Top tips for cyber security

Did you log in to your device today with ‘charlie’?  Perhaps you’ve taken things up a notch and tapped in ‘1qaz2wsx3edc’?
 
If so, I have bad news for you. Research by NordPass suggests both of these passwords are some of the most commonly used across the world. So easy to guess, in fact, that hackers would be able to crack them in less than a second.
 
General practices and other healthcare businesses are a prime target for malicious actors as they are considered a rich source of data. The health service industry recently claimed the ignominious honour of reporting the highest number of data breaches of all sectors, according to a report by the Office of the Australian Information Commissioner.
 
October is Cyber Security Awareness Month, with this year’s theme of ‘Building our cyber safe culture’ a good reminder that everyone at your practice has a role to play in securing our systems and data.
 
Here are my top tips for your consideration this Cyber Security Awareness Month.
 
Look for clues that something is ‘phishy’
Phishing attacks use fake websites or deceptive messages that are designed to look like organisations and people you trust. Take a second to check the email address or URL to make sure it’s legit. Look for typos that might indicate you’re not dealing with the real deal.
 
Refer to a specialist
Engage an IT or cyber security specialist to assess the systems at your practice and provide guidance on the specific protections you need. They can advise you about how to create a system for backing up your data and help you recover it in the event of a cyber attack.
 
Get rid of that old password
Passwords belong to the days of dial-up internet. Use a passphrase: four or more random words with some other characters in the mix too. Avoid names, birthdates or addresses, and never use the same passphrase over different accounts.
 
MFA for piece of mind
Multi-factor authentication (MFA) provides an added layer of security for your systems. When MFA is enabled on a program or device, two methods of user verification are required for access.
 
If you’d like more ideas for keeping data safe and dealing with the aftermath of a data breach, the RACGP has recently released Cyber security in general practice. This resource, developed in conjunction with the Australian Digital Health Agency, contains a wealth of useful information on preventing, planning for, and recovering from a cyber security incident. It’s not just for practice owners and managers – there’s plenty for tenant GPs and other practice staff to consider in there as well.
 
This Cyber Awareness Month, let’s all step up to create the culture we need to keep our data safe. It’s time to ditch 123456 and Qwerty123.
 
Log in below to join the conversation.

cyber awareness cyber security Cyber Security Awareness Month passwords patient data