Posts

5 signs you’re ready for an IT update

Choosing the right technology for your business is all about striking the right balance. While you don’t want to hastily jump on the bandwagon every time a shiny new gadget comes along, you also don’t want to miss the boat and fall behind your competitors.

Unfortunately, many companies are too cautious for their own good when it comes to updating their IT systems and processes. According to a 2016 survey, U.S. organizations are losing up to $1.8 trillion in wasted productivity every year due to outdated technology. What’s worse is that 37% of employees believe their company is using outdated business tech — which can easily lead to morale issues.

The fact that you’re even wondering if you should upgrade your IT systems is a surefire indicator that it’s time for an IT update. Below, we’ll discuss five signs that prove your company is in need of a technological facelift.

Collaboration issues

In theory, collaboration sounds like the solution to all your company’s problems. Unless it’s done right, however, collaboration can often create just as many issues as it solves.

Efficiently managing tasks and files among all members of a team are two of the greatest challenges for collaboration:

  • Without well-defined rules for sending updates and asking questions, team members might communicate across half a dozen different channels — from email and team hubs to phone calls and instant messages.
  • Keeping track of different file versions and edits can be extremely difficult, especially when using different channels as described above.

In the absence of a dedicated person to serve in the role of project manager, many companies use project management software such as JIRA, Trello and Asana. These applications allow users to assign each other tasks, set deadlines, track progress, and streamline communication. It’s a simple update that can have a huge impact on your business.

Security vulnerabilities

The older your legacy IT systems are, the easier it is for malicious actors to find and exploit flaws in them, exposing your network to data breaches and other cyber attacks.

For example, the WannaCry malware, which took the cybersecurity world by storm in 2017, was able to spread so quickly because it took advantage of weaknesses in older Windows operating systems.

However, the cloud might be the fix to this problem.

In fact, more than 90 percent of U.S. companies already use cloud computing in some fashion. Of those organizations, 64 percent agree that cloud infrastructure is “more secure” than legacy IT systems. This is partly because the cloud pushes out updates automatically — which means you’ll always have access to the latest security patches and bug fixes.

Poor customer service

Whether you’re a mom-and-pop e-commerce site or a massive B2B firm, your customers are the lifeblood of your business. Having employees complain about your aging technology is one thing, but having clients complain about it is a clear sign that things need to change.

If you take your customer service seriously, then it’s time to adopt a software solution for customer relationship management (CRM). CRM applications help you manage your leads, your interactions with customers, and your relationships with clients and vendors.

Eighty-seven percent of companies using CRM software are using cloud-based CRM — enabling employees to access the application from devices like their personal smartphones and tablets. While 65 percent of sales reps who use mobile CRM software can meet their sales quotas, only 22 percent of sales reps who use non-mobile CRM software can say the same.

Failure to deliver

If left to grow unchecked, legacy IT issues can affect your bottom line in more ways than one and lead to negative consequences such as missed deadlines or service downtime. These types of problems can happen for any number of reasons — for example, obsolete hardware or website hosting plans that don’t offer enough wiggle room.

As soon as these internal problems start to turn into external problems, it should be a clear wake-up call — your IT infrastructure as a whole needs to be rethought.

To make matters worse … if you don’t keep your entire system up-to-date, software and hardware compatibility issues can prevent you from installing the solutions you need to take your business to the next level.

Rapid growth

On a more positive note, startups and small businesses experiencing periods of rapid growth also have reason to upgrade their technology stack.

Your original software and servers might have been perfect for your needs when you had three people working out of your garage — but now that you’re at 30 people and growing, your old tech is no longer sufficient.

At regular intervals, you should do a sanity check of your existing applications and systems to make sure they’re still working well for your purposes. Early-stage startups should choose solutions that are scalable and can grow alongside them in the future.

Clearly, technology is important. But where to start … now that’s not so clear. To get you headed in the right direction, check out 4 IT consulting projects that are guaranteed to make your business better.

HIPAA compliance in the cloud? 3 things you need to know.

We often hear from clients that they have concerns about maintaining their HIPAA compliance mandate should they want to transition their IT to a cloud-based approach. And, of course, many of their concerns are valid. HIPAA compliance matters.

