508-909-5961 [email protected]

5 Best practices for securing PHIProtected health information (PHI) includes personal, medical, and financial information, as well as other data created or used when a patient sought and received healthcare services. Due to the sensitive nature of PHI, it is highly valuable to hackers — and this is why your healthcare organization must do everything possible to protect any PHI […]

The post 5 Best practices for securing PHI appeared first on Complete Technology Resources, Inc..

21 Oct, 2020 / by Complete Technology Resources / in 2020october21_healthcare_b, access policies, cybersecurity, data breach, full-disk encryption, healthcare, healthcare it, phi, phishing, privacy, protected health information category
5 Best practices for securing PHI

Protected health information (PHI) includes personal, medical, and financial information, as well as other data created or used when a patient sought and received healthcare services. Due to the sensitive nature of PHI, it is highly valuable to hackers — and this is why your healthcare organization must do everything possible to protect any PHI data it handles. These best practices will put you on the right track toward keeping PHI secure.

Educate your staff

A comprehensive data security training program is necessary to combat ever-evolving threats to the healthcare industry. Training should be done regularly and cover all the different areas of data security, including the different data breach methods employed by hackers. For instance, your employees should be educated on how to spot phishing attacks, which are the number one cause of data breaches, according to the 2020 Verizon Data Breach Investigations Report. Understanding how phishing works will help your employees recognize and avoid falling victim to such scams.

Enforce strict access policies

Implement access restriction policies to keep unauthorized users from getting their hands on PHI. This entails granting employees access to only the PHI they need to perform their tasks. For instance, accountants should not have access to data about patients’ health conditions. Similarly, physicians shouldn’t be able to see patients’ billing information.

Healthcare executives must also hold employees accountable for accessing PHI for no valid reason. Together with regular cybersecurity training, this will minimize the risk of data breaches resulting from insider threats.

Employ full-disk encryption

Full-disk encryption is an inexpensive and quick method to secure private information saved in computers and portable devices. It renders data indecipherable to users who don’t possess the matching decryption key. This means that even if one of your employees’ laptop or smartphone is lost or stolen, the thief won’t be able to access any encrypted PHI stored in it.

Build a resilient infrastructure

Malware is a blanket term for viruses, Trojans, and other harmful programs that cybercriminals use to damage systems and gain access to sensitive data. To ensure the security of PHI, your healthcare organization must build an IT infrastructure that is protected against malware of all kinds.

This involves setting up safeguards to keep malware and other threats at bay, such as advanced firewalls, intrusion prevention systems, and email filtering software. You should also consider network segregation and segmentation to block hackers’ attempts to penetrate your networks and steal PHI data.

If malware does manage to infiltrate your network, stop it from spreading by deploying next-gen anti-malware software that can detect and quarantine any signs of a breach. If such systems fail, you’d also need a data backup and recovery plan so you can continue caring for your patients even during a major incident.

Implement physical security measures

Many healthcare organizations still rely on paper-based PHI and store these in file cabinets. Secure these valuable assets by installing physical security controls, such as surveillance cameras and card entry systems, in the areas of your facility where records are stored. You should also implement strict record log-out procedures, which will help ensure that only authorized personnel can access records that contain sensitive data and that these are returned promptly.

To learn more about how you can secure PHI and other digital assets, drop us a line today. Our team of professionals can provide you with the knowledge and assistance you need.

Published with permission from TechAdvisory.org. Source.

The post 5 Best practices for securing PHI appeared first on Complete Technology Resources, Inc..

Read More

Tips on how to choose the right mouseHave you been feeling some discomfort in your mouse-clicking hand lately? Have you been using that mouse for several years now? If you have, then it’s time to consider a computer mouse upgrade. Your mouse should allow you to work safely with ease and efficiency. If you’re looking to buy a new mouse, keep the […]

The post Tips on how to choose the right mouse appeared first on Complete Technology Resources, Inc..

19 Oct, 2020 / by Complete Technology Resources / in 2020october19hardware_b, dpi, fingertip, grips, Hardware, mouse, palm, sensitivity, size, wired, wireless category
Tips on how to choose the right mouse

Have you been feeling some discomfort in your mouse-clicking hand lately? Have you been using that mouse for several years now? If you have, then it’s time to consider a computer mouse upgrade. Your mouse should allow you to work safely with ease and efficiency. If you’re looking to buy a new mouse, keep the following in mind.

Cable or wireless?

When planning to purchase a new mouse, it’s important to consider whether to get a wired or a wireless mouse. A wireless mouse is generally more comfortable to use since your range of movement isn’t limited by a cable, and it’s usually travel friendly. However, a wireless mouse can be less responsive, making it frustrating to use at times. Sometimes, a wireless mouse can also interfere with other wireless devices nearby. Using it requires batteries, which can create problems when they run out of juice. And if you use the same mouse for both work and home, you run the risk of losing the tiny USB receiver for your wireless mouse when you travel.

