If they were shocked that no one was actually watching for security holes at Ashley Madison you can bet they will be shocked that you haven’t been looking because Healthcare is supposed to be private.
What kinds of things do you need to do to actually be considered looking for them, though?
- HIPAA Compliant IT
- Router / Firewall test showed 600% Increase in Unique Vulnerabilities Discovered Last Year (OCR / NIST conference)
- Within hours or days of a release of software (firmware) vulnerabilities will be identified.
- Keep firmware up-to-date
- UTM – what is a UTM
- not just a router off the shelf at best buy
- Support Subscription!
- Reporting each month – look at what is going on – if you have IT they can do it but you should be asking them for reports.
- Printers / Copiers easy for hackers to get to first
- Smart TVs
- Patching helps when
- Start with “low hanging fruit”
- Beginning hackers look for easy challenges to practice their skills
- Vulnerabilities for sale to each other
- They just want in to see what you have and then see where they can go
- Hacktivist – target you because of who works there or who you treat or your type of business
- There is no way to know how many different parts of software are used from all over the world on any device or in any given application today
- No list of ingredients on the back of your router or mobile device
- None of this is new
- We have all talked about it but no one listening to the security people until it happens at your business, office, or home
- 10 vulnerabilities account for nearly 97% of all exploits
- Write little script yourself you could be opening a hole because you don’t realize there are security implications to what you just wrote
Doctor convicted of illegally accessing medical records Doctor having an affair and looked at the mistress’ medical records. Looking to see if she had STDs. Plead guilty in federal court and kept his license but must be monitored.