The cost of non-compliance includes steep fines and potential legal penalties. And, what’s more, a huge drop in confidence from the consumers who trust your company with their Protected Health Information (PHI).

Here are 3 things you need to know about maintaining HIPAA compliance in the cloud.

Related: 3 steps to HIPAA security rule compliance

Business associates have mandates too

There are a variety of cloud solutions: public, private, and hybrid. And each will have their own unique set of characteristics. But no matter what solution a HIPAA-regulated company decides to leverage, one thing doesn’t change.

Any potential partner who will store PHI is considered a business associate by HIPAA. This means you’re required to execute an agreement with that associate that outlines permitted uses and disclosures.

Likewise, should that business associate sub-contract out to another entity such as a third-party data center, they must also execute an agreement with that entity that outlines the same permitted uses and disclosures. Both entities are then liable for maintaining HIPAA compliance.

The good news is, when a company’s data is stored in a third-party data center, that center will likely have military-grade security that massively restricts physical access. What this means in terms of remote access to said servers depends on the specific type of cloud solutions the healthcare provider engages.

It’s likely that the right cloud services provider already has systems and policies in place that meet HIPAA compliance.

Related: HIPAA omnibus rule

You still need to restrict access

Moving your clients’ PHI into the cloud doesn’t relieve you of your liability to protect that data. That includes the electronic protected health information (ePHI) the cloud service provider handles.

You still need to instate proper levels of password complexity to control access to ePHI on the cloud servers. Also, you need required standards on how often employees update their passwords. This should include policies on logging out of unattended devices. Basically, any policies you kept in place at the office-level need to remain in place using the cloud. This is key to maintain your HIPAA compliance in the cloud.

Related: Medical ransomware attacks on the rise

Periodic audits should be standard to your approach

This one is not only mandatory to maintain your HIPAA compliance in the cloud, it should also be obvious to your business associate. As part of the business associate agreement you create, you need to be sure that your cloud service provider and their subcontractors perform periodic audits of their systems and approach to ensure compliance.

Such audits have the power to save both you and your business associates from expensive violations.

Conclusion

HIPAA compliance in the cloud may sound complex. But with the right partner and the right approach, you can enjoy the conveniences of cloud computing and maintain HIPAA compliance at the same time. If the subject sounds like a lot to take on, consider seeking out professional advice and help.

5 ways companies violate HIPAA compliance (and how to avoid them)

HIPAA compliance can be an Achilles’ heel for the companies who fall under its regulatory umbrella. And rightfully so. After all, the protected health information (PHI) it mandates is among the most sensitive data that businesses in any industry handle.

Failure to comply can lead to large fines and legal penalties. Or even drive companies out of business altogether over time. That’s why it pays to be prepared for the threats. But preparation is a tall order when the threats come from every direction, including external intruders and the very people you trust to access it.

Here are 5 ways that companies violate HIPAA compliance, and how to avoid them.

Malware and hacking

As with any industry, malware and hackers are a real concern for HIPAA-compliant companies. But the risks are even higher when data loss results in fines and legal action, in addition to lost productivity or downtime.

The good news is, there are a number of strategies you can take to keep your network safe and meet compliance mandates. Four of the most direct methods include:

  1. Requiring updated passwords on a minimum quarterly basis.
  2. Making sure your company has adequate firewalls in place to protect your network.
  3. Requiring a base level of password complexity.
  4. Making sure software is updated at all times to shore up security vulnerabilities.

Malicious (or absent-minded) insiders

We’d all like to believe we can trust the people we work with. Unfortunately, this isn’t always the case. Often it’s the very people we allow inside our networks who do the most damage. Sometimes for profit.

However, there are a few solid strategies you can take to minimize exposure:

  1. Practice the principle of least privilege for employee access to PHI.
  2. Use keycard access points to control access to hardware portals. Never provide access to employees who do not require it.
  3. Track and monitor who accesses PHI, and when.

