By Patrick Jacobwith, Sunset Dental
Guest Writer for Sally McKenzie
Hackers have become more sophisticated, and technology has advanced resulting in an increased level of vulnerability to your network.
- Did you know more than 400,000 new viruses were written in 2015?
- Did you know there is a daily “black market price” for personal information?
- Did you know that healthcare companies are a target of hackers due to the wide scope of information stored for each person?
- A successful hack can result in a data breach that is costly, may add HIPAA compliance issues and could result in a loss of business?
What can you do in the face of this new and growing threat? Outlined below is a recent customer case study involving an infection.
At approximately 3:15am a clinic’s system was infected with a ransomware virus. This particular infection not only encrypted files on the server, but also spread to every computer on their network. The hackers hold the data “ransom” and for a fee from the clinic. To obtain the decryption key from the hackers, the clinic must pay the ransom.
In less than one hour the virus infected all 16 workstations plus the server. Once the files are infected they are encrypted and unusable by the clinic staff. By 9am, a plan was created with a goal to have the office fully functioning by the next morning.
- First response team
- Command Center
- Team lead
The team now set in motion a path to allow the clinic to see its business information as soon as possible. In simplified terms the server and the workstations required immediate attention. The clinic kept paper records during the day.
- A loaner server deployed that had VMware ESXi installed.
- It was essential to get new/replacement equipment on-site and in use.
- Engineering restored a backup file to a virtual machine on the ESXi.
- The new/replacement equipment was populated with a recent back up file to allow the clinic to see its schedule and continue operations.
- As the backup exported to a virtual machine format, the server then started up in its virtual format seamlessly.
A conventional process would take several days; this process allowed the team to get the server up and running within 5 hours.
The team re-imaged all of the computers. To expedite the imaging process, a pre-configured image was deployed on an imaging server. This allowed the team to reimage all 16 workstations in approximately 30-35 minutes each. The conventional process would have taken at least two to five hours per computer.
Once the server was up, the team connected the computers to the domain and moved forward with installing and configuring software. Prior to leaving the site at 5pm, all computers were able to access the practice management software and peripherals. In the evening, the team spent several hours configuring the software to get the workstations as close to their original state, prior to the infection, as possible.
The team spent the following morning at the clinic working with the staff to address any questions and make any changes necessary. The clinic staff entered the previous day’s appointments in to the practice management software.
|Item||Case study time to respond/recover||“Market” time to respond/recover|
|Phone call||Immediate||One day|
|Diagnosis||Less than 1 hour||Up to one week|
|Server repaired and back online||5 hours||Up to one week|
|16 Workstations repaired and back online||8-9 hours||Up to one week|
|Resources||Pre-defined team||Support Techs|
|Media||Message to customers to prevent a disaster from spreading||Unknown|
Daily average production for this clinic $15,000
Saved days (Case Study vs Conventional) 7 Days
Ransom Fees Avoided $5,000
Estimated Dollar Savings $110,000
- the clinic continued to see patients even during the virus containment
- a possible HIPAA breach was averted
- the staff only needed to re-enter one day of patient activity
Unfortunately, as hackers become more sophisticated, these situations will increase. Below are a few key suggestions to minimize your risk:
- Monitor the health of your network
- Continuously monitor and manage your server and workstations
- Schedule reviews to discuss changes in technology and security
- Implement a disaster recovery plan
- Obtain adequate insurance coverage
Most importantly, please work with a professional IT company. The Dental Integrators Association is an organization dedicated to educating IT professionals. To be sure you have cutting edge knowledge on your side you can find a professional at the Dental Integrators Association website.
Patrick Jacobwith is the CEO of Sunset Dental Technologies a multi-state organization based in Minnesota. Patrick is also the President of the Dental Integrators Association. He believes in excellent service and building healthy and productive relationships. Patrick’s core values are built on three words: Service, Humility and Love.
Patrick can be reached at firstname.lastname@example.org