One has to cringe when they read this headline: "Millions of Medical Records Stolen from Unlocked Van".
In December of 2010 1.7 million records of patients, staff, contractors, vendors, and other personal records from several hospitals in the Bronx were stolen. Now, records are stolen every day. The point here is that the culprit was not some talented black-hat hacker or shadowy criminal organization from Russia or the Middle East. They didn't use sophisticated techniques or hacker tools, bounced off of multiple proxy servers, and controlled by a hidden botnet. These records were contained in data backup tapes that were being taken offsite by a third-party data storage vendor. The driver of the vehicle that picked them up left them in an UNLOCKED van that he/she left parked in Manhattan.
It has been said that the first step to electronic data security is physical security. The theft referenced above proves the point. It doesn't matter how secure your electronic points of entry are, if someone can get their hands on your physical media, you could have a problem.
This story brings up a good point: You should be using encryption on your backup tapes so that if they fall into the wrong hands the data cannot be easily recovered.
Basic security steps you should take today:
1. Make sure your backup software allows you to encrypt backup tapes and require a password to access the data on them. If your software doesn't do this then you need to upgrade your software!
2. Make sure all of your systems are protected by strong passwords. This includes even "non-critical" systems. The bad guys often use lesser systems as staging points to attack more critical systems.
3. Change your passwords often, and store them in a safe, preferably locked, location. Passwords written on sticky notes and stuck to your monitor, placed under your keyboard, in your desk drawer, or in a Rolodex under "P" for password is the same as having no password at all!
4. Don't assume that any system is not important enough to password protect. See number two above!
5. Make sure your physical entry points are secure. Data storage devices such as hard drives can and often are stolen, taken to the criminal's shop, and compromised at will.
6. When you return a copier or printer at the end of its lease, don't forget to destroy the data saved on its hard drive. This is often forgotten.
7. Make sure you are protected with business class firewalls, and software to protect against spam, viruses, and other malware, and keep your protection up to date.
8. If you don't feel comfortable doing all this yourself, hire a professional IT solutions provider. It is an investment that is well worth what you spend!
Every business needs to protect its systems and data. There are three questions you must ask yourself:
- How sure are you that yours are protected?
- What are you going to do about it?
- When are you going to start?
The short list of precautions above is certainly not all-inclusive, but it is a good place to start. Don't be caught with your proverbial pants down!
Ted Miller, President AVIK Technologies, Inc. We manage technology, so you can manage your business! Ted believes that most organizations, regardless of size, have the same basic information technology requirements. Regardless of whether an organization has five employees or five thousand, they have the critical needs of security, Internet connectivity, file (data) storage and protection, printing, email, backup, system reliability, etc. The difference in IT needs between small and large organizations is primarily one of scale. The need is the same, the size and cost of the solution may not be. Ted leverages his experience on behalf of his clients by reviewing how large organizations tackle specific technical and business problems, then scales solutions in such a way as to meet the need of his smaller clients while keeping costs under control and aligned with the client's business objectives. Visit http://www.aviktech.com today to learn more about the services provided by AVIK Technologies, Inc. Article Source: http://EzineArticles.com/?expert=Ted_Miller |
No comments:
Post a Comment
Please post your comment relevant to the topic. If you need also can add a link to it but don't spam.