Lost or stolen devices

With the rise of cloud computing, businesses frequently use portable devices such as tablets or laptops. This doesn’t have to lead to a compliance issue should one of these devices be lost or stolen. But it can. Here are two strategies to avoid violating compliance should one of your devices be lost.

  1. Install and maintain remote wipe programs on any devices that can access PHI. This is particularly important if your employees will ever access PHI from public networks (consider a policy against such use). Require automatic logout / session timeouts for sensitive programs.
  2. Require all devices that access your network to be password-protected.

Improper device or records disposal

Does your office use devices such as copy machines? Often these devices save document copies on their hard drives. That means they may retain copies of peoples’ PHI. What do you do with outdated records, and how do you handle document transfer risks? Here are a few tips:

  1. Have a plan to clear temporary files from all devices that handle copies of any files or messages containing PHI.
  2. Always shred discarded hard copies or securely store outdated / old records that are no longer actively used.

Third-party disclosure

The nature of PHI is that this sensitive information often needs to move from office to office or organization to organization during the course of patient care. These transfer points are high-risk areas where you can violate compliance and compromise patients’ data. Try these strategies to make records transfer more secure:

  1. Have a plan in place for transferring records in a secure, encrypted or otherwise protected manner.
  2. Require a business associate agreement with any agency that will exchange information with your organization. This agreement should clearly outline responsibilities, protocols and best practices.

Conclusion

It’s clear that HIPAA compliance is a complex issue. You probably need professional planning and security to prevent data loss and the resulting fallout. It’s highly advisable that you consider reaching out to a Managed Services Provider (MSP) with HIPAA experience who can guide you through the process.

They can also provide strategies and solutions to achieve maximum protection for your unique organizational needs and risks. Given the steep fines and extreme cost of downtime or data loss, this will likely save you money in the long run.

 

5 Foreboding Reasons You Need a Disaster Recovery Plan

Disasters happen. The sheer scope of potential disasters is enough to send any company’s leadership into worrying fits. In spite of this, companies often overlook the importance of developing an extensive, tested disaster recovery plan to prepare for the inevitable.

Waiting until disaster strikes to deal with the fallout generally doesn’t end well. There are countless reasons why developing and implementing a disaster recovery plan before things go wrong is the right move for your company.

Here are our top five.

Mother Nature is Unpredictable

We don’t have to tell you that. Chances are, if you leave your house more than twice a year you’re already aware that Mother Nature does what she wants, when she wants. With so much technological convenience and urban infrastructure around us, it can be tempting to ignore nature’s potential threats.

However, the threats are real, and recent history has shown they can have huge financial impacts on businesses.

Whether winter storms, hurricanes, floods, tornadoes, or any of the multitude of natural disasters that hit every year, Mother Nature brings with her a smorgasbord of ways to bring your business operation to its knees.

By developing a disaster recovery plan that takes into account the multiple regional and natural threats to your business, you instantly limit the amount of potential harm they can cause.

Humans and Machines Malfunction

Humans make mistakes. Machines malfunction. While you probably can’t avoid these mistakes and malfunctions in every scenario, you can develop an organized and specialized approach to dealing with them when they occur.

How will you respond when servers and communications systems go down? What happens if an employee falls victim to a phishing email and unleashes malware or ransomware into your system? A good disaster recovery plan takes these very plausible scenarios into account. It provides a step-by-step process for dealing with them.

In fact, the process of developing a recovery plan can even lead to seeking out new solutions – like cloud services and security management services – to minimize the chance of falling prey to these problems in the first place.

Related: 4 Signs Your Business Needs Managed Services

Poor Response Damages Reputation

Customers notice when you’re not prepared for problems. And, like it or not, many customers expect perfection. Downtime alone can cause a loss of confidence from your client base.

But when a disaster happens and your company is unprepared, it can alienate customers to extreme degrees. Many of these customers may choose not to do business with your company again.  

But it doesn’t have to be that way.

Creating protocols to get your business back online is only a part of good disaster recovery. A thorough disaster recovery plan includes actionable details such as which employees will be responsible for customer communication, and what channels will be used to communicate.

This ensures a smooth response to disasters that gives customers maximum assurance that your company is capable of continuing to meet their needs.

