How You Can Protect Your Practice’s Data

Publication
Article
Dental Products ReportDental Products Report August 2021
Volume 55
Issue 8

Recent ransomware attacks may cause anxiety about protecting practice information, but there are tools and tips to keep you safe.

How You Can Protect Your Practice's Data

By Putilov_Denis / stock.adobe.com

As I write this article, the most popular tech-focused news story concerns the thousands of businesses that were hit with ransomware due to vulnerability in a software used by many IT companies. I have received numerous emails and calls from my clients about the Kaseya ransomware breach, which is estimated to have affected at least 40,000 computers. Here is a small FAQ designed to assist dental offices in understanding how this breach may affect them.

What is Kaseya VSA?

Many IT providers have moved to what’s called a managed services provider (MSP) model. One of the main components of these services is remote monitoring and management (RMM). We use this software to provide security patches for software, as required by the Health Insurance Portability and Accountability Act (HIPAA), and also to remotely connect to our clients’ computers to provide ongoing support. If you are a client of mine and have our Netwatch service, then you know what this is. Fortunately, we do not use the Kaseya system, which is one of the largest RMM vendors.

Why did the attackers target IT companies?

Most of you have probably heard of the 400 dental offices hit with ransomware in 2019. This is exactly what happened here: The attackers gained access to the IT company’s portal and can now push out ransomware to hundreds or thousands of computers simultaneously.

Was my IT provider affected?

Possibly. If they use Kaseya, and they use the version that Kaseya hosts in their offices, then yes, they may have been hit. You should speak with your IT company immediately if you suspect the use of Kaseya to manage systems remotely.

Was my IT provider at fault?

No. Regarding the 400 dental offices back in 2019, the answer was yes, as it was shown the provider had not activated proper security protocols such as 2-factor authentication. This is when, after entering your username and password on a website, you are sent a second code, either by text or email, that must be entered to gain access to the portal. You should make absolutely sure that your IT provider is using 2-factor authentication, no matter which software system they use. However, in this specific case, it was due to a vulnerability in the software code, and neither Kaseya nor the IT companies were likely aware of it before the attack.

So how can I protect myself?

Previously, I highly recommended 3 steps to offices to prevent a ransomware attack and have added a fourth. The first 3 are the following:

Invest in a business-class firewall such as Sophos or SonicWall. The firewall built into your modem or router isn’t all that great.

Install ransomware-specific software. I like Intercept X, but HitmanPro is also good. Have an IT company set it up for you.

Patch all your software and keep it up-to-date.

What’s this fourth step, and why do you recommend it?

We recently emailed our clients about the need to use software that does application whitelisting and ring-fencing. Basically, even if some ransomware does make it through your defenses, if you prevent unapproved programs (like a virus) from even running, your data will be safe. This is called ThreatBlock.

Where can I get more information?

Visit my website—thedigitaldentist.com—and fill out the free consultation form. Or simply email me at drlavine@thedigitaldentist.com.

Recent Videos
GNYDM24 Product Focus: Josh Gosnell, Vice President, Business Development at Adit, explains how cloud-based analytics and patient communication software can enable practices to run more efficiently.
GNYDM24 Product Focus: Debra Engelhardt-Nash talks about how Weave's systems can help with increasing patient acceptance and with practices getting paid.
At DS World 24, Max Milz, Dentsply Sirona VP, Connected Technology Solutions, talks about the company's new Primescan 2 intraoral scanning solution and how it fits in with a variety of digital dentistry workflows.
At Dentsply Sirona World 2024, Henry Schein's Matt Kunzler talks about the brand new innovations from Dentsply Sirona, including Primescan 2, a first of its kind cloud native scanner, as well as Henry Schein's flex financing solutions.
The Uptime Health Story: An Interview with Uptime Health CEO and Co-Founder Jinesh Patel
Mastermind Episode 33 – Charting the Course for the Future of Dentistry
CDS 2024: What's New at TAG University? with Andrew De la Rosa, DMD
CDS 2024: Breaking Down Barriers to Care with Eric Kukucka, DD
© 2024 MJH Life Sciences

All rights reserved.