« Back to All Blogs

Q1 Digital Security Check for Your Passwords

March 22, 2022

Adam Lueken

Categories:

As Q1 winds down, now is a great time to review what steps you’re taking to keep your digital data secure. If you’re not already, there are a number of helpful actions you can take to reduce your chances of having your practice passwords hacked or breached.

Password Managers

If using several different passwords for your systems, keeping track of them all can be challenging. But there are many helpful tools available designed to help you store passwords and automatically fill them in on websites and apps, using browser plugins and integration with Android and iOS. These password managers only require one master password to log in. Password managers can also help you fill in online forms with names, addresses and other data easily. This is quicker and safer than allowing e-commerce sites to store information. These manager apps usually sync across all your devices, so you can keep track of your passwords from your phone, computer, tablet, etc. Rather than writing passwords down all your passwords, consider downloading a password manager to store and keep them secure.

Patient Portal Protection

In addition to your in-office systems, if your practice uses a patient portal, it can also be vulnerable. Without proper encryption methods and detection tools, portals can be just as easily accessible to hackers as they are to authorized patients and users. As portal usage grows, that security vulnerability will become a growing threat PHI and sensitive data. Here are some things to consider when protecting a patient portal.

Incorporating a multilayer verification, for example – a two-factor authentication can help create added protection. In addition to a password or PIN, your users can provide something personal such as a cell phone number, ZIP code, security question and answer, etc. If the user’s device, account ID, and/or password are compromised, multi-factor authentication can ensure your portal remains safe. Up-to-date anti-virus software can be beneficial as well. Email is a common way hackers deploy malware, and these attacks continually improve to slip past conventional security measures. If anti-virus software is outdated, it can be vulnerable to every new form of attacking malware. Most new software allows for automatic opt-ins, so updates are downloaded and installed as soon as they’re available.

Password Strength

It’s a common belief that mixing different characters and numbers in your passwords will make them stronger. This is true to an extent, but it still may not protect you from the sophisticated breach techniques being used today. It seems like a good idea to switch out your password every now and then, but this can also help cyber criminals better detect your patterns. Also when changing passwords, many people only change a portion of their current password or use something similar, like adding a number or an exclamation point, dollar sign, etc. to the original. Or if people radically change their passwords, they often write them down and are not kept secure.

Increasing the complexity of your passwords and changing your passwords can be helpful if done right, there are ways to take this security even further. The passwords research group from Carnegie Mellon’s CyLab Security and Privacy Institute has created a password policy that balances both security and usability. Using these guidelines, passwords need to be at least 12 characters and pass a specific test developed by the research team. This test, powered by an artificial neural network, evaluates a password, gives a strength score and offers suggestions in real-time. So instead of relying on a certain length or set of characters, users can still create strong passwords that are also more usable and easier to remember. You can view a demo of the password strength test here.

Unfortunately, data breaches aren’t going away for the foreseeable future, so take the necessary steps to keep your passwords and digital security as strong as possible. If IT security is one of the areas you would like support or alleviation with, we’d love to talk. Schedule a consultation with one of our practice management experts today. 

Archives

Categories

Recent Posts