Downtime Destroys Financial Stability

Downtime does more than damage your reputation. It can also destabilize your finances.

Waiting until a disaster event occurs to determine your response extends downtime and increases the costs. The right plan will cover the bases and determine the technologies you need to minimize downtime and minimize losses in the process. It helps get your business back online and back to serving your customers ASAP.

Failing to Plan is Planning to Fail

You probably don’t approach a single aspect of your business without a strategic plan for success. So why would you handle your response to potential disasters – whether man-made, technological, or natural – without a plan to act?

A good disaster recovery plan takes into account as many threats as possible. It then organizes your strategic technological and human responses. This forethought minimizes the potential for damage.

Maybe after reading this you’ve come to realize the importance of a disaster recovery plan for your business, but you aren’t sure where to start. That’s where a qualified managed services provider is like an ace in the hole.

They can provide expert advice that’s crucial to your ongoing business success.

By selecting the right partner to advise, consult, and provide ongoing IT support for your business, you can turn your worry about potential chaos into the assurance that you’ve got the right tools and response to meet any challenge.

Related: The Prescription for a Perfect Managed Services Provider

5 Signs You Need Telemedicine in Your Office

Telemedicine (also interchangeably called “telehealth”) is revolutionizing the healthcare industry and it shows no signs of slowing down. In one recent study, 77% of people said they would consider seeing a provider virtually. Such a high demand does not go unnoticed. 44% of medical practices made introducing and improving telemedicine their top priority in 2017.

We’ve identified 5 signs that you need telemedicine in your office. If any of these signs sound familiar, it’s time to seriously consider integrating telemedicine soon.

1. Your Practice Needs Some Growing Room.

Let’s look at the benefits of telemedicine from a business perspective. Without telemedicine, your practice is greatly limited by geography. You might be the most knowledgeable and capable expert in a certain specialty or condition, but you may very well miss the opportunity to work with a patient just because you operate in a different zip code.

Telemedicine eliminates geographical boundaries and enables your practice to expand organically to serve the patients that most need your assistance.

2. Your Customers Need to Reach You.

Sometimes, patients become critically ill, or even die, because they can’t readily access their healthcare provider’s office. Whether at-risk patients happen to be elderly, disabled, isolated or impoverished, they can benefit from telemedicine visits as an alternative to ignoring or suffering potentially serious medical issues.

Telemedicine makes medical assistance just one internet connection away. Patients who can’t travel or have accessibility issues would now be able to connect to your office and receive assistance with minimal effort.

3. You Have Patients Who Could Benefit From Ongoing Support.

Telemedicine really does have a life-or-death impact on patients, especially with the availability of remote monitoring. With the right tools, doctors can constantly follow up on patient analytics.

A recent report found that using remote monitoring technology to keep tabs on a patient’s blood sugar or cardiopulmonary disease can reduce the risk of patient mortality by up to 45%.

4. You Want to Streamline Operations and Satisfy Customers.

It turns out that making life more convenient for your practice, and saving more lives, makes both your employees and your customers extremely happy to work with you. The satisfaction rates for telemedicine are remarkable.

86% of doctors and 83% of patients have reported that they were satisfied with the level of care given/received. That’s good for keeping your patients and your practice healthy.

5. You Want More Cost-effective Tools.

Incorporating virtual capabilities into your business almost always comes with cost savings. For instance, if you perform 30% of your business via telemedicine, you can increase your volume without extra expense for office space and equipment to accommodate those patients.

You and your customers will also save time and money with reduced travel and schedule disruption. Some routine appointments, such as prescription refills for example, can be handled over a patient’s (or provider’s) lunch break.

Telemedicine is typically covered by insurance plans at the same rate as an in-office visit, so you can apply that savings over a quarter/year to see the quantitative benefits.

Do You Need Telemedicine in Your Office?

At this point you probably know that you’ll need to incorporate telemedicine in one way or another. Not only do you want to remain competitive, but, more importantly, you also want to embrace any opportunity to improve your business and the lives of your patients.

