You’re probably familiar with the term Ransomware and the financial toll it’s been taking on companies world-wide. One lesson that we continue to learn time and time again is that nobody is immune to this cyber threat – not even your dental practice.
Instances of cybercrime have reached an all-time high and ensuring that your practice has the procedures in place to guard against an army of determined fraudsters is more important than ever. But before you can implement effective controls, you must have a clear understanding of what it is that threatens your practice.
Know Your Enemy
Ransomware is the infection of a computer which immediately encrypts all recognizable file types. Once your network is infected, a screen will appear on your monitor, conveying the hacker’s demand: pay a ransom in exchange for your practice’s data to be “decrypted” and released or lose it all. The hackers then set the clock, making it clear that if the ransom is not paid before the deadline, your practice’s data will be destroyed.
4 Tips To Help Prevent A Ransomware Attack
To protect your business against Ransomware and other similar threats, I recommend following these best practices:
- Train office staff to identify phishing emails.
Numerous vendors can provide your dental practice with phishing tests and video training to help educate your office’s staff about phishing emails and ways to identify possible scams. The goal is to change the mindset of those within your practice when it comes to opening attachments and clicking on hyperlinks.
- Set your staff’s Microsoft Active Directory rights.
It’s unlikely that all your employees will need full-access to your practice’s entire database to do their jobs effectively. One way to protect your data is to only grant access to the databases each employee needs to do perform their job duties. This way, if an attack does occur, the damage can be isolated.
- Consider implementing programs such as Microsoft “AppLocker.”
When you implement programs like AppLocker, you require users to be assigned access to the programs they need to utilize. Again, this helps to isolate the threat which can help minimize the impact of an attack on your dental practice.
- Implement a Disaster Recovery (DR) Plan.
Some research indicates that only about 35 percent of small- to medium-sized businesses have a working and comprehensive disaster recovery plan. Is your dental practice included in this statistic? Business owners like you are learning time and time again just how important it is to have a plan in place to protect your business when crisis strikes. A DR plan, complete with regular plan testing and offsite backup data, will help prepare you for unforeseen events which, under current circumstances, could prove to be catastrophic.
Want to learn more? Email the Bright Dental CPAs for more information about protecting your dental practice from cybercrime.
By Joe Welker, CISA (New Philadelphia office)
Check out these related posts to help keep your dental practice safe: