Do you want a 100% effective method for preventing ransomware? It doesn’t exist, according to Ellen M. Derrico, MBA, a marketing/market development executive in healthcare and life science technologies and an independent consultant in West Chester, PA.
The reason is that “ransomware is a form of malware that can get into an organization a number of ways: insiders innocently clicking on a phishing email or malware advertisement, hackers hacking in, a medical or mobile device connecting to the network, and it goes on and on,” Derrico says.
However, there are steps you can take to reduce your risk, she and other sources emphasize. Consider the following tips:
• Evaluate your risk.
The first step is to assess your environment, Derrico advises.
“[T]ake stock in what you currently have in place for cybersecurity from a technology, training and education, vulnerability testing, and backup-plan perspective,” she says.
Identify your highest risks, Derrico suggests. “Is it the medical devices, the network, the mobile devices, the people, outside contractors, and vendors?” she asks. “Find the intersection of your capabilities for cybersecurity and your risks, so you can see what is not currently being addressed.”
• Compare your facility with those of your peers.
Benchmark your program with similar ones, Derrico suggests. “There are companies and vendors who are currently offering free assessments and benchmarking to help you,” she says. “Take advantage of this to quickly get an idea of where you are and where you need to be.” (See two options listed as resources at the end of this article.)
Next, talk to leaders at similar facilities, Derrico says. “Call up other, non-competitive surgery centers in other states and ask them what they are doing,” she suggests.
Don’t limit yourself to surgery centers, however, Derrico advises. “Consider talking with regional medical centers that are on tight budgets and are smaller than integrated delivery systems,” she says. “They can tell you a lot about where they see the biggest bang for the buck, where to spend, and what to do to mitigate your risk from a real-world perspective.”
Become involved with the regional group for the Healthcare Information and Management Systems Society in Chicago. “Many folks attend these meetings and share best practices, plus they know other folks and can network you in,” Derrico says.
Also, attending national and global conferences will allow you to connect with people from other regions who are less competitive and can share their best practices freely. “If you don’t have time or budget for travel, attend online seminars and events to connect with folks through these venues and through social [media],” she says.
Use social networks such as LinkedIn to ask questions in group discussion areas, Derrico advises. “You will be surprised how much feedback you will get and how helpful it can be,” she says.
• Use the right technology.
Use intelligent firewalls to block malware, The Doctors Company advises in a just-released cybersecurity guide.1 Also, use intrusion detection software that can monitor illegal activities on networks, the company says. “Stop malware from executing on desktop computers by installing application whitelisting software, anti-virus, or anti-malware,” it says.
Install updates and patches to software on a regular basis, The Doctors Company advises. “These include patches that fix vulnerabilities in the software, helping support your antivirus software, your firewall, and all other security measures,” it says.1
Also, use Mac devices, advises Tom Kellermann, CISM, chief executive officer at Strategic Cyber Ventures, a cybersecurity-specific investment fund based in Washington, DC. Mac devices “are 80% less vulnerable to ransomware attacks because they do not automatically run executables,” which are computer files that are in a format ready for execution, Kellermann says. There are only two ransomware variants that attack Macs, and end-point security from companies such as Invincea, based in Fairfax, VA (www.invincea.com), and Trend Micro, based in Irving, TX (www.trendmicro.com), can prevent ransomware from spreading and encrypting files, he says.
If you use Microsoft, disable your macros, Kellermann advises. Go to the “Trust Center,” “Trust Center Settings,” and then “Macro Settings.”
Also, use backup software, Kellermann advises. In the event you have been successfully attacked via ransomware, restore the machine’s images and data from backup and then run a security scan, he says.
• Migrate your systems, both software applications and data, to the cloud.
This advice for small practices comes from The Doctors Company, which advises providers to “fully vet your storage cloud vendor.1 (The guide offers a section on strategies for vendor selection.)
If you can’t store data in the cloud, then consider working with a computer forensic firm so you’ll have strong capabilities for security and investigations, The Doctors Company advises.
Chris Johnson, medical IT consultant and director of strategy and business development of Wheelhouse IT, formerly Untangled Solutions, in Fort Lauderdale, FL, spoke at the Ambulatory Surgery Center Association meeting this year and reported that he is working with a security firm that is taking the elements that protect an outpatient surgery program and giving them a perimeter that sits on the cloud. “What it does is, instead of having all of those bad things hit your physical perimeter, it hits out there first and gives you that added security buffer before it ever gets through that front door,” Johnson said. The technology that is coming is getting less expensive, he said. “The technologies are getting more robust, and we can actually fight the bad guys,” he said. “We don’t have to be the victims of ransomware.”
- The Doctors Company. Cybersecurity and data breaches. Strategies to mitigate risk, monitor security, and respond in the event of a cyberattack. August 2016. Accessed at http://bit.ly/2bSCiCk.
- Intel Health and Life Sciences in Santa Clara, CA, is offering healthcare providers a free one-hour cybersecurity assessment with partner technology companies in an open industry collaboration. Web: www.Intel.com/BreachSecurity.
- RSA in Bedford, MA, has an online cybersecurity maturity assessment survey. Web: http://bit.ly/1rz32hh.