On the other hand, a wired mouse is cheaper and easy to plug and play. The only problem you’ll have to worry about is dealing with tangled wires. So when you’re deciding on a new mouse, think about whether you’re looking for comfort or convenience.

Ergonomics matters

You’re going to be using the new mouse for a while, so it’s important to choose one that feels comfortable in your hands. When deciding on the right mouse, focus on the size and the grip of the device. The size of the mouse usually comes down to hand size. For example, someone with smaller hands will find a larger mouse quite unwieldy.

Certain mice can also accommodate different types of grips — fingertip grip, palm grip, and claw grip. Users who want high-precision control of their cursor should opt for a mouse with fingertip grip, those needing comfort should get a palm grip mouse, and if you want both control and comfort, the claw grip mouse is the way to go.

DPI (dots per inch)

Higher sensitivity is necessary for precise mouse movements, especially if you’re editing images, videos, or audio files. A mouse with 1200 DPI or greater guarantees finer, sharper control.

Although mouse specifications like DPI might be the last thing on your mind when it comes to buying new hardware, your comfort is important. A good mouse with the right fit can make you more efficient and reduce the risk of injury.

If you need assistance setting up the best hardware for your company, don’t hesitate to give us a call. We’ll be happy to help.

Published with permission from TechAdvisory.org. Source.

The post Tips on how to choose the right mouse appeared first on Complete Technology Resources, Inc..

Read More

How to tighten your VoIP systems’ securityFew companies today would survive without effective, cost-efficient collaboration tools like Voice over Internet Protocol (VoIP) solutions. But like any piece of technology, VoIP systems are fast becoming an easy target for attackers. Here’s how to protect your company’s internet-based communication devices from numerous threats. What many companies don’t realize is that valuable information moves […]

The post How to tighten your VoIP systems’ security appeared first on Complete Technology Resources, Inc..

16 Oct, 2020 / by Complete Technology Resources / in 2020october16voip_b, encryption, internet phones, internet telephony safety, password protection, passwords, virtual private networks, VoIP, voip firewalls, voip security, vpn category
How to tighten your VoIP systems’ security

Few companies today would survive without effective, cost-efficient collaboration tools like Voice over Internet Protocol (VoIP) solutions. But like any piece of technology, VoIP systems are fast becoming an easy target for attackers. Here’s how to protect your company’s internet-based communication devices from numerous threats.

What many companies don’t realize is that valuable information moves across VoIP networks just like sensitive data is shared via email. In some cases, internet-based calls are more vulnerable to fraud, identity theft, eavesdropping, intentional disruption of service, and even financial loss. With numerous VoIP-based attacks, it’s crucial to implement these security measures now.

24/7 monitoring

VoIP security breaches usually take place outside operating hours. Attackers make phone calls using private accounts or access call records with confidential information on the sly. Contract outsourced IT vendors to monitor network traffic for any abnormalities to avoid these security breaches.

Virtual private networks

Virtual private networks (VPNs) create a secure connection between two points, as if they belong in the same closed network. It’s like building a safe secret tunnel between you and the person you’re calling. Using a VPN can also help overcome complications involving Session Initiation Protocol trunking, a recommended VoIP feature.

VoIP firewalls

Firewalls specifically designed for IP-based telephony curb the types of traffic that are allowed into your network. They ensure that every connection is properly terminated at the end of a session and identify suspicious calling patterns. Virtually every VoIP vendor provides these protocols, but you should always consult with your IT services provider as to how these protocols will be managed within your organization.

Encryption tools

Due to lack of encryption, VoIP systems can be easily broken into by even inexperienced hackers who can download and deploy tools to eavesdrop or intercept your calls. Some services claim to have built-in encryption, but companies still need to be vigilant and investigate how effective these are.

Using encryption ensures that even if hackers successfully download audio or video, they still can’t decode the file unless they have the decryption key.

Password protection

Using passwords to authenticate your access to private information is not as secure as it once was. Hackers can easily guess a password and use it for cyberattacks. This is why protecting the passwords themselves adds a great layer of protection against threats.

Employees should never divulge any compromising information during a VoIP call, as eavesdropping is one of the easiest and most common cyberattacks against VoIP networks.

VoIP is as important as any of your other network security considerations. It requires a unique combination of protection measures, and we’d love to give you advice on these. Give us a call today to get started.

Published with permission from TechAdvisory.org. Source.

The post How to tighten your VoIP systems’ security appeared first on Complete Technology Resources, Inc..

