What would you do if you lost your phone? What if you left it on the bus, or it was stolen out of your purse?  All your photos, videos, and files; your emails; access to your bank account. Gone in a flash. How much would you pay to get it back?

Now what if it was your company computer? Now, what if you didn’t just lose access to those files; what if they were held ransom? What if they were threatening to release the data of every client, every employee, every person you had ever interacted with? What’s the number?

That’s the reality for hospitals and healthcare institutions around the United States and worldwide. And the numbers are staggering. By June, there were 48 ransomware events impacting the healthcare sector already in 2021 and in at least 72% of those cases the victims’ data was leaked.

So, what can you do? Here are a few tips to help make sure your data is protected.

  • Require multi-factor authentication. Yes, it’s a pain. Yes, it takes extra time. I promise it’s worth it.
  • Enable strong spam filters to prevent phishing emails from reaching end users. They can’t accidentally click on links they never see.
  • Implement a user training program and simulated attacks for spear phishing. End users are more likely to identify a phishing attempt if they know what to look for.
  • Filter network traffic. If the website isn’t relevant for work, they don’t need to be on it.
  • Update software. Updates include not only new features, but also patches and fixes for bugs. Don’t skip those updates.
  • Backup your data. Maintain at least 2 copies of your data. Keep 1 copy stored locally and another stored off-site. And if you can air-gap (storing a backup copy that is not otherwise connected to the network) your backup before you push it to the cloud, that’s even better.

Source: https://www.hhs.gov/sites/default/files/ransomware-trends-2021.pdf