The easiest way to avoid being the victim of a computer virus or malware that can steal or hold hostage your valuable information is to not make yourself vulnerable in the first place.
Just like home security, thieves will look for the unlocked door or the house without a security system. There are too many easy targets to mess with one that is protected.
Malicious Software and HIPAA Compliance
The Security Rule requires covered entities and business associates to take steps to protect HIPAA regulated systems from malicious software like viruses, malware, and ransomware. While the regulation is not specific, IT and business best practices would list, as minimum steps, that operating systems remain up to date (ideally with weekly patches) and appropriate malware protection software (including anti-virus and anti-spam) are in place for all systems and tools, as well as that scans and updates are run daily.
Out of Date Protection is No Protection
The makers of Anti-virus and Anti-Malware protection tools like McAfee, Kaspersky, Symantec, and others watch and constantly analyze new trends, tactics, and tools used by hackers. When a new variation of dangerous malware is discovered, these companies work to update their tools to monitor for and prevent infections. When you see your tools’ alerts pop up, this is to let you know an updated version is available. It is critical that you keep protection software updated to avoid new threats. Hackers rely on users who are slow to update to make the most of their new tactic or new variation of malware before systems are updated and able to stop it.
Anti-malware, Anti-ransomware Protection at the Office
If your company computer is managed on a networked system by an internal IT team, they will manage the software scans, watch for available updates, and will usually push the new version’s install during off-hours. If you do see a tool that needs to be allowed to update and restart your computer, allow the update right away. Saving your work and allowing the update on the spot is better than postponing updates and risking infection.
If you see a notice on your company computer that tells you software is out of date and requires your action to install or download to update, contact your IT team before you proceed. If you are not familiar with the tools currently in use by your company and if you are not tasked with installing updated software, do not allow anything to download without first confirming that it is legitimate and necessary.
Anti-virus, Anti-spam Protection at Home
Your personal computer must stay up to date as well – especially if you use it to connect to work systems or email. Individual protection tools may alert you to updates and invite you to subscribe to a higher level of protection. If you believe you have sufficient protection, simply allow the new updates to install.
If you are unfamiliar with the software that pops up, be aware that you could be downloading malicious or dangerous software masquerading as an important new version. Always verify the authenticity and source of a link before you proceed. One option would be to go directly to the tool’s website yourself – type in the URL (even if you have to Google it), do not copy and paste or click an emailed or pop up link. You can download updates from the website if what you are seeing is a tool you use or need. If you have responded to an alert that does not look legitimate or familiar, you may have been the target of a malware attempt. This, in itself, would be an indication that your anti-virus and anti-malware software should be updated.
Beware of Ransomware
When hackers enter your system, they can choose to hold your system or data ransom until a sum of money is paid. With the threat increasing across the globe, it is important to understand that anyone with data stored on their network is at risk. Be sure to follow the tips outlined in this article to keep your systems safe from attack and ensure your company’s compliance with HIPAA.