The Importance of Identity Management in Your Medical Practice

We are in an era where our cell phones are in our lives sometimes more than other humans. 84% of the American population has a cellphone. An astounding 94% of people aged 18-29 has a cellphone. And over 53% of children will have a phone before they reach 11 years old. Out of all those phones, the average American spends about 5.4 hours on their phone every day. Millennials are slightly above the average, spending about 5.9 hours per day (up to 12) on their phones. Baby boomers are on just below the average, at about 5 hours per day. Why is this important? Let me paint a picture.  

You are sitting at the reception desk, in your office, or on your laptop at home and receive a random email that looks like as if it’s from your boss asking you to check out some resources for the company. No biggie, right? You check the link and it takes you to a webpage that has an error code. Naturally thinking you just ex out of the website and chalk it up to a mistake and a bad URL. You email your boss and ask him if he can resend the website, but you are shocked by his response. “I didn’t send you an email.” Once the confusion settles and days pass, eventually everyone forgets about the email. That is, until about two years later when you come in to work one day and you try and log in like a normal day. However, today your screen looks something like this: 

So how did we get here and what happens next? What happened was a ransomware attack. How it happened was poor identity management, no endpoint protection and a simple case of human error. Whenever we get complacent in our daily lives, we often overlook small changes that may seem insignificant at first but could possibly have massive implications as a result. What happens next is the hackers that deployed the Wannacry attack demanded Bitcoin as ransom. All of the company’s files are locked and no one can access anything on the network other than the picture you see above.  

In this particular instance, Wannacry wasn’t even that sophisticated of an attack. It leveraged outdated operating systems that were made public by Microsoft itself. The attackers then did a very simple change in code in order to make use of the outdated system and spread its ransomware, replicate itself (just as a virus in the human body does) and ultimately encrypts your data across the network and demands ransom in the form of digital currency.  

The Wannacry cyber-attack hit 150 countries and multiple industries across the world, costing businesses an estimated $4 Billion. Again, this was a relatively simple attack. It was not an advanced attack like we see in movies, this was an exploit that was engineered after Microsoft warned companies and the public about loopholes in the operating system. This is how 90% of attacks are engineered. Or reverse engineered. They construct a code based on that loophole and target companies that haven’t updated their systems.  

Whether it was a genuine mistake or pure carelessness – leaving operating systems unmanaged, your devices unprotected, and your employees untrained can lead to catastrophic events in your business. At Steel Patriot Partners, we understand that we are working with real people. You don’t have to be a security expert to enhance your security posture. We have simplified our packages to be an ala carte offering. Businesses can pick between various options in order to choose the exact security posture that fits perfectly with their business model. We can grow with you as you expand or make sure you are protected if you are thriving in the space you are in. We manage your practice’s security so that you can focus on growing your business. Safely and Securely. If you want to talk more about cybersecurity, endpoint protection or any of the other services we offer, please reach out by emailing us at [email protected], calling 703.297.4405, or use our website contact form.