Feb 08 2015

Healthcare Data May Be Prime Target In 2015 : Is Your Data Safe?

By now, everyone has heard about the massive Sony hack that capped off a rather busy 2014, in terms of cyber attacks. It was extensive in scope and scale, in data compromised and information revealed. And while it was extremely high profile, there are much more tempting targets all around us.

Put simply, healthcare information is in the cross-hairs. It is something each and every one of us has created. If you’ve gone to a doctor or been to a hospital, you have data out there, and it is data that can be stolen. As hospitals and other medical facilities have made a push toward getting records all online and away from the legacy paper record keeping, it has made medical professionals jobs easier, in theory. But it has created a lot more work for the IT professionals who are tasked with moving the information online, and keeping it safe in the process.

Add to the mix the financial strain the healthcare sector tends to be in, and invariably you are likely to find corners cut, steps not followed fully, and all of this means data is vulnerable. Recently, a medical facility in the midwest had a breach and were threatened with the release of the information if they did not pay a ransom. MIT recently opined that 2015 may well be the year of the healthcare hack.

So what does it mean for you? Are you prepared? Will you be a victim? According to some, most healthcare related IT teams aren’t prepared, or the current corrective measure is not sufficient-increase your malware detection and response and hope for the best.

But is that really what you should do? Sit back and see what happens? Add some software and hope it works?

There are better and far more proactive options. There are firms that provide services intended to put your network and your assets through the ringer to see where your faults may lie, and how you can address any and all discovered vulnerabilities. TRA Holdings is one such firm, offering a wide range of security-focused services. By enlisting TRA’s services, you will be taking a proactive first step in defending your organization. Testing run by TRA specialists can include, but is not limited to, things like phishing, physical security evaluations and penetration testing. Each method is designed to examine your assets from the mindset of a nefarious hacker with evil intent, but without the risk of damage to you. Once testing is completed, you can expect to receive a detailed explanation of what was tested, and based on the tests, what needs to be fixed and how it can be remedied.

It sure beats the alternative of having a hacker contact you, telling you that they’ve compromised sensitive customer records, and it will cost you far more to keep the breach quiet, that’s for certain.