RWA has experience providing network solutions specifically suited for telemedicine and HIPAA compliance. If you are interested in learning more about telemedicine for your practice, please give us a call or send us a message and we’ll be happy to chat with you.

4 IT Consulting Projects That Will Make Your Business Better

For your business to succeed, your business needs to grow. One way to elevate your business is to modernize and streamline your IT solutions.

Most decision makers jump at the chance to increase productivity and collaboration, but more often than not you are too busy with the actual business of your business to research and implement impactful changes to your network and infrastructure. That’s when IT consulting becomes a powerful asset to your team.  

ConsultingWhether your business currently utilizes a managed service provider (MSP) or you are working your way up to a full-scale IT solution, you will often find yourself in need of professional services. IT consulting becomes handy when you are dealing with the type of projects that don’t require monthly maintenance, but still require professional assistance. 

Here are four IT consulting projects that will make a noticeable difference in your business: 

1. Workflow Automation

In order to actually finish out the workday, employees often find a workflow process and stick with it as long as they can. While consistency is better than having every day be a crap-shoot, consistency doesn’t always mean efficiency or productivity. 

What we’ve noticed is that sometimes people in business become so busy; so stuck in a routine, that they can’t see the forest for the trees. 

A workflow automation consultation can help to pinpoint the weaknesses in your day-to-day operations. Something as simple as eliminating a few steps from a daily routine can translate to huge savings in time and money when you look at the bird’s-eye view. Projects are 250% more successful when proven project management practices are used.

A professional IT consultant will then go a step further and help you find the tools necessary to streamline your workflow, and offer metrics to study your progress. Real-time data can reduce an organization’s operational expenses by as much as 23%.

 2. Hardware Refreshes

Technology keeps getting smarter — and it keeps getting smarter faster — every day. In order to keep up with the competition in your market, you need to be able to provide a higher level of productivity and efficiency. 

Take for instance the medical field. In many modern offices, doctors are utilizing video conferencing to perform remote consultations. This requires hardware processing that can keep up with the high bandwidth required for HD video conferencing. 

Mobile and Desktop Devices

An IT consultant can work with you to discern which hardware you need to support certain goals now and into the future. Hardware refresh consulting helps integrate new hardware with your ideal IT network. 

Many IT consultants will also procure the hardware and implement it at your business, providing a seamless transition from the old to the new system. 

3. Cabling 

You know what the worst part of getting a new TV is? Connecting the wires to all of your new devices. New computer? Connecting the cables to new devices. How about a brand new IT network connecting multiple servers to every single one of your employees across multiple rooms/floors/etc? You guessed it…connecting the wires. Or, in this case, mostly cables. 

Cabling consultation will not only suggest ways to optimize your cable placement, but will also optimize your cable type, how much to order, and color coding for the best possible network design and strength.

4. Wireless Infrastructure

As your business grows, you’ll notice that your Wi-Fi speeds are degrading as more and more devices enter the day-to-day mix. Creating a collaborative environment in today’s mobile business place often depends on real-time interactions. The only way to offer this is with a steadfast and strong Wi-Fi network that can securely support both your employees and your guests.  

Collaboration Pull Quote Graphic

An IT consultant will be able to assess your office and use signal heat mapping to identify the best placement for your wireless access points (AP),  and tell you if a different model device would be better. Soon, you’ll have an office that stays connected, and employees that spend more time working and less time searching for a signal. 

How can we help you? 

RWA offers a number of IT consulting services on top of our managed services offerings. Most of the time, the best IT solutions will combine a monthly plan that covers the day-to-day management of your network, with the more sporadic, yet impactful, elements like hardware refreshes and other focused projects. 

Please give us a call or send us a message to find out more about how our managed services may fit your needs. 

5 Throwback Videos That Teach You About Modern IT Concerns

“Those who cannot remember the past are condemned to repeat it.” – George Satayana

One of the great tragedies of humanity is that we often seem incapable of learning from past experiences. The only way to remedy this is take a look back in time. When it comes to creating a solid IT network, these old commercials offer some surprising lessons.

