Blog
← Back to Blog
December 25, 2016 dental

The Gift of Good Security: Our Holiday Wish List for Your Practice

Holiday decorations with warm lighting

Merry Christmas from everyone at Robell Technologies. While you're unwrapping presents and enjoying time with family, we thought we'd share our wish list. Not for us. For your practice.

These are the security "gifts" we wish every dental, medical, legal, and financial practice would give themselves heading into 2017. Some are free. Some cost a little. All of them are worth more than whatever's under the tree.

A Password Manager for the Whole Practice

Cost: $3-8 per user per month
Why: After the LinkedIn breach, the Yahoo breaches, and everything else this year, password management should be non-negotiable. A business password manager eliminates shared passwords, enforces complexity requirements, and makes unique passwords painless. It's the single best security investment per dollar you can make.

A Tested Backup Restore

Cost: Free (just time)
Why: You probably have a backup system. But when was the last time you actually restored from it? A backup you've never tested is a backup you can't trust. Give yourself the gift of knowing your backup actually works. Test a restore this week.

Two-Factor Authentication on Everything

Cost: Free
Why: We've written about this multiple times this year. It takes 10 minutes per account. It blocks the vast majority of credential-based attacks. If you still haven't done it, this is your sign.

Cyber Liability Insurance

Cost: $500-2,000 per year for most small practices
Why: After the year we've had, every practice that handles sensitive data should carry cyber liability coverage. It covers breach notification costs, legal fees, regulatory fines, and business interruption. It's not expensive, and you'll be glad you have it.

An Updated Incident Response Plan

Cost: Free (just time)
Why: If ransomware hits your practice on January 3rd, do you know what to do? Who to call? What the first step is? Write it down. One page. Put it somewhere everyone can find it. That plan could save your practice.

A Security Awareness Program

Cost: $10-25 per user per month for a platform, or free if you do it yourself
Why: Your team is your first line of defense and your biggest vulnerability. Regular, short security training, even 10 minutes a month, dramatically reduces the risk of someone clicking a phishing link or falling for a social engineering attack.

A Current Firewall

Cost: $300-1,500 depending on your needs
Why: If your firewall is more than 5 years old, it's time. Modern firewalls include intrusion prevention, content filtering, and threat intelligence that older hardware simply can't provide. After the Shadow Brokers leak, this matters more than ever.

A HIPAA Risk Assessment

Cost: $500-3,000 depending on practice size
Why: If you haven't done one (or if your last one was more than two years ago), this should be at the top of your list. It's required by law, it's the foundation of your compliance program, and it identifies the specific risks that matter most for your practice.

Heading into 2017

2016 was a wake-up call for cybersecurity. The breaches got bigger, the ransomware got more aggressive, and the attacks got more sophisticated. But the defenses are available, affordable, and effective, if you actually implement them.

Give your practice the gift of good security this holiday season. You'll start 2017 in a much better place.

Merry Christmas from our team to yours. Stay safe.