In this age of digitalization, it's essential to guarantee the security of your patient data. That's why we're paying extra attention to information security during Cybersecurity Month in October!
What is Cybersecurity Month?
October is Cybersecurity Awareness Month and an annual reminder for all Dutch people to stay safe online. Cybersecurity Month is about increasing cybersecurity knowledge and encouraging cybersafe behavior.
This initiative began in 2004 in the United States, when the US President and Congress declared October "Cybersecurity Awareness Month." Europe also launched this initiative in 2012, and since then, this month has become internationally known as Cybersecurity Month. During this month, national and international organizations work to raise awareness of information security.
In this blog, we'd like to share with you the measures we're taking to protect our platform and company from malicious actors, and we'll provide you with tips and recommendations to protect our practice and increase knowledge.
How does SpotOnMedics ensure strong information security?
- Two-factor authentication (2FA): Our platform requires two-factor authentication for all users upon login, using a password and a code. Internally, our employees also use 2FA for their accounts whenever possible.
- Regularly change passwords: We regularly change the passwords for our accounts to minimize risks.
- Data safe in the cloud: All (patient) data is not stored on your computer, but is securely encrypted in the cloud.
- Regular security updates: We continuously perform updates to keep the software as secure as possible and to keep hackers out.
- Certification in the latest security standards: We have been certified for years in ISO 27001 and NEN 7510 to ensure that we meet the current requirements for information security.
- Training internal employees: All SpotOnMedics employees regularly participate in e-learning courses and are tested with phishing simulation emails to raise awareness of the most important cybersecurity risks and how to prevent them.
Tips & tricks for practice
There are several practical measures you can take to ensure strong security that protects your practice from cyberattacks. By implementing these measures, you reduce the risk of data breaches, reputational damage, and financial losses.
- Use strong passwords and two-factor authentication (2FA): Create unique, strong passwords of at least 8 characters and change them regularly. If possible, use two-factor authentication to enhance account security.
- Auto Lock: Set laptops/computers to lock after 5 minutes of inactivity and always lock your screen when you walk away or leave.
- Be alert to phishing and don't open suspicious attachments or links: always check the sender and be wary of emails asking for personal or login credentials. Use spam filters and only open files or links from trusted sources.
- Keep software up to date: Ensure all software, including operating systems, browsers, antivirus software, and other applications, is up to date with the latest security patches and updates. Malicious actors often exploit known vulnerabilities in outdated software.
- Enable disk encryption (BitLocker or FileVault): Disk encryption protects data if the device is lost or stolen.
- Work on a secure network: use only secured Wi-Fi (WPA2/3) and keep the firewall enabled.
- Authorization Restrictions: Give employees only the access they need to do their work.
- Incident Response Plan: Develop a plan in the event of an incident.