1.  Make Way for a Mobile Workforce

1977 was a good year that brought us Star Wars, Elvis Costello’s “My Name is True”, and the birth of Shakira. Time flies, but even back then, businesses knew that it was time to adapt to a mobile workforce. The answer? Check out this no-frills, 1977 commercial for the first portable laptop, the IBM 5100.

Today, supporting a mobile workforce is an increasingly important aspect of any IT solution in every industry. Employees who believe their workplace effectively uses mobile tech are more creative, satisfied, and productive at work. And customers always appreciate more responsive service.

2. Plan for Disasters

Many of the physical components of your business are connected to your network. This means they are subject to cyberattacks, natural disasters, and human error, just to name a few network disasters. They might even be turned into a cutting board and/or baking sheet like this gentleman’s Lenovo Thinkpad…

 

Grandma-proofing isn’t the preparation we most often consider, but it certainly represents the risk of “human error.” Part of creating a killer IT solution is including a backup and disaster recovery plan. This ensures that however you happen to lose your hardware, you don’t lose your data.

3. Get Ahead with Video Conferencing

One in three CXOs agree that video conferencing is essential for operations. Businesses increase productivity and reduce costs when they eliminate travel time in favor of video conferencing. Also in situations like this one, you might just save yourself from a nasty concussion.

Make sure your managed services provider is prepared to accommodate network speeds that support superior conferencing and effective communication.

4. Don’t Forget Physical Security

In order to truly keep your business safe from intruders and insider threats, you’ll want to include physical security solutions in your overall operations. Video cameras, for instance, will enable you to capture theft and, apparently, even the occasional spring shower.


Physical security, including cameras and entry control, has been known to assist in identifying and prosecuting employees for illegal acts, not to mention in deterring theft in the first place. Most people don’t like being caught on camera when they rob someone blind. And your business doesn’t like being caught by surprise by damaging deeds that compromise your data.

5. The Security Is in the Network

Not all perpetrators waltz into your office to do sketchy things in person. Some prefer to work the cyberattack angle. So, on top of creating access control and installing security cameras, you need a hardcore security plan for protecting your network from the inside out.

That’s right. Your network is a target for some of the most heinous activity imagined. If the bad guys had it their way, your network would look something like that cantina in Star Wars where all of the worst specimens in the galaxy tend to congregate, looking for trouble.

You probably cannot imagine all the varieties of digital threats cruising around your network. So, you need to incorporate the right mix of regular maintenance, monitoring, updates and testing to ensure your security plan keeps the “wretched hive of scum and villainy” far, far and away.

What would your video say about IT?

If someone shot a film or commercial about your IT environment, what kind of lessons would it offer? Would it be a laughable farce complete with slapstick tomfoolery, or would it be an insightful mini-documentary portraying the most excellent of practices in modern business technology? If you lean toward that first commercial, then it’s time to have a real chat about your IT solutions.

Give us a shout and we’d be glad to share more. No strings attached.

5 Reasons You Need a Managed Service Provider with Experience in Healthcare Industry

The best way to avoid HIPAA violations in your IT network is to consider your managed service provider the same way your patients consider a medical specialist.

For instance, if your patient catches a bad viral infection, they probably won’t visit their accountant for medical advice The principle is the same for managed service providers. Because many specialize in certain markets, you will want to be sure to work with an MSP that has a proven record in the healthcare industry.

Without the guidance of an experienced MSP, you may find your data breached and your customers walking out the door.

By September 2017, more than 221 major HIPAA breaches were reported to federal authorities, which was a 66% increase from 2016. 84% of these incidents were reported as hacking issues. With that seemingly unstoppable upward trajectory, it’s more important than ever to make sure that your managed service provider (MSP) has experience creating HIPAA-compliant networks.

While HIPAA compliance is a major priority in healthcare systems and medical practices, sometimes the facts are overshadowed by all of the stress of adhering to the rules. The most important fact: HIPAA is designed to protect your patients. Other than the obvious goal of protecting their privacy, there are 5 very important business reasons to shore up your efforts to remain HIPAA-compliant.

1.  The Fines

First, there are hefty fines associated with HIPAA violations, with up to $1.5 million dollars per violation, which can then be multiplied by how long the violation has taken place. Major breaches like the Anthem hacking incident are estimated to cost over $100 million.

