By Jim Cropper, director of healthcare Sales, Brother International Corporation.
Almost every day, a news story breaks about a cyberattack hitting a healthcare facility. Healthcare is one of the most highly targeted sectors, and hacks cost the industry $4 billion in 2019.
It’s challenging to stay ahead of malicious actors, and since healthcare is such an attractive target, leaders in this field need to be especially alert. IT teams must protect the vulnerable internal systems safeguarding patient data without falling victim to costly ransomware, for example.
Modern hackers know the most vulnerable parts of enterprise systems. That puts medical centers at a disadvantage because they are susceptible to frequent, sustained attacks. Many of these facilities also lack adequate incident response protocols, and they don’t have enough capital in their budgets to replace legacy software and devices. But with a few simple, smart steps, facilities can still significantly uplevel the protection of patient data.
Step one is understanding all the different methods cybercriminals employ when breaching health systems. Some infiltrate clinical labs by exposing vulnerabilities on their websites, while others exploit lax server protections. Employee email accounts are also a common offender since unauthorized third parties can access patient information through phishing.
One worrisome aspect is how many data breaches are the result of internal negligence. Unencrypted laptops, smartphones, and flash drives are an all-you-can-eat buffet for cybercriminals when forgotten and left exposed.
In particular, there’s one standard device that isn’t part of most health systems’ cybersecurity focus, though it should be: the Multi-Function Printer (MFP), which is an easy target because they’re often overlooked, and because so many vital documents flow through these workflow hubs. Keeping such a large volume of data out in the open is an enormous security risk.