Does Your Health IT Vendor Protect You From Ransomware?

June 7, 2017 Gerard Scheitlin

With the WannaCry attack still fresh in everybody’s mind, it’s prudent to ask: Does my health IT vendor take great pains to ensure the protection of my trusted data? Your vendor can prove that they take their custodian role very seriously by incorporating a multi-faceted approach of prevention and reaction. Both of these facets incorporate social and technological protection.

POST CONTINUES BELOW

Join Gerard Scheitlin for his June 15 webinar, "Preventing and Dealing with Ransomware Attacks." Learn more and register now!

Prevention

The first step to preventing ransomware is thwarting the initial attack. Your vendor should approach this from both a technological and a social attack vector. From a technology side, they should:

  • Utilize industry leading anti-virus software and VPN technology to ensure that your endpoints are safe
  • Ensure security patches are done in a timely manner, across all systems, endpoints, and servers
  • Continuously monitor their networks for any indication of malicious activity
  • Conduct product and system penetration tests and code reviews, ensuring that there are no exposed vulnerabilities that could be exploited

Social Engineering

The primary WannaCry attack vector was executed through a phishing campaign. Once inside an organization’s network, the ransomware spread through a vulnerability in Microsoft’s SMB protocol. To prevent social engineering attacks such as phishing campaigns, targeted attacks, etc., your vendor should:

  • Require all employees to take annual training classes that provide phishing awareness and education on security and compliance
  • Conduct random internal phishing campaigns for training and awareness purposes. These campaigns will indicate whether your vendor’s vulnerability to a phishing campaign is near the industry average or, preferably, below
  • Conduct annual developer security training to help ensure their product and environment code is secure

Reaction

Should your vendor be successfully attacked by a malicious party, the organization should have several implemented controls, covering both technology and processes, that will help minimize and mitigate the potential damage.

Technology

Your vendor should utilize best-in-class technology and security architecture to minimize the potential damage, including:

  • Segregated networks that minimize the blast radius of any malicious activity
  • Daily, encrypted, secure backups of the system that ensure rapid restore capabilities of data and systems

Process

Ask your vendor if they’ve created a set of processes that would guide them through the management of a successful attack on their systems. These include:

  • A global crisis management system that guides the communication, activities, and remediation efforts on a worldwide basis. Ideally, this system should be annually exercised and refined to ensure its efficacy and viability
  • An annually exercised business continuity and disaster recovery system that ensures the vendor’s data backup and processes are working efficiently

Though a ransomware event is never pleasant, your vendor should have significant preventative, as well as reactive, technology and processes in place to minimize, or completely thwart, an attack. With this understanding, you and your vendor’s other clients will be able to relax during the next attack, knowing that your data is as safe and secure as possible.

***

Join Gerard Scheitlin for his June 15 webinar, "Preventing and Dealing with Ransomware Attacks." Learn more and register now!

Previous Article
Study Finds That HIEs Can Help Reduce In-Office Repetition of Services
Study Finds That HIEs Can Help Reduce In-Office Repetition of Services

By giving a physician access to a patient’s up-to-date medical record, health information exchanges (HIEs) ...

Next Article
What is a FHIR Connectathon? And how do these events evolve this health IT standard?
What is a FHIR Connectathon? And how do these events evolve this health IT standard?

Part of the reason why FHIR® has gained such a large following in a short time has been the focus on involv...

×

Subscribe to our Blog!

First Name
Last Name
Thank you!
Error - something went wrong!