Ransomware attacks are in the news again, this time targeting hospitals and health care providers. Despite HIPAA requirements, many providers operate under conditions that are technically acceptable in terms of legal compliance, yet ill-equipped to handle targeted threats. Last month, one Los Angeles hospital paid $17,000 to unlock infected computers, while the Los Angeles Health Department and 2 large German hospitals dealt with similar attacks.
Ransomware persists as a threat to this day because we’re often not able to use the latest security technologies in conjunction with mission critical platforms, such as intranet sites or Electronic Medical Record systems. However, there are several steps you can take to reduce the chance of ransomware making an impact in your organization.
Firewalls
RWA partners with several firewall providers, including Fortinet, Barracuda, and Cisco. In the real world, criminal profilers look for patterns and behavior when they don’t have positive identification on a subject. In the same way, our recommended security products don’t merely “check the ID” of a possible threat, but will look for patterns and methods used by polymorphic threats. Newer anti-ransomware technology can discover and quarantine threats that haven’t previously been encountered by other companies.
Backup
When you invest in a certified on-premises or cloud backup solution, you are storing data on a device that lies outside of the reach of ransomware software. You can’t access files in a backup system directly, and neither can ransomware that infects your computer. RWA supports several backup solutions through our partners, including the Barracuda Backup suite.
Local Permissions and Application Policy
Policies can be put in place that will force Windows to only run signed, trusted applications. The overhead requirements are a bit higher than what most businesses are used to, and it takes away some freedom from the operator of the computer. However, this technology can be the most effective tool in dealing with ransomware.
RWA is a Microsoft partner, and our technicians are certified to deploy a Windows Server and SCCM solution appropriate for your practice.
Training
Regular cybersecurity training can raise awareness of threats currently facing your organization, improving staff vigilance and security compliance. Contact us for more information about HIPAA compliance training services.
Local Antivirus
While modern antivirus should be part of your anti-malware strategy, most ransomware threats are unique and polymorphic. Utilizing antivirus to catch and quarantine ransomware threats should only be one part of a comprehensive ransomware strategy.