The Central Texas IT Guy

Web Development Austin, SEO Austin, Austin Search Engine Marketing, Internet Marketing Austin, Web Design Austin, Roundrock Web Design, IT Support Central Texas, Social Media Central Texas

Category: Security Page 27 of 75

Importance Of Data Encryption For Healthcare Industry

By

On April 21, 2020

In Security

Data protection holds an important place for every industry. This importance increases many folds in the case of the healthcare industry. A trusted way of data protection is ‘Encryption’. The key is to encrypt both static and moving data. However, with an increase in the amount of healthcare data being collected every day, encryption has become a challenge.

Before understanding the ways of data protection, it is imperative to know the sources of this data:

  • Hospital devices
  • Personal devices of the patient
  • Implant devices
  • Data from pharmacists, drug manufacturers, and distributors
  • Data from insurance companies

What Is The Need To Protect Healthcare Data?

Healthcare data is a lucrative magnet for cybercriminals as they can sell the data on the dark web and earn high profits. In addition to demanding ransom, the cybercriminals may use stolen healthcare data for:

  • Identity theft and health insurance fraud
  • Exposing private information
  • Damaging a person’s reputation
  • Causing personal distress
  • Using compromised accounts as gateways for a network breach

What Does Healthcare Data Encryption Mean?

Data encryption means converting the original data into encoded text. This form of text is unreadable unless it is decoded using a decryption key or code. In case, of healthcare data, it includes the protection of ePHI (Personal Health Information) to secure it from unauthorized access.

The secret for a successful data protection using encryption lies in ‘Key Management Strategy’.

Key Management Strategy:

Key Management Strategy deals with an important question – how can healthcare organizations ensure that the key required to decrypt the data are shared with authorized parties only. The strategy addresses the following points in general:

Key Storage: The decryption keys should be stored securely to avoid theft.

Rotation/Destruction Of Keys: This factor helps in ensuring that new decryption keys are applied to new data sets. Also, it is important to preserve the old keys required to access old data sets, whenever needed.

Key Generation Granularity: Zero Trust Approach should be followed in the process of key generation while ensuring key access to even the lowest tier of authorized users.

Automation: Automating the Key Management System helps in reducing human error as well as an administrative burden.

Ease Of Use: In order to make a Key Management System effective, the system should have an easy to use user interface.

For more information on the use of encryption to protect healthcare data, contact Centex Technologies at (254) 213 – 4740.

Things To Know About Online Coronavirus Scams

By

On March 30, 2020

In Security

The sudden outbreak of Coronavirus infection has taken the world by surprise. In order to fight against the disease, people are trying to keep themselves updated on any news related to the same. However, cybercriminals are using this as an opportunity to lure people into their scams.

Here is a concise guide to help you understand more about online Coronavirus scams:

What Is A Coronavirus Scam?

Coronavirus scams are similar to other malware scams. The attackers trick the users into opening infected documents and files under the pretext of offering more information about the virus. Once a user clicks to open these files, the malware is downloaded and installed.

What Are The Commonly Used Pretexts?

The scammers may pose as healthcare officials and offer information related to symptoms or prevention of the coronavirus infection. Alternatively, some scams use the disguise of documents offering update information on the number of infection cases or death tolls across the globe. The scammers use threat headlines that state the viral infection has spread to the victim’s home city and motivate the victim to enter his details for reading more information.

Some scammers are preying on the people’s willingness to provide support to infected patients. Such scam emails may be titled “URGENT: Coronavirus Spreads – Can we count on your support today?”

How Do These Scams Operate?

There are two main types of scams being launched by cybercriminals: Email scams and website scams.

  • Email Scams: The scammers send out emails that may offer more information about the coronavirus infection or provide a link to donate for supporting the affected patients. In either case, the email includes a disguised link for further information. The link usually starts with ‘HXXP’ instead of ‘HTTP/ HTTPS’. Once the victim clicks on the link, it opens a form or application page. This form is programmed with malicious code to steal personal information and credit card details.
  • Website Scams: A simple example of a website based scam was recently discovered. The website purported to provide an updated number of coronavirus cases on a global map. However, it was embedded with an info-stealer. The code had a hidden file with the name ‘corona.exe’. Further research indicated that this malware is a variant of the malware AzoreUlt.

Irrespective of the mode of infection (email or website), the malware is focused on stealing personal information or gaining remote access to the victim’s computer system.

How To Secure Yourself Against Coronavirus Scams?

  • If you receive an email, check the sender’s email domain and other URLs included in the email to see if they match the name of the organization that the sender claims to be associated with. You should not be clicking on the URLs without verifying the geniunity.
  • Be wary of login pages with unfamiliar URLs.
  • Instead of clicking any hyperlinks provided in the email, copy and paste the URLs into your browser.
  • If any email or website creates a pressure on you to act immediately, refrain from it.

For more information on Online Scams and how to stay alert, call Centex Technologies at (254) 213 – 4740.

