The most common and dangerous computing threats dentists must guard against
Your dental practice has much more to do than worry about computer and IT problems. Your staff is busy serving your patients. But if you’re like others, you’re overrun with spam. Even malicious programs like ransomware can be delivered right into an employee’s inbox. Without proper training, employees often open these emails and download malware. This can threaten your patients’ private health data.
Since all our devices are now connected to the internet via networks, it’s very important that your computers and networks have the highest protection. Any attack on your system or database can cause more than just computer problems—your data can be hacked and sold on the Dark Web. This is not only stressful, but it can affect your good reputation.
We regularly get calls from dentists who are concerned that their network might be infected with malware or computer viruses. And, we’ve seen cases where the dentist office paid the ransom to get their files returned, but the criminals came back asking for more money. Some of these malicious files can hide in the background and still be working behind the scenes to compromise your database.
Unless your IT provider knows how to secure your network from cyber criminals and beat them at their own game, you could fall victim to them as well.
We’ve seen a sharp increase in the number of dental practices involved in these attacks. So, we’ve written this Guide to arm you with pertinent facts about cyber theft. Here’s what you can do to protect your IT systems.
What’s Hiding In Your Computers?
What You Need To Know About Spyware, Malware & Hackers
Today’s cybercriminals know how to create malware and viruses that are hard to find and difficult to eradicate. They are also adept at finding vulnerabilities in computer networks where they can enter and secretly infect systems. Thieves may have already infiltrated your practice’s network without you even knowing they’re there.
Spyware secretly monitors your computing actions. It exploits user behavior and application vulnerabilities. It gives a hacker sensitive information that you want to keep private.
Spyware refers to hidden programs hackers install on your computers without your permission. They infect your system to spy on your computing actions, gather information, and send this information back to their home base.
In some instances, spyware steals identities, passwords, contact files, and more. It can also take over your computers and use them for illegal activities. Plus, all this will alter your web browsers and slow down your computers.
Spyware is often attached to free online software downloads or to counterfeit links clicked on by users. It infects computers when someone downloads things like free applications, music, emoticons, and screensavers. It piggybacks onto the download and runs undetected in the background where it collects data about you, your practice, your patients, and more until it’s removed.
Your employees may believe these files are legitimate when they aren’t. Just one innocent worker can accidentally infect your entire network with spyware.
Malware is short for malicious software. Malware comes in the form of worms, viruses, trojans, spyware, adware, and rootkits. It steals protected data, deletes documents, or adds software that you haven’t approved. Unlike spyware, malware can replicate itself from one computer to the next. It does this via a network connection, or even via your email accounts without you knowing it.
A malware infection can corrupt your files, alter or delete data, distribute confidential information such as bank accounts, credit card numbers, and other personal data. Plus, it can disable hardware, prevent you and your employees from using your computers, and cause your entire network to crash.
Malware is difficult to eliminate – it fights back when you try to clean it from your system. In some instances, you must completely wipe all the information from your computers and hard drives to eradicate it. This requires a complete re-install of your operating system and applications. Unless you have an enterprise-based cloud backup along with a reliable onsite backup solution, malware could cause you to lose all of your patient and other important data.
Hackers are criminal computer programmers. They try to gain unauthorized access to your computers or a network. Hackers may try to alter your system or security features from their original purpose.
Hackers design spyware and malware programs that attack your computers. They may have a criminal intent to steal money from you, hold a grudge against your business, or simply do this for fun.
Today’s hackers are intelligent and use sophisticated exploits to gain unauthorized access to computer systems and networks.
Some of the techniques hackers use include:
- Vulnerability scanning that looks for unknown weaknesses in your system.
- Password cracking where they retrieve passwords from data you’ve stored or have transmitted.
- Packet sniffing using applications that capture data packets to view data and passwords in transit.
- Spoofing attacks that mimic legitimate websites to trick your employees into visiting them.
- Rootkits that work to gain control over your operating system.
- Trojan horses that open a backdoor into your IT system so they can gain access to it.
- Self-Replicating Viruses that insert copies of themselves into executable codes, files, or documents.
- Key Logging Tools that record every keystroke on the infected computer.
11 Signs That Your Computer Is Infected
Since many malicious programs hiding in your computing environment, it’s not easy to find them. One way to tell if you’ve been infected is:
- When you’re swamped with pop-up advertisements that interrupt your work.
- Your computer is slow, locks up, or crashes frequently.
- The home page on your web browser changes on its own, and you can’t change the settings.
- You see toolbars on your web browser that you didn’t put there.
- You get a second or third web browser popping up behind the main browser that you didn’t approve.
- Strange files suddenly appear.
- Your CD drawer opens or closes by itself.
- You constantly get errors in MS Outlook/Outlook Express.
- You notice emails in your “Sent Items” folder that you didn’t send.
- Some of your files are moved or deleted.
- The icons on your desktop or toolbars are missing or blank.
