Bright ideas. Smart solutions. www.technology-solutions.gma-cpa.com The top six technology threats to your long-term care organization and how to mitigate them
Bright ideas. Smart solutions.www.technology-solutions.gma-cpa.com
The top six technology threats to your long-term care organization
and how to mitigate them
Security
“While you may have security without privacy, you can't have privacy without security.”
— Jonathan Gossels, president and CEO, SystemExperts
Agenda
• Top six threats with steps to mitigate risk• Demonstration• Questions
Threat 1: virtualization
• Servers• Desktops• Mobile devices• Hosted or in the Cloud
How to minimize your risk
• Patch operating system• Maintain antivirus / antimalware• Patch hardware• Patch underlying system software
Threat 2: Internet gateway
• Firewall• Proactive security scanning• Cloud• SaaS• Wireless
How to minimize your risk
• Update firmware and operating system• Perform monthly security probe scans• Automatic monitoring with alerting• Secure wireless for authorized use only• Encrypt outgoing data when necessary
Threat 3: remote access
• VPN• Remote desktop• VNC• GoToMyPC / LogMeIn
How to minimize your risk
• Use VPN combined with two-factor authentication
• Use network access control software• Strictly limit use of VNC, GoToMyPC, or
LogMeIn to approved users only
Threat 4: mobile devices
• Smartphones• PDA• iPad• Mini-laptop
How to minimize your risk
• Antivirus / antimalware• Network access control software• Use of remote locking software
– Computer LoJack– MobileMe
• Ensure underlying system is patched and secured
“I think computer viruses should count as life. I think it says something about human nature that the only form of life we have created so far is purely destructive…”
―Stephen Hawking
Threat 5: virus and malware
• Email• File transfer• Removable devices• Web
How to minimize your risk
• Active multiple layer protection• Strict secure file transfer solution• Block unauthorized removable devices• Monitor and limit web access
Threat 6: Users
• Training• Accountability• Responsibility
How to minimize your risk
• Provide adequate training for each necessary task
• Create and maintain acceptable use policy for all employees
• Review and document inappropriate use
Demonstration
• Group policy– USB– Local files
Resources
http://www.hhs.gov/ocr/privacy/
http://www.ftc.gov/bcp/edu/microsites/idtheft/business/resources.html
http://www.ftc.gov/bcp/edu/microsites/idtheft/business/data-breach.html
http://www.ic3.gov/default.aspx
Questions?
William Walter, MCSE | [email protected] | 443.610.7413http://technology-solutions.gma-cpa.com
www.facebook.com/GrossMendelsohn
www.twitter.com/GrossMendelsohn