I have a firewall and anti-virus software, so why do I need your services?

Part of being secure is insuring that you make every effort to secure and protect your network. The industry standard for network security and data protection is vulnerability scanning and penetration testing.  If your firewall, network and operating systems are not configured properly or not updated, your system is very vulnerable.

In the event of a data breach, your network will be closely examined to see if you had vulnerabilities that should have been removed.  In the event that you and your IT company is found to be negligent, you could face massive penalties from your state and/or government entities.

Black Talon Security specializes in network security and compliance.  We have found that most IT companies are good at setting up networks, but have limited knowledge when it comes to robust network security.  You really need to have a 3rd party, such as Black Talon Security, validate and manage your security.

What will happen if I have a data breach?

Most practices and businesses spend a lot of money on advertising, PR and managing relationships.  But have you thought about the ramifications of a data breach or ransomware?  All the money you have invested in yourself, your practice/business and staff could be jeopardized.  In the event of a data breach you will have to deal with these ramifications:

Federal Law and most state laws require you notify every single patient or client that their records and identity were compromised

The social media backlash will be severe

Mainstream media will make your practice a target

The financial cost of identity monitoring and legal fees could easily put you out of business

You will face lawsuits from your patients or clients

Your data may be published to the Dark Web or publicly, putting you in a very compromising position

 

Imagine if an unauthorized person is able to see your patient's record or business files.  It has happened and will continue to do so!

I am using a cloud-based practice management software, do I need your services?

Even though you may be running a cloud service, which handles the database security, you still have risk.  Through malware delivered via websites or more likely email a hacker can compromise your network by using a phishing scam to get your user name and password or install a key-logging script that captures your login credentials.  With this information, the hacker could log into your software as if he/she was in your office. Most cloud-based systems are vulnerable to ransomware attacks.

Most businesses that use a cloud software still have data being stored locally.  This data contains electronic protected health information (ePHI), personally identifiable information (PII), trade secrets, confidential documents and needs to be safeguarded as well.

What is ransomware and what is the impact on my practice if I fall victim?

Ransomware is a debilitating attack on your infrastructure that encrypts your computers and server and leaves you completely helpless and hostage unless you are willing to pay a significant amount of money to have the attacker decrypt your files. Most law enforcement agencies will tell you not to pay since there are no guarantees your files will be released.  If this occurs, your entire network infrastructure will need to be restored.  If you don't have a good backup, your may experience significant data loss, which is a security incident under the HIPAA security rule or other federal/state laws

The process of restoring your network is expensive and very time consuming.  It is the same process as starting from scratch. Applications have to be installed and configured. Network security, settings, accounts and data have to be restored.  Even with a good offsite backup, it may take days just to get your data back. For the average sized business, this is a multi-day process resulting in the shut-down of some or all operations.  How much will this cost you financially?  How will your clients or patients feel when you have to cancel meetings/appointments or cannot access their data? 

Do I still need an IT company to support my network?

Absolutely. The relationship we have with your IT company is mutually beneficial.  After performing all of our security testing on your network, we will work with your IT company to mitigate any risks.  Your IT company will be the one making the necessary software changes based on our recommendations.

If I have MACs, do I still need cybersecurity?

You absolutely do. There are more and more MAC exploits being developed by hackers than ever before. In addition, many practices that have MACs often have acquisition PCs that drive their digital imaging systems and these PC's often run Microsoft Windows. Are you using any IoT (Internet of Things) devices such as smart TVs, digital picture frames, digital thermostats, etc? These devices are often highly susceptible to cyberattacks and hackers often use them as a way to launch attacks against the rest of your network.

Regardless of the platform you use (Windows or MAC), you must conduct a risk assessment and risk analysis against these devices to understand your security posture.

Follow us at:

Cyber Prevention | Breach Response | Forensic Investigation | Cybersecurity Awareness Training

© 2020 Black Talon Security, LLC.  All rights reserved | 2875 Route 35 | Katonah, NY 10536 | 800-683-3797