It is common for those using PCs, smartphones and tablets to think “It won’t happen to me”. It is vital to remember that when dealing with data, especially sensitive data, you become a higher value target to hackers and malicious organisations who will attempt to obtain this sensitive information without consent. It is everyone’s responsibility to take cyber security seriously. You should always hope for the best, but plan for the worst - don’t make the mistake of assuming you are not a target or that you don’t need to be always vigilant.
We asked our IT specialists to put together some tips and share some good practice principles to help keep your data and confidential information protected:
Check your software is supported and patched up to date
Always ensure that all software you use is kept up to date. This ensures that any security patches are applied as soon as possible after the vendor has made them publicly available. This is not only the software provided by Cegedim, but your browser and operating system are key to ensuring you remain safe. Old internet browsers for instance may support outdated and weaker encryption technology. For instance - earlier this year Microsoft withdrew support for the Windows 7 operating system and any versions of Internet Explorer 10 and older will also be unsupported.
If your PC or device requests a reboot to finish some update process, you should always endeavour to do this as soon as possible. The update may be addressing an identified security flaw.
The latest software and patches will also ensure you benefit from the best user experience in terms of security, compatibility and speed. Check your operating system and browsers are up to date now!
Beware of suspicious emails, they are a very common way for criminals to trigger an attempt to gain access to your systems and data. One of the common methods is to trick users into visiting a website and downloading some malicious software or installing an email attachment.
Avoid clicking links in emails from people you don’t know.
Avoid downloading attachments from anyone or service you do not know or were not expecting.
Most email scams (or Phishing) look official, if you are ever in doubt verify the email is genuine by contacting the person who sent it you.
Don’t reply to the scam email or use any phone numbers contained within it, search for the company on the internet and find the phone number or email address yourself where possible.
If you have never heard of the company the email is from do some research first and ask, why are they contacting me?
Mobile Phones and Tablets
If you have a phone or tablet it is always good practice to follow the below points, especially if you use online banking or access any confidential or personal data.
Lock It! Use a pin, password, fingerprint lock or other technology like face recognition to secure it.
Check for updates, phone providers often release updates to patch security flaws and you will be notified when these are ready to be installed
Keep smartphone and tablet applications up to date. Turn on automatic updating.
Don’t click on links in emails or texts unless you are 100% sure they are legitimate.
Managing the passwords for all of your software, websites and NHS logins can be challenging and tempt you into taking security shortcuts. Examples like using the same password everywhere or more commonly just using a different number every time your password expires is a vulnerability that can easily be exploited.
Never use the same password for all logins
Mix up your passwords between uPPer and loWer case
Replace letters with numb3rs or Symbo!s
Don’t write them down in a book or save them electronically in a file
Change them regularly where this is not enforced automatically
Setup 2 factor authentication where possible. For example by entering a one time password sent via text message.
Sign out of unattended devices
Shutting for lunch or leaving for the day? You should ensure you log out of everything and take your smartcard with you. If a service you use allows you to set your own “idle” timeout, set this to the shortest duration that will not interrupt your normal workflow.
Backup your data
You may be used to backing up patient data regularly, but other data on your PC will not be automatically backed up. If you store spreadsheets, reports, documents, photos etc. you should consider backing them up regularly too. Although avoid backing up personal data, if you have to backup personal data you should keep that data secure by following your businesses GDPR practices.
Cegedim can support you in remaining secure, if you have any questions on your software then please contact us.