January 17th, 2018
Planning to catch up on admin. duties one Sunday morning, you log in to your office computer to find an unfamiliar screen. Its text says your system has been locked, your files are inaccessible, and you'll have to pay to regain access. In other words, your ophthalmology practice has just become the victim of a ransomware attack.
Suddenly, all the articles and warnings you've seen about cyberattacks snap into sharp focus. In that moment, you'll be tempted to ask, "Why me?" However, a better question is how should you have been protecting your ophthalmology practice against a ransomware attack? Yes, business insurance for ophthalmologists will help after the fact, but you need to know what to do before it happens.
Back Up Your Data Separately
Remember that dusty old external hard drive you've been ignoring in favor of storing your data in the cloud? Yeah, it's time to break it out, plug it into your system, and back up your files—every day. After the daily backup is complete, disconnect it from your network and put it back in the closet. This way, if someone does worm their way in and put you on lockdown, you can set up an uninfected machine and pull your data from the hard drive. After which you can rest easy, knowing that your IT person will reset your network.
Perform Software Updates Immediately
These days, when a software revision is released, it almost always contains security updates because a vulnerability has been discovered and repaired. If you're running old software, your computers are susceptible to all sorts of malicious mayhem. When your practice gains the attention of an interloper, you will be hit. Hostage takers look for low-hanging fruit. If you're not performing software updates as soon as they become available, you're definitely dangling within reach.
Train Your Staff to Be Vigilant
All it takes is one infected email to take down your entire ophthalmology practice. After all, every piece of information you need to operate must be accessed by one of the computers in your office. By and large, malware gets in as a passenger on an email attachment.
Teach your office staff to be suspicious of everything. They should look carefully at email addresses before opening messages. Hover over links before using them to see the address to which they're directed. If messages from "your bank," "the IRS," or "your credit card company" ask for information they should already have, delete the messages immediately. Do not open their attachments. By the way, popup windows advertising malware solutions often contain malware—never click on them.
If It's Already Too Late
If you experience the scenario at the beginning of this article, immediately disconnect that computer from the internet and your internal network. If you're lucky, it was just in that machine and hadn't spread to the others yet. Isolating it to one machine keeps you up and running. If it has spread, and you don't have your data backed up outside of your network, you'll be happy you bought cyber insurance, like the coverage sold by CyberPolicy.
Protecting your ophthalmology practice against ransomware is more of an issue than you might believe. It's just as important to your continued operation as business insurance for ophthalmologists. Speaking of which, CoverHound can help you find the coverage you need at a rate you can afford. Best of all, we'll help you for free.