Points To Consider While Securing MSPs

By

On March 27, 2020

In Security

PDF Version: Points-To-Consider-While-Securing-MSPs

Marketing Your Brand In A Cyber-Secure Way

By

On March 24, 2020

In Security

With a rising number of social media users across the globe, social media has become a popular marketing platform among organizations. It allows marketing professionals to reach out to a wide spectrum of customers and customize their campaigns accordingly. Despite an array of benefits offered by social media or digital marketing, businesses need to be very cautious before moving along this path.

Main reason behind the required caution is that social media marketing is susceptible to cyber threats. Lack of thorough consideration and security may lead to damaged brand image, loss of data, alienated customers and financial loss.

Following are some points to consider to market your brand in a cyber-secure way:

Be Cautious Of Who Manages Your Social Accounts: Careless handling of social media accounts can lead to both financial as well as credibility damages. A popular example of social account mishandling is the hacking of the Burger King social media account in 2013. The attackers hacked the twitter account of Burger King and changed its profile picture to McDonald’s logo. You would certainly not want your customers to think of your competitor when viewing your account or advertizement. In addition to harming your reputation, a hacked social media account results in leakage of your customer’s data such as social media username/password. For securing your brand’s accounts, assign a dedicated admin to a social media account, set up a secure password and limit access to intruders.

Careful Posting: Create guidelines for governing social media posting on behalf of your organization. The guidelines should clearly state the kind of content to be shared, the type of wording that can’t be used, and the information that needs to be kept confidential. Also, make sure that any link shared by or to your account is secure. Establish a verification process for every post before uploading it on your social media account.

Manage Vulnerabilities: Make it a point to take care of in-house vulnerabilities. Although social media can act as a gateway for social media hackers, you can stop the hackers if your company has additional security. For managing in-house vulnerabilities, take account of the following steps:

  • Update your firewall and antivirus software regularly.
  • Make sure that your servers are updated and encrypted.
  • Back up your data on an off-shore location or cloud.

Educate your employees on following proper security measures while posting on the company’s social media posts using a mobile device.

To know more about how to keep your applications secure, contact Centex Technologies at (254) 213 – 4740.

Tech Support Scams: Everything You Need To Know

By

On February 29, 2020

In Security

Tech Support Scams is a million-dollar industry that is known to be existing since 2008 and is at its all-time peak. It targets innocent people into spending hundreds of dollars by tricking them with non-existent computer problems. In order to secure yourself from ever-rising Tech Support Scams, it is important to understand what these scams are and how do they operate.

What Are Tech Support Scams?

Tech support scams trick people by making them believe that their computers have encountered a technical problem. The scammers motivate the victims to make a payment in order to get rid of the problem.

How Do Tech Support Scams Operate?

The tech scammers implement a variety of tricks to target the victim. Following are some of the common ways used by the scammers:

  • Cold Calls From Fake Agents: The scammers operate from discrete locations and call random numbers from a phone directory. The scammers use VoIP technology to hide their actual number and location. They pose as technical agents from software companies such as Microsoft, Windows, etc. They take control of the victim’s computer and send fake error reports. Once the victim is convinced, they collect money for mending the error. The best way to secure yourself against these scams is to ignore such fake calls.
  • Toll-Free Numbers From Fraudulent Tech Support Companies: These companies advertize heavily on popular search engines or heavy traffic websites to build trust and attract customers. Once a customer calls these technicians for a minor service such as software activation, these technicians introduce fake pop-ups on the customer’s computer stating that the system is infected. Thus, the customer ends up paying hundreds of dollars for ‘Windows Support’. In order to protect yourself from such scammers, it is imperative to be careful while choosing a technician or tech support company.
  • Screenlockers: This method has gained popularity recently. The scammers spread malware with the purpose of locking the user out of his own system. The malware poses as an installer for legitimate software. Once installed it may either result in a ‘Blue Screen Of Death’ or show a message that you are using an expired software. In the case of BSOD, the screen will show a few numbers for seeking help. If the message indicates an expired software, it will ask for a license key. The message may include a number and some links for popular remote assistance sites/software such as TeamViewer. The scammers ask the user to install the software and share the access id in lieu of gaining access to rectify your computer’s problem. The underlying motive is to sell you overpriced solutions and ‘service contracts’.

What To Do If You Have Given Access To The Scammers?

In case you have already granted remote access to the scammers, follow these steps to reduce the impact of the scam:

  • Revoke the access or restart your system to expire the session and remove the scammers from your system.
  • Run a malware scan as the scammers may have installed malicious software like password stealers in your system.
  • Change all your passwords and update your security protocol.
  • Run a ‘System Restore’ to restore any missing files or software from your system.

For more information on new Tech Support Scams, call Centex Technologies at (254) 213 – 4740.

© Copyright 2022 The Centex IT Guy. Developed by Centex Technologies
Entries (RSS) and Comments (RSS)