October is Cyber Awareness Month, and SDMI wants to remind you to stay Cyber Safe. SDMI has an entire team working behind the scenes to protect your digital PHI (personal health information). The Cyber Security and Compliance team works together to secure the SDMI network, vet vendors for HIPAA compliance, and train staff on how to be cyber aware.
This year, we spent the month of October reminding our staff of tips and tricks for staying Cyber Safe in the office and at home.
Below are the top five categories we focused on this year:
1: Social Engineering | Think of this as human manipulation, when someone attempts to fool you into doing something.
Here are a few common types of Social Engineering
- Spear Phishing
- CEO Fraud
- Phone Calls (Vishing)
- SMS Phishing (Smishing)
2: Passwords | A strong password is the key to protecting sensitive information
- Simply put, the more characters you use, the harder it is to crack
- To make long passwords easy to remember, try using a Phrase or Short Sentence
- We know it is hard to remember a different password for each login scenario, but this really is the best way to minimize risk. If you cannot remember all those creative passwords, try using a password manager. Password Managers are a security program that generates, store and retrieve passwords for you.
3: MFA(Multi-Factor Authentication aka Multi-Factor Verification) | One of the easiest and most powerful ways to protect your online accounts
- A second step to logging in. After you provide your password, you will be asked to enter a one-time code, usually sent to you via text message or email
- Most banks, social media platforms, and other frequently accessed websites offer MFA; be sure to set it up whenever you have the chance
4: Mobile Devices | How to keep your mobile phone safe
- Lock your device, set a passcode to be able to access your phone
- Use a remote wiping program to remove all of your information from your phone if it is lost or stolen
- Set up auto-updates to keep everything current
- Review apps before downloading
5: Phishing | The Cyber Attackers #1 choice. Unfortunately, phishing is effective, and therefore, Cyber Attackers use it frequently.
- When in doubt, don’t click
- Vishing is one of the scariest forms of phishing. Cyber attackers use your emotions and family to pressure you into action. This can come in the form of giving up passwords, purchasing gift cards, or transferring money. Consider creating a password or safe word with your loved ones so that if you get a call saying someone is in trouble, you can quickly identify if it is real or a scam.
Here are some clues you can use to help identify a phishing attack:
- Personal Email Address
Always remember legitimate companies you do business with will NEVER ask you to reveal account information, passwords, or other sensitive information.