How To Secure Your Network?
There are several key items that you should have in place. I’d like to call it a “layered approach.” Let’s start with three of the most important items that you should have within your network: a backup, a firewall, and an antivirus.
Backup:
Firstly, and most importantly, you need to have backup software installed on your server or whereever you store Protected Health Information, and please, let me call it “PHI” for short. You should have a backup that can back up not only your data, but your entire Windows operating system and programs, and also give you the ability to encrypt the backup. Backing up just your PHI is a step in the right direction, but if you have a backup program that backs up your entire server, you will save time and money during the restore process. One simple process could have your entire server up and running, pre-hardware or software failure, within a matter of minutes as opposed to days. Also, I’m sure you lost the installation disks to those legacy applications that you desperately need to run your practice.
The PHI data that is backed up needs to be encrypted. Encryption is the equivalent of putting a lock and key on your patient information. Only you and those who have the password should have access to your patient information. Without encryption, data that is lost, stolen, or misplaced can be easily accessed by anyone. You should also consider backing up your data to a cloud server.
Not only should you perform a backup, but you should have a service that copies your data out of your office. Fire, theft, water damage, and other natural disasters are just a few items to consider that could damage your PHI. All of your data can be easily restored back to the on-premises server.
Firewall:
Is the firewall that you received from your Internet provider good enough? Actually, your Internet provider gave you a brick with flashing lights that just looks pretty. A true firewall allows or denies access to and from your network and has the ability to alert you when someone attempts to break in. Think of a firewall as a strong door on your house. The people that have a key to your front door are allowed access. Anyone without a key is denied access. A firewall does the same thing by protecting your network from attacks. Take a look at all of the active attacks happening right now by visiting one of these sites:
http://threatmap.fortiguard.com/
There are different types of firewalls on the market today, and some even have an antivirus engine built right into the device. Having a hardware-based firewall on your network and having it managed by an IT professional is vital to your practice.
Antivirus:
Going back to what I was saying before about having a layered approach, you should have an antivirus on all of your computers. Think of it as a “second opinion.” While one doctor may miss a problem, another doctor might catch the problem and resolve the issue. Some viruses can pass through your first line of defense, but might get caught with your second round of defense. Also the antivirus on the firewall can catch viruses coming in via E-mail messages or the Internet, and an antivirus on the computer can prevent a virus from spreading on the inside.