at tax time appeared first on Complete Technology Resources, Inc..

Read More

Does private browsing secure your data?

If you’re getting targeted with surprisingly relevant ads, there’s a chance your internet activity is being tracked and analyzed by market researchers. While this doesn’t bother most people, private browsing mode can offer you some protection against online marketers and would-be data thieves.

The post Does private browsing secure your data? appeared first on Complete Technology Resources, Inc..

Does private browsing secure your data?

If you’re getting targeted with surprisingly relevant ads, there’s a chance your internet activity is being tracked and analyzed by market researchers. While this doesn’t bother most people, private browsing mode can offer you some protection against online marketers and would-be data thieves.

What is private browsing?
Your web browser -- whether it be Chrome, Edge, Firefox, Safari, or Opera -- remembers the URLs of the sites you visit, cookies that track your activity, passwords you’ve used, and temporary files you’ve downloaded.

This can be convenient if you frequently visit certain pages, can’t remember your login details, or if you’re trying to recall a website you visited a few days ago. But if someone else uses or gains access to your computer, your most private (and embarrassing) internet activities are exposed for anyone to see.

With private browsing -- also called Incognito Mode in Chrome and InPrivate Browsing in Edge -- all the information listed above does not get recorded. In fact, all the websites and information you accessed in the private browsing session is immediately discarded without a trace as soon as you close the browser. This can come in handy when you’re using a public computer because you’re instantly logged out of all the accounts after closing the window.

Your cookies also won’t be tracked. In a normal browsing session, sites like Facebook will inundate you with highly targeted ads based on the sites and pages you’ve visited. But in private browsing mode, your internet activity won’t be used against you by marketing companies.

Another benefit of private browsing is you can use it to log in to several accounts on the same site, which is useful if you need to log into two different Google accounts at the same time.

Limitations of private browsing
Although private browsing does prevent your web browser from storing your data, it doesn’t stop anyone from snooping on your current activities. If your computer is connected to the company network, system administrators can still keep track of what you’re browsing even if you’re in Incognito Mode.

Also, if spyware or keylogger malware is installed on your computer, hackers will still be able to see what you’re doing online. Even though private browsing has quite a few benefits, you shouldn’t solely depend on it for online privacy.

Your computers must be equipped with Virtual Private Networks that encrypt your internet connection and prevent anyone from intercepting your data. And don’t forget to scan your computer for viruses with a strong anti-malware program to keep spyware and other malicious web monitoring software at bay.

If you want to know where you can get these solutions or learn more about web browser security, call us today. We have the tools and expert advice you need to prevent anyone from snooping on your internet browsing.

Published with permission from TechAdvisory.org. Source.

The post Does private browsing secure your data? appeared first on Complete Technology Resources, Inc..

Read More