Independent Practitioner Today features Murray Hart of OutSec
Independent Practitioner Today, the business journal for doctors in private practice, were delighted to feature OutSec’s very own Murray Hart in July’s edition.
Murray Hart heads up OutSec’s IT Department. As Murray explains, whilst remote and hybrid working will certainly provide flexibility to companies and their employees, there will, inevitably, be increased risks of cyber threats and data breaches. As he says….
‘Scammers are Cashing in on Coronavirus
A surge in phishing scams have challenged even the most prepared organisation. Phishing emails imitating HMRC are a given at tax season but to take advantage of the fear of Covid-19 has taken many by surprise. So watch out & be diligent.
1 Firewall and antivirus protection
There is no getting around this; it is imperative you have both to be safe.
You need to prevent malware from compromising your work and your systems so antivirus software is vital especially on your personal computer as without it hacking will be simple.
Unfortunately your own device may not have security measures as secure as your workplace one. The first thing is for you to understand the lingo and what does what:
Firewalls act as barriers, preventing unauthorised access to your device or network. Your place of work may have a network firewall on the company router and a personal one on your individual computer making it harder for hackers to get through.
Antivirus software protects your device from malware, such as viruses, worms and Trojans. Ensure both securities are kept up to date.
This may well have been done automatically in the workplace, but a personal home-based computer is unlikely to have both precautions in place, meaning the data stored is less secure.
It is therefore important to consider tightening up other areas of security to lessen the risk.
If you are using a computer provided by your employer, this should be checked for you. If you are using your own computer, you can look at getting a virtual private network (VPN) to secure your connection and encrypt your data further. With VPN, your important data cannot be accessed by anyone you do not want to.
2 Designated drive or system – or Cloud-based workspaces
If you have network access, you should save files to the designated drive or system and ensure no files are left on your own hard drive.
An alternative for your practice is to provide Cloud-based workspaces. This may need discussion, but is relatively inexpensive and particularly relevant to sensitive medical information.
As an added security feature, I recommend always encrypting the hard drive of your computer or laptop if using it from home.
It does not prevent a potential hacker gaining access; rather it means that if unauthorised access to the data is gained, all they can see is cipher-text.
The sensitive information is scrambled into random code, so is of no use to a hacker. You can only turn the cipher text into plain text if you hold the encryption key. Your IT department may have already suggested this, but a simple programme download, such as Bit-Locker Drive Encryption, provides an additional layer of security.
Also consider encrypting sensitive individual documents as well as your email. There are many on the market and you may have already been using this, but if not, again, it is worth considering.
Also ensure mobile phones encrypt data while at rest. This will protect data on the device, but if you are using practice mobile phones at home, this will add to security.
Most modern devices have encryption built in, but encryption may still need to be turned on and configured. Take advice from a professional and ensure you are up to speed with all essentials.
To read the full article please click here IP Today
About OutSec the UK’s Leading Online Transcription Company
OutSec is the UK’s leading online transcription company whose business has grown substantially since 2002. We are one of the most successful transcription companies in the United Kingdom.
If information, data security and confidentiality is important to you, do not just cross your fingers when outsourcing your dictation to meet your transcription needs.
Therefore, if you are agreeing a contract which deals with sensitive data, demand ISO 27001 and Cyber Essentials compliance. They are more than logos! These information security standards set the bar high. It takes constant review, challenge and action to receive and retain them. They therefore also provide assurances that OutSec are indeed GDPR compliant.
Why not open an account today. What do you have to lose?