4 Misconceptions About Computer Threats
“I Can Remove Spyware And Malware On My Own”
Many of these programs can’t even be detected, much less removed. They incorporate themselves so deeply into your operating system that it takes a senior-level technician to detect, locate, and remove them. In extreme cases, even the best technician won’t succeed and will have to completely wipe your system clean to remove them.
“We Didn’t Cause The Infection”
Malware, spyware, and viruses infect your computers or network when you or one of your employees let them in. Common activities like downloading infected files or applications or visiting counterfeit websites with malicious viruses allow infections to occur. Emoticons (smiley faces and action characters that you see at the bottom of many people’s emails) can also come attached to viruses. Hackers are clever and are always looking for ways to trick you into downloading viruses. Plus, unless you have the most up-to-date security patches and virus definitions installed on your computer, hackers can gain access if you or an employee click on a malicious link.
“We Don’t Need Ongoing Computer Maintenance”
This is the biggest and most common misconception. There are certain maintenance checks that must be completed:
- On a daily basis – virus updates and spam filtering.
- On a weekly basis – system backups and spyware sweeps.
- On a monthly or quarterly basis – checking for and installing security patches and updates, disk defragmentation, spyware detection, and removal, checking the surge suppressor and the integrity of the hard drive.
You probably don’t have the time nor the expertise to keep up with these things. Plus, with viruses evolving all the time, it’s best to refer to your IT Partner for these maintenance tasks.
“The Security Tools Provided In Our Operating System Are Enough”
They aren’t, and there’s no one vendor that provides all the security you need to keep your computers safe. Your dental practice requires a multi-layered approach to IT security that:
- Remotely monitors your technology 24/7 to ensure the security of your data and EHRs.
- Confirms that your data is always stored securely, protected, and private.
- Includes Compliance and Security Audits to ensure your technology meets today’s stringent HIPAA and Meaningful Use Requirements.
- Leverages Mobile Device Management, so your data is safe anywhere it goes.
- Provides Backup and Disaster-Recovery Services so your systems and data are securely accessible, no matter what.
Your dental practice requires the expertise of a managed services and security provider who can remove the vulnerabilities in your IT processes, applications, and hardware that open the door to intruders. They should be capable of deploying remote software and hardware-based network security services to provide complete enterprise-based information security.
How To Secure Your IT System From Malicious Attacks In 6 Simple Ways
As mentioned above, the computers and network you use in your dental practice must be proactively and remotely monitored and maintained. In addition, you must do the following:
Back Up Your Files To A Reliable Source Every Day.
This means using an enterprise-based onsite backup. With local backup (usually an external hard drive), the data is just as protected as your network. However, once it’s stored and the drive is disconnected, it’s safe from any malicious attacks that might affect your infrastructure. Backing up all of your data to an external hard drive is typically quick, and after your initial backup, daily updating can be done in just a few minutes.
Test Your Backups On A Regular Basis To Ensure They’re Recoverable.
Testing that files are recoverable is the missing step in making backups. Too many dental practices make substantial investments and spend a lot of time backing up their data only to find their backups don’t work when they need them. There are many things that can go wrong to corrupt backups. That is why it’s not enough to simply back up your system; you have to check it on a regular basis to make sure the data is recoverable in the event of an emergency.
Keep An Offsite Copy Of Your Backups.
In addition to your enterprise-based onsite backup, you need a secure cloud backup where your data is safely replicated to a data center. To do this, your IT Partner will use technologies like virtualization where they provide a cloud-based version of your servers, workstations, file storage, and applications in a secure data center. This way, if a fire or flood destroys your onsite backup, you’ll still have everything you need to get your practice back up and running.
Ensure You Use Reliable Virus Protection, Keep It On And Up To Date.
The right anti-virus software will detect, prevent, and remove viruses, worms, and other malware from your computer. Most include an auto-update feature that permits the program to download profiles if new viruses appear to check for threats. Antivirus programs are essential, but one program might find certain viruses while another can’t. You should consult with your IT Partner to ensure your dental practice chooses the right software for your needs.
Firewalls Are A Must.
No matter how small your practice, you need a quality firewall. A firewall is the first line of defense to secure your sensitive information. It blocks unauthorized access to or from your network and prevents unauthorized users or illicit software from gaining access. A firewall may be used as hardware, software, or a combination of both.
Update Your Software And System With Security Patches As Soon As They’re Released.
Software updates are important because they often include critical security patches for vulnerabilities. Many of the more harmful malware attacks take advantage of software vulnerabilities in common applications, like operating systems and browsers. Think about this – hackers will know that security patches have been released. They know that Microsoft, Apple, or another software provider has detected a vulnerability. Hackers will be on the lookout for those who haven’t patched their system. If you wait to update, your IT system and data will be exposed.
Your files and patient data are important to your dental practice. Isn’t it time you got serious about protecting them? We’ll take the guesswork out of securing your computers and network. Contact us for a complimentary consultation to learn more.