Tuesday, April 11, 2017

Curve Dental's 6 Steps to Avoiding Ransomware

Curve Dental Logo.jpg
Last week the cloud based dental software Curve Dental released their 6 ways for individuals and practices to avoid ransomware.  I was impressed with the list and have decided to share it with you here:
Ransomware is bad and getting worse. The price decline of patient records has driven cyber-criminals to change their tactics and look for new ways to supplement the downturn.
As reported on the ZDnet website, Satan Ransomware-as-a-service (RaaS) platforms give cyber-criminals the ability to spread Ransomware in return for subscription payments. Dark Web developers automatically take 30 percent of revenues off cyber-attackers using Ransomware-as-a-Service in their campaigns.
Think about this for a moment. Random criminals can subscribe to a platform that generates Ransomware with dashboard readouts and other features that track infections.  Ransomware-as-a-service is creepy. Read story.
Dental practices should prepare for Ransomware
Ransomware is a type of malicious software designed to lock important patient files or computer systems until a sum of money is paid. This is digital extortion. The attacker encrypts the victim's data and demands payment in return for the decryption key.
Do these things to protect your dental practice from Ransomware!
Take this 2017 HIPAA Risk Assessment: The Risk Assessment is a systematic process of evaluating potential risks within your practice and required by law. Your patients will appreciate your commitment to protecting their private information. Click here to take the assessment.
Step up to the cloud: If you are using dental cloud Software-as-a-Service and direct image capture then pat yourself on the back! SaaS is software licensed on a subscription basis and centrally hosted in the cloud. Ransomeware cannot attack in-office data that isn't there, but instead stored in the cloud. Not all dental SaaS cloud vendors are equal so do your homework.

Make offsite backup and recovery a priority: After a Ransomware attack, the first question that an IT pro will ask is whether you have a clean backup. Successful backup files are the only ones that count so make certain that a recent clean copy is stored offline safe from Ransomware. Restoring your files is a race against the clock. It can take anywhere from 15 minutes to days depending. Click here to learn more about services I recommend.
Keep software current: Antivirus and anti-malware services are highly recommended. Security vendors constantly work on definition updates to catch malware before it infects your files.  Confirm you are running the most recent versions of all software and install regular updates and patches. Again, if you're using dental SaaS software you don't need to worry about keeping your software up to date.
Train your staff: Human error is the weak link in a Ransomware crisis. In most cases, malware is downloaded by a practice member surfing the web, opening a link or attachment in a phishing email.
Create a Ransomware and malware disaster recovery plan: Each member of your staff that uses an office computer needs to understand your practice's data security plan in order to avoid the devastating effects of a Ransomware attack.
The final word
Satan Ransomware-as-a-Service is creepy. The mere thought of developing a "for criminals by criminals" service that spreads Ransomware is stomach turning. Society has changed and so must we.
Evaluating potential risks within your practice is the best place to start. Take your complimentary 2017 Risk Assessment today to recognize your vulnerabilities.  A few minutes of your time will help protect your practice from Ransomware.

No comments:

Post a Comment