Computer Security - The Weakest Link

Use a mobile or keychain authenticator for double authentication

Use a mobile or keychain authenticator for double authentication

Ensure Your Key Members Comply

Practices often go to great lengths to protect patient data and network security but what about your mobile security?

Doctors and other practice members increasingly access data using mobiles, tablets and laptops away from their rooms.

Even if this is only for emails. If these devices are not protected your entire practice could be at risk. Its like having tall castle walls, but leaving the drawbridge down.

Specific Requirements

Security is a big and serious deal but it’s also largely a solved problem.

That’s why the average person is quite willing to do their banking online and why few are afraid of entering their credit card number on Amazon.

Here is a simple Security Checklist

Everyone should consider

1 - ENCRYPT YOUR DEVICE

All mobile computers must use hard drive encryption like the built in file vault feature in Apple’s OS X Operating System. This ensures that a lost laptop is merely an inconvenience and insurance claim, not a practice wide emergency with a scramble to change passwords and worry about what records may be exposed.

2 - NO AUTO LOGINS

Disable automatic logins, require a password when waking from sleep, and set the laptop to automatically lock after 10 inactive minutes.

3 - USE WEB ENCRYPTION

Turn ON encryption for all sites you visit especially critical services like Gmail. These days all sites use something called HTTPS or SSL. Look for the little lock icon in front of the internet address. There are browser add-ons that enable this as a default.

4 - MOBILE LOCK DOWN

Make sure all smart phones and tablets use lock codes and can be wiped remotely. On the iPhone, you can do this through the Find iPhone application.  

This rule is easily forgotten as we tend to think of these tools as something for the home but inevitably you’ll check your work email or log-in to a secure system using your phone or tablet. A smartphone or tablet needs to be treated with this much respect as your laptop.

5 - PASSWORD APPS

Use a unique generated long form password for each site you visit. This can be made easy by using password managing software such as One Password or LastPass.

We’re sorry to say “Secret Monkey” is not going to fool anyone and even if you manage to remember a 16 digit password like “Um6vd#wiDqe9c28Z” it’s no good if its used on every website and one of them is hacked. It happens all the time.

6 - USE 2-FACTOR AUTHENTICATION

Turn on 2-Factor Authentication when using Gmail so you can’t log-in without having access to your cell phone for a login code. This means that someone who gets hold of your log-in and password also needs to get hold of your phone as well.

**ALERT** Keep in mind if your email security fails all other online services will fail too since an intruder can use the password reset from any other site to have a new password sent to the email account they now have access to.

SUMMARY

Creating security protocols and algorithms is the computer equivalent of rocket science BUT taking advantage of them isn’t.

Take the time to learn the basics and they’ll cease being scary voodoo that you can’t trust.

These days security for all your devices is just simple good sense like putting on your seat belt.


www.quantumditital.com.au - Websites for Doctors and Medical Marketing - Australia