 

2. Patient Retention

Second, and just as important, you run a high risk of losing your patients if their data is breached. 31% of consumers surveyed by the Ponemon Institute said they discontinued their relationships with the breached entity following a data breach.

 

 3. Authentication

Human error and insider threats continue to play a huge role in data loss. One recent report showed that 74% of organizations feel vulnerable to insider threats. This is right in line with another industry report, which found that 70% of data center incidents were caused by human error.

Any person in your business that accesses medical records should have a unique user ID. This will ensure that a.) only the right people have access and b.) you can track who has accessed documents. Taking these proactive measures will help minimize human error and/or intentional threats.

 

4. Encryption

Your employees might be doing all the right things, but that may not matter if your data isn’t protected when in transit.

It’s a common activity to send a patient’s medical records to another office, for example. This is a pain point where you can be exploited. Encryption will ensure that data is safe moving across and beyond your network.

 

5. Cloud Solutions

If your MSP works with cloud solutions (as 90% of companies surveyed currently do), it’s important to make sure that the cloud setup meets the same standard as your network compliance. For this reason, RWA suggests working with a cloud-based program that is proven to be HIPAA-compliant.

What’s next?

RWA has a proven track record working with medical and healthcare practices. We offer HIPAA compliance assistance, and we’ve partnered with an excellent company offering a complete and very affordable cloud-based compliance program for large and small practices, including a “BA-Specific” program for their business associates as well.

Looking for more info on securing your network to meet HIPAA standards? Give us a shout and we’d be glad to share more. No strings attached.

Network Security: I’m Sorry, But You’re Not on the List

Often, people are curious about how susceptible their networks might be to cyber attacks and other intrusions. Think of it like this, your network is the biggest New Year’s party of 2018. Everyone wants to see what’s going on inside and they’ll do whatever it takes to get in. To keep the party safe and fun, you’re going to need proper network security.

The alternative is not pretty. Your party crashers can cause astronomically high financial losses (think over $40,000 per cyberattack), and your reputation will go down the drain, too. 31% of customers will leave a healthcare business if their data is compromised, for example.

One way to ensure that the bad element stays out of the network is to apply category-based content filters. These work by analyzing individual websites and placing them in specific categories based on their safety level.

Here are a few of the different categories of sites and content that you can filter out. This will help prevent undesirable people from crashing your network and from inviting others to do the same.

Not Safe For Work (NSFW)

Your business has a lot of leeway in this category. The primary distinction for NSFW is websites or emails that contain either written or visual sexual content, drug use, or gratuitous violence.

The nature of these sites will often put them in direct violation of company sexual harassment and/or morale policies. On top of that, NSFW content is very often riddled with viruses, malware, and other cyber threats.

Social Networks

Social Network filters can be customized to fit your specific business needs. For instance, if you find that your employees are spending far too much time on Facebook or Twitter, you can easily block it from employee access. Social networking isn’t intrinsically dangerous, but the platforms often allow an enormous amount of dangerous content to be featured on their sites.

This has been explored to some depth in studies of the recent impact of falsified news on Facebook. In your business, what it means is that your employees can click into a click-bait website (one designed to peak interest without any actual valuable content) and it might lead to a site filled with phishing links or malware.

Phishing Scams

Phishing is one of the most detrimental web scams. Dangerous phishing emails and sites are designed to look like legitimate pages so that you trust them enough to volunteer sensitive personal and financial information.

A phishing filter will examine all the identifying background code and eliminate these sites to keep your employees from accessing these fake pages.

Malicious URLs

When you access a malicious website, you end up involuntarily downloading ransomware, malware, and other cyber attacks onto your network. Filtering for malicious content helps to spot and track these dangers to prevent your employees from accidentally damaging their hardware and your network.

Peer-to-Peer Sites

If you’ve ever had a friend who talks about owning a movie the day it came out in the theater, he’s probably using a peer-to-peer torrent site. Think of the early days of Napster on this one. These sites operate so that people can share information without regulation. They are horrible for network security.