Read More

Microsoft 365 features that prevent phishingOver the years, Microsoft has built a reputation as a provider of powerful and intuitive tools that enhance efficiency and productivity. The company is also continuously taking steps to protect their users from today’s top cyberthreats. A great example of this is Microsoft 365, which is well equipped to combat phishing scams. Among the many […]

The post Microsoft 365 features that prevent phishing appeared first on Complete Technology Resources, Inc..

15 Oct, 2020 / by Complete Technology Resources / in 2020october14office_b, advanced threat protection, anti-impersonation, anti-spoofing, microsoft, microsoft 365, Office, phishing, safe links category
Microsoft 365 features that prevent phishing

Over the years, Microsoft has built a reputation as a provider of powerful and intuitive tools that enhance efficiency and productivity. The company is also continuously taking steps to protect their users from today’s top cyberthreats. A great example of this is Microsoft 365, which is well equipped to combat phishing scams.

Among the many business solutions that Microsoft offers is email hosting through Outlook. This service is protected by Microsoft Defender for Office 365. Defender has many key features:

1. Anti-phishing

The most dangerous types of phishing scams masquerade as emails from a party the victims know, such as their boss, colleague, business partner, or bank. A phisher may use crafty impersonation tactics, such as referring to the victims by their nickname, making it harder to immediately identify the scam as fraud. A cybercriminal may even take over actual email accounts and use these to completely fool their victims.

Using machine learning, Defender creates a contact graph of contacts that users normally exchange communications with. It then employs an array of tools, including standard anti-malware solutions, to differentiate good from suspicious behaviors.

2. Anti-spam

Generalized phishing campaigns utilize spam emails, which are sent to a large list of email addresses, to catch random victims. Stopping spam is, therefore, a great start to protecting your company from a phishing attack.

Microsoft 365’s anti-spam technology addresses the issue by examining both an email’s source and its contents. If an email is determined to have come from an untrustworthy source or has suspicious contents, then it is automatically routed to your spam folder. What’s more, this feature checks the activity of people in your company to ensure that none of them sends out spam emails.

3. Anti-malware

Malware, such as ransomware and spyware, can spread via phishing emails. Ransomware locks data and programs from users until a ransom is paid. Spyware, on the other hand, steals data by recording keystrokes, copying clipboards, and taking screenshots, among other methods.

Microsoft 365 employs a multilayered defense against both known and unknown types of malware. This covers the different stages of email transmission, including filtering potentially harmful attachment formats, and real-time threat response. Microsoft also regularly deploys malware definitions to keep its defenses updated.

4. Safe Attachments

Some phishing emails contain file attachments that infect your computer with malware. Any email attachment should be handled with caution, but it’s not uncommon for some users to accidentally click on one, especially as they rush through the messages in their inbox.

Defender resolves this issue by opening all attachments in a sandbox first. This sandbox is an isolated environment, so even if the attachment contains malware, it would not affect your system. While in the sandbox, the attachment is meticulously scanned. If it’s clean, Microsoft 365 will allow you to open it as normal. If it contains a threat, the service will notify you of the issue. Microsoft uses some of the information collected by Safe Attachments to further improve the feature’s capabilities.

5. Safe Links

Instead of attachments, some phishing emails contain URLs that lead to websites — often spoofed versions of legitimate websites — that require victims to provide their personal information such as their account credentials. Some of these URLs lead to download pages that infect your computer with malware.

In a process called URL detonation, the Safe Links feature protects users by scanning the links in their emails and checking for malicious behavior, such as the transmission of malware. If the link leads to a malicious website, Defender will warn users not to visit it. Otherwise, users can proceed to click and go to the destination URL without a hitch. But even so, the service will rescan the link in the succeeding days and report any suspicious changes.

What’s great about Safe Links is that it doesn’t just scan links from unfamiliar sources. It also scans links in emails from people within your company and works on files uploaded to Microsoft Teams and SharePoint.

6. User Submissions

Microsoft 365 allows you to set a specific mailbox to send emails you deem a threat. The User Submissions feature lets you set criteria for both malicious and safe email and identify mailboxes besides your spam folder to keep these messages in. This feature gives your administrators greater control over which emails to flag and which to report to Microsoft.

7. Enhanced Filtering

If your company uses third-party services to route emails before they are sent to Microsoft 365, you will benefit from Enhanced Filtering for Connectors. Microsoft 365 uses inbound connectors to determine the trustworthiness of email sources. The more complex your routing scenario is, the more likely that an email’s inbound connectors will not reflect its real source.

Enhanced Filtering preserves authentication signals that may have been lost over the course of routing emails. This maximizes the effectiveness of Microsoft 365’s overall filtering capabilities, helping it detect spam and phishing emails.

If you need an email service that promotes efficiency while protecting your business, we can implement and manage Microsoft 365 for you. Just call us today to get started.

Published with permission from TechAdvisory.org. Source.

The post Microsoft 365 features that prevent phishing appeared first on Complete Technology Resources, Inc..

Read More