Did you know that your data can be compromised?

ransomware

By Patrick Jacobwith, Sunset Dental

President, DIA

Guest Writer for Sally McKenzie

 

 

Hackers have become more sophisticated, and technology has advanced resulting in an increased level of vulnerability to your network.

  • Did you know more than 400,000 new viruses were written in 2015?
  • Did you know there is a daily “black market price” for personal information?
  • Did you know that healthcare companies are a target of hackers due to the wide scope of information stored for each person?
  • A successful hack can result in a data breach that is costly, may add HIPAA compliance issues and could result in a loss of business?

 

 What can you do in the face of this new and growing threat? Outlined below is a recent customer case study involving an infection.

 

Case Study

At approximately 3:15am a clinic’s system was infected with a ransomware virus. This particular infection not only encrypted files on the server, but also spread to every computer on their network. The hackers hold the data “ransom” and for a fee from the clinic. To obtain the decryption key from the hackers, the clinic must pay the ransom.

In less than one hour the virus infected all 16 workstations plus the server. Once the files are infected they are encrypted and unusable by the clinic staff. By 9am, a plan was created with a goal to have the office fully functioning by the next morning.

Resources/Team (IT)

  • First response team
  • Engineering
  • Command Center
  • Team lead

 

The team now set in motion a path to allow the clinic to see its business information as soon as possible. In simplified terms the server and the workstations required immediate attention. The clinic kept paper records during the day.

Server

  • A loaner server deployed that had VMware ESXi installed.
  • It was essential to get new/replacement equipment on-site and in use.
  • Engineering restored a backup file to a virtual machine on the ESXi.
  • The new/replacement equipment was populated with a recent back up file to allow the clinic to see its schedule and continue operations.
  • As the backup exported to a virtual machine format, the server then started up in its virtual format seamlessly.

 

A conventional process would take several days; this process allowed the team to get the server up and running within 5 hours.

 

Workstations

The team re-imaged all of the computers. To expedite the imaging process, a pre-configured image was deployed on an imaging server. This allowed the team to reimage all 16 workstations in approximately 30-35 minutes each. The conventional process would have taken at least two to five hours per computer.

Once the server was up, the team connected the computers to the domain and moved forward with installing and configuring software. Prior to leaving the site at 5pm, all computers were able to access the practice management software and peripherals. In the evening, the team spent several hours configuring the software to get the workstations as close to their original state, prior to the infection, as possible.

The team spent the following morning at the clinic working with the staff to address any questions and make any changes necessary. The clinic staff entered the previous day’s appointments in to the practice management software.

 

Recovery Timeline

Item Case study time to respond/recover “Market” time to respond/recover
Phone call Immediate One day
Diagnosis Less than 1 hour Up to one week
Server repaired and back online 5 hours Up to one week
16 Workstations repaired and back online 8-9 hours Up to one week
Resources Pre-defined team Support Techs
Media Message to customers to prevent a disaster from spreading Unknown

 

Impact Assessment

Daily average production for this clinic                             $15,000

Saved days (Case Study vs Conventional)                           7 Days

Ransom Fees Avoided                                                            $5,000

Estimated Dollar Savings                                                     $110,000           

In addition:

  • the clinic continued to see patients even during the virus containment
  • a possible HIPAA breach was averted
  • the staff only needed to re-enter one day of patient activity

Unfortunately, as hackers become more sophisticated, these situations will increase. Below are a few key suggestions to minimize your risk:

  • Monitor the health of your network
  • Continuously monitor and manage your server and workstations
  • Schedule reviews to discuss changes in technology and security
  • Implement a disaster recovery plan
  • Obtain adequate insurance coverage

 

Most importantly, please work with a professional IT company. The Dental Integrators Association is an organization dedicated to educating IT professionals. To be sure you have cutting edge knowledge on your side you can find a professional at the Dental Integrators Association website.

 

sunset-p-jacobwithPatrick Jacobwith is the CEO of Sunset Dental Technologies a multi-state organization based in Minnesota.  Patrick is also the President of the Dental Integrators Association.  He believes in excellent service and building healthy and productive relationships.  Patrick’s core values are built on three words: Service, Humility and Love.

Patrick can be reached at patrick@sunsetdt.com

 

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published.