Black Talon Security offered its top 10 tips to help dental professionals protect their practice from cyberattacks.
Cybersecurity firm Black Talon Security has announced its top 10 tips that all dental practices should follow to protect patient records.
“The average cyberattack will force a practice to shut down for two weeks, as well as negatively impact its integrity and reputation,” said Gary Salman, chief executive officer of Black Talon Security. “This does not even factor in the potential for ransomware attacks which could cost businesses anywhere from $30,000 up to millions of dollars.”
According to Black Talon, practices have access to many technologies and solutions that can help prevent theft and encryption of data.
Black Talon recommends these 10 tips to improve the cybersecurity of a dental practice.
Enable Multi-Factor Authentication (MFA) or Two Factor Authentication (2FA) for any application or website that supports it. MFA sends a unique code to your phone or activates an authentication app to validate your login.
Use strong passwords everywhere. Create strong passwords by combining a minimum of 12 characters, numbers, and special characters such as @, $, #, & and !.
Don’t Reuse Passwords
Never use the same password across multiple websites or applications. Every website and application should have a unique password.
Use Password Managers
Implement password management tools such as LastPass or Dashlane to manage and create strong/unique passwords.
Be Wary of Remote Access Tools
Utilizing remote access tools can present a tremendous risk to your organization. Make sure to use the paid business versions of these technologies, MFA, and strong passwords.
Train Employees on Common Threats
Train your entire organization to recognize threats such as phishing, spear phishing, social engineering, business email compromise (banking wire fraud), and proper use of removable devices. Test them using a phishing simulator.
Evaluate Your Firewall
Employ a cybersecurity firm to evaluate your firewall(s) and perform real-time vulnerability management to uncover exploitable devices on your network that may expose you to a breach or ransomware attack.
Conduct Annual Penetration Tests
Conduct an annual penetration test performed by a third-party ethical hacker to identify risks and how you might be breached.
Assess Your Security Risk
Perform a security risk assessment to evaluate how and where your practice may be attacked.
Use AI-Based Threat Detection
Deploy Artificial Intelligence (AI) based threat detection and mitigation technology known as Extended Detection and Response software on all computers and servers.
“Preventing the theft of data and protecting business continuity must be a primary focus for owners of practices of all sizes,” said Salman. “Seventy-five percent of ransomware attacks in particular result in the theft of most or all of the business data.”