Every modern business has to worry about security. The threat of hackers and damaging attacks hangs over everyone with an infrastructure — as Boston Children’s Hospital discovered this spring, when hackers claiming to represent Anonymous hit them with phishing and DDoS attacks.
Fortunately, the hospital was prepared to fight back, and patient data remained secure during and after the attacks. Here are five tips from Boston Children’s Hospital’s handling of the situation that can help you safeguard your business from security breaches:
Take an active learning approach to digital security
The best defense is a good offense. Be proactive in your security measures, with preventative strategies that include:
- Active, real-time surveillance for emerging threats
- Risk-based modeling and analysis that considers key security factors, including risks, threats, and information systems vulnerabilities
- Effective regulation that ensures both privacy and safety without creating excess burden
Understand your system resource dependence
In order to mount an effective defense, you need to know which systems work internally, and which rely on external Internet access. Systems connected to the Internet are at risk for security breaches and attacks — for example, the hospital’s EHR (electronic health records) system was spared in the attacks, but its e-prescribing system that connects to pharmacies online was not.
Have an email alternative
In the interests of being prepared for the worst, have a secure access and communication system in place to guard against the possibility of compromised email during an attack. At Children’s, when DDoS attacks increased beyond what the hospital’s internal IT solutions were capable of handling, they were able to shut down all websites and email, and use a secure text messaging application to communicate internally and access patient records.
React when you see smoke — don’t wait for fire
Don’t hesitate to push the button on extreme security measures, such as shutting down websites and email. If you have the right precautions in place, you can avoid business disruption — and the ability to take swift action could save you millions in damages if cyber attacks are successful.
Don’t neglect teleconferences
Phone communications are equally at risk for security breaches. Never include conference passcodes in the body of a calendar invitation — this could get your call recorded and posted online before you even hang up. Instead, send passcodes securely through email or text applications.
Hackers pose a growing threat to the safety and security of information in every industry. Not even a children’s hospital is safe from cyber attacks. Stay up-to-date with the latest security measures, and make sure you’re protected with a proactive strategy that fights back against hackers. If you need help implementing a proactive security plan for your company, or need dedicated IT specialists to handle these threats, speak to the IT experts at The Armada Group.