The NSA recently published a document confirming what we’ve known about computer networks for years,
“The question is not IF a system will be compromised, but WHEN”. This document’s basic premise is that
Computer Security Professionals are well aware of the basic practices to prevent attacks, but does the
business owner know? Do you?
Top 5 Threats
- Internal Threats – Intentional and Accidental information breaches
- Spear Phishing
- Server security configuration /un-patched server software
- Malware / Advanced Persistent Threats
- Stolen usernames and passwords
You’ll notice that your own staff is included on this list.
Yes, the insider is a threat to your client/patient information. Internal breaches are
both intentional and accidental. In fact, a recent Forester Research report showed
36% of computer data breaches resulted from inadvertent misuse of data by employees.
The study documents that only 42% of the US and EU workforce surveyed had actually
been trained on workplace security policy and procedures, and more than half were
unaware of their own company’s policy on computer data security.
Proper staff training should be thorough and continuous. One short training program,
once a year just isn’t enough to protect your patients.
The good news? Virtually all of these threats can be effectively mitigated with comprehensive
tools, system configuration, policies, procedures, training, documentation and professional intervention.
Action DataTel is here to help you navigate the privacy, security and compliance landmines of today.
Computer Data Security is not a product, it’s a process. It begins with knowledge, some understanding
of the threats and awareness of the consequences. Then, we implement tools, and address proper policies
and procedures. There is no “set it and forget it”. These human created threats morph, change and evolve.
Your Security solutions must do the same.
If you’re not sure where your business security stands, give us a call. We’ll come by and take a look with you.
Call Action DataTel today @ 541-494-2099 for your no cost security evaluation!
Ref: ‘NSA Methodology for Adversary Obstruction’