NMDA Journal Fall 2018

17 nmdental.org Ransomware: Key Steps for Dental Offices' to Avoid it or Reduce its Impact By Steve Newton, VP— The Digital Dental Record Ransomware is one of the most talked about and discussed IT topics in the world today. Ransomware (a type of Malware) is software that hackers use to infiltrate your network, lock or encrypt your practice data and demand a ransom from you in order to unlock it. A common form of ransom requested is payment made in Bitcoin because it is very difficult to track. There are multiple proactive steps an office can take to reduce your chance of a Ransomware attack or limit the impact of an attack if you become a victim of one. First, make sure all team members receive “ Basic Training ” on the most common ways a Ransomware attack can occur. Ransomware attacks are usually carried out by a “Trojan” that is able to enter your network when someone accidentally downloads a file while working in your office or when another security vulnerability is found in your network. A second simple but impactful step the team can take to protect your office is to limit or restrict the use of internet browsing while at the office. When a user clicks on a link from a webpage, there are many different things that can occur. One action that can occur is that an unsafe file could be downloaded to that user's computer within your practice. In order to reduce the chance of this occurring consider defining browsing permissions and make sure you only navigate to well known and respected websites. Another common way unsafe files are accidentally downloaded is when a user opens an email from an unknown or unexpected sender and clicks on a link or attachment included within the email. A best practice to reduce the chances of this occurring is to let your Dental IT partner know if you receive emails from senders with links or attachments that you do not recognize. Your IT partner can take steps to block future emails from those senders. Also, sometimes you'll receive emails from users that you know but are unexpected. If you are uncertain about a communication you receive, it's best to error on the side of caution and reach out the sender to confirm the communication came from them prior to clicking on any links or attachments within the email. The next essential step you should take to reduce the risk of a Ransomware attack is to ensure you are partnering with a well respected and dedicated IT expert within your industry. Your IT partner should be keeping up with the latest security trends in the industry and should have a game plan on how to mitigate your risk. Some common steps a strong IT partner may recommend in order to try and help you reduce the chance or limit the impact of a Ransomware attack are: 1. Back-up and encrypt your data off-site. If you become a victim of an attack, having a clean and reliable copy of your data is essential to limiting the impact of an attack. 2. Keep up-to-date with patches for your operating system and other software programs within your practice in order to fix the vulnerabilities within software programs that are found over time. 3. Invest in a quality antivirus and malware software solution. Once the software is installed, make sure that software is set to automatically update and complete routine scans of your network. 4. Create user roles for team members on the network and restrict permissions for those roles so that team members only have access to the files and directories that are essential to their job functions. Taking some of these basic steps are essential to protecting your business from Ransomware attacks now and in the future. New Mexico Dental Association endorses DDS Safe from The Digital Dental Record. For a free data assessment, visit www.dentalrecord.com/dds-safe or call DDS Safe at 800-243-4675.