If someone accesses a peer-to-peer site on your business network, they might download a file thinking it is the new Taylor Swift album and end up with computer virus that wipes out your network and costs you up to $100,000 an hour of downtime while you replace equipment and get things running.

Ready to add filters to your network?

We really want your network to feel the most fantastic party of the year in 2018. If you feel the same, it’s probably a good idea to put together a plan to filter out the unsavory cyber elements. Just give us a call or shoot us an email and we’d be happy to share more about network security filters.

Virus vs. Worm: How to Identify and Slay Your Network Monsters

The glossary of adversaries to your network security will continue to grow so long as cyberattacks continue to happen, and the various cyber-monsters can be difficult to differentiate. That being said, two of the most prevalent security threats are easy enough to remember when you compare them to legendary monsters. Enter the virus and the worm.

What they have in common…

Viruses and worms are both cyberattacks that are detrimental to your business. They are also both financial blackholes. In 2016, viruses and worms contributed to $450 billion in financial losses due to cybercrime. On an individual level, cyberattacks can cost businesses up to $40,000 per hour.

The end result for both a virus and a worm is to damage your network and cost you money and time. The primary difference is in their approach.

A virus is like a vampire…

One easy way to conceptualize a computer virus is to think of it as a vampire.

If a vampire wants to infect you with vampirism and turn you into a member of the nocturnal undead, it will require some human error. Just like you might encounter a vampire if you take a shortcut down a dark alley, you might catch a computer virus by visiting a harmful URL or downloading software that isn’t secure. There’s always an element of human participation.

And we all know that a vampire can’t come into your house unless it is invited. That’s exactly how a virus works.

Many times, it’s easy to spot a computer virus. It’s just a little bit out of place. Just like when a vampire comes over to your house wearing his best 1970s “date night” outfit. There’s just something that’s a bit off. Viruses are often given away by emails or URLs that don’t look quite official – anything from misspellings to unfamiliar names to complex Web addresses to simply uncomfortable requests to share or exchange information. If it strikes you as strange, it probably is.

If you fail to see the signs and unwittingly invite a vampire into your house, he/she/it will probably give you a bite, infect you, and you’ll soon be investing a lot of money in sunglasses, wide-brimmed hats, and umbrellas.

When you open the door to a computer virus by opening attachments or downloading certain files or programs, it will use that program to overload your system and eat up your random access memory, freeze certain resources or take over certain functionality. This in turn leads to slower computing, crashes, and total destruction of the computer system.

One recent example is the “Bad Rabbit” ransomware virus, which spread from Russia to the USA. Ransomware will famously extort money from users in exchange for data, and the average ransomware attack has risen to $1,077.

Computer viruses act just like the vampire virus. They both require a host to infect their victim, and they both greatly alter the health of their prey.

A worm is like a werewolf…

If a virus is like a vampire, then a worm is like a werewolf.

When werewolves want to attack, they have no intention of waiting for you to invite them inside the house. They enter and they either eat you or they bite you and turn you into a werewolf. This is exactly how a worm works on your network.

Worms are cyberattacks that disrupt your network by exploiting weaknesses and self-replicating. One famous example is the recent WannaCry ransomware attack, which infected more than 300,000 computers in a few days, by using worm techniques to infiltrate Windows and spread across LAN and WAN connections.

Unlike the computer virus, they require no human error. Worms can piggyback in on websites or attachments, and then spread exponentially across your network to other files.

While a virus is dangerous, it is typically isolated to a certain program or system resource. A worm, however, will discover any weaknesses and exploit them.

How to slay your network monster…

The best way to win a fight against a vampire or a werewolf is to a.) avoid inviting them in, and b.) fortify your home against them. Hanging garlic on the windows and carrying a silver sword just in case is always a good idea.

For your business to fight a computer virus or worm, you need to invest in solid preparation and protection for your network. This means having a virus protection plan, training your team and downloading all of the relevant patches on an ongoing basis.

When you work with RWA as your managed service provider, we’ll create a comprehensive solution that will help prevent and combat cyberattacks of all kinds.

Reach out to us to learn more about different cyberattacks and how to stop them.