As we continue to rely more on technology, keeping our information safe is becoming increasingly difficult. With Wi-Fi being the standard form of network communication for most business professionals who are on the go, the need for secure data transmission has become even greater. Public Wi-Fi locations like coffee shops, the airport, and even your home and office are not safe when sending and receiving data. According to idtheftcenter.org[i], in 2015 alone there were over 177 million cases of identity theft reported.
The two most popular ways of someone accessing your data over Wi-Fi are sniffing and rogue access points[ii].) Sniffing is when another user nearby captures the data your computer transmits over Wi-Fi, and then reassembles it to look for passwords or other unencrypted account information. The aptly named rogue access point is where someone will create a Wi-Fi hotspot that appears to be legitimate, like “Free Starbucks Wi-Fi,” or “Airport Public Wi-Fi,” and then waits for users to connect to it. Once the user is attached to the hacker’s hotspot, the users’ data transmission is all captured on the hacker’s machine. The hacker can then use specialized programs to reassemble the packet capture to reveal what the user(s) was looking at and if any sensitive information or passwords were used. One of the most effective solutions is to encrypt the traffic going between your infrastructure and your home computer/laptop, which is why VPNs were developed.
Utilization of RAID 10 in a server provides an increase of disk capabilities while simultaneously providing redundancy and preventing system failure.
RAID is an acronym that stands for Redundant Array of Independent Disks or Redundant Array of Inexpensive Disks, depending on what specialist you ask. The term “independent” is arguably more appropriate, as RAID arrays may sometimes be made with extremely expensive disks.
In layman’s terms, RAID is a method of configuring two or more hard drives to work as a single unit with differing levels of redundancy and allowing better fault tolerance. “A fault-tolerant design enables a system to continue its intended operation, possibly at a reduced level, rather than failing completely, when some part of the system fails.”[i]
One of the fastest and most damaging cyber security threats falls under a category called “ransomware.” Ransomware is malicious code that encrypts all the user’s files and is usually downloaded unknowingly. This type of malware gets its name from what it does when a user tries to open an infected file: it prompts the user to pay a ‘ransom’ within a timeframe to receive a decryption key, which would then allow you to decrypt your files. Even if you choose to pay the ransom, there is no guarantee you will gain access to your data. In this article, we will explain steps you can take to protect and secure your environment.
Ransomware is a real threat to any business that allows user access, as it depends on users to spread it. Different industries also have different risks, with healthcare usually opting to pay the ransom to protect patient data, while the education industry has the highest rate of infection. Other lucrative targets include classified documents, financial documents, and intellectual property. With names like Telecrypt, iRansom, FSociety, and CryptoLuck, the goal of ransomware is all the same for their creators: making money. According to Lavasoft, the CryptoWall 3 ransomware cost users $325 million just in 2015 alone. As ransomware grows and evolves, they become even more costly. At the end of 2016, one of the most harmful ransomware is named “Cerber.” Not only does it lock your files from being accessed, but recent variations have incorporated the stealing of personal information and scripts that cause your machine to target other servers.
Responsible businesses with sensitive data know they need a firewall to control traffic and secure their networks. What seems less well known, however, is the role that complementary technologies play in a comprehensive approach to cybersecurity. An Intrusion Detection System (IDS) enables organizations to take a proactive security stance, which is why Atlantic.Net offers one for its security-conscious customers.
Amid all the headline-grabbing data breaches of the past year, the vulnerability of companies in industries like health care may be overlooked. Data breaches began costing healthcare firms over $5.5 billion annually shortly after HIPAA became law, according to the Ponemon Institute.
Once online criminals have found a profitable target, they tend to return to it with ever more sophisticated attacks. A report recently indicated that over 75 percent of the healthcare industry had been infected with malware in the past year, and noted that a shocking majority of ransomware targets medical treatment centers.
Cliches like the typical hacker being a teenager living in his or her parent’s basement are persistent, and harmful because they misrepresent the situation to the potential victims of hacking. The numbers clearly show that hacking is now predominantly committed by sophisticated criminal organizations. Utilizing an IDS is a proactive approach to meeting that threat.
An Intrusion Detection System, or IDS, is a software application that monitors the network and hosting environment and analyzes activity on it. Any activity which is considered unusual is ranked according to how high risk it is considered based on information from global threat databases.
By: Kris Fieler
As businesses depend more on big data, the need to prevent data loss has never been more important. One of the most vital areas for this loss prevention is where data is temporarily stored, RAM. ECC, or Error-Correcting Code, protects your system from potential crashes and inadvertent changes in data by automatically correcting data errors. This is achieved with the addition of a ninth computer chip on the RAM board, which acts as an error check and correction for the other eight chips. While marginally more expensive than non-ECC RAM, the added protection it provides is critical as applications become more dependent on large amounts of data.
On any server with financial information or critical personal information, especially medical, any data loss or transcription error is unacceptable. Memory errors can cause security vulnerabilities, crashes, transcription errors, lost transactions, and corrupted or lost data.
Following a two-year deceleration of cloud growth, the technology again gathered steam in 2015. With the vast majority of healthcare providers now adopting cloud, it’s become critical to consider risk management for this transition. Here is a five-stage plan to see your organization through.
In 2013 and 2014, there was a slow-down in the previously breathtaking ascent of cloud hosting. However, last year, the industry accelerated again, with 5.4% more organizations adopting the IT method.
Business generally has been moving to cloud, but healthcare companies have been somewhat more hesitant to implement these systems because of concerns with compliance and security. Nonetheless, 5 of 6 healthcare providers (83%) had cloud in place even back in 2014, according to the Health Information and Management Systems Society (HIMSS). Furthermore, Becker’s Healthcare notes in 2016 that “[c]ompared to previous years, providers are more likely to use cloud implementations and leverage mobile and analytics capabilities in the cloud than before.”
Angelina Jolie used genomic sequencing to learn that she was highly likely to eventually develop breast cancer, allowing her to make an informed decision and get a double mastectomy. However, celebrities aren’t the only ones who can benefit from advanced genetic analysis – which is now much more affordable and accessible thanks to projects such as the Collaborative Cancer Cloud.
Angelina Jolie was told by her doctors in 2013 that she had a problematic variant of the BRCA1 gene that put her in an extremely high-risk category for breast cancer. In fact, it meant that her likelihood of developing the disease was a whopping 87%. Understanding how very real the threat of cancer was for her simply because of hereditary factors, Jolie opted to get a preventive double mastectomy – which effectively nullified her chances of getting the illness, dropping her to just 5% susceptibility.
The hack of Anthem, the second largest health insurer in the United States, cast a huge spotlight on the protection of electronic medical records. Announced in February 2015, the breach compromised 78.8 million user accounts, all of which were stored unencrypted.
To put that number into perspective, the largest breach of 2014 (which, like Anthem, is widely believed to be the work of security researchers sponsored by the Chinese government) was that of Community Health Systems in Tennessee, an incident in which “only” 4.5 million patients were affected.
Although experts and consumers are concerned that health data should always be encrypted, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) does not explicitly require encryption. That is the topic of an article by Elizabeth Snell for HealthIT Security: “Should HIPAA Regulations Require Data Encryption?”
Snell argues that while insurers and other healthcare entities do not legally have to encrypt, “this does not mean that facilities can simply ignore this particular security measure because they find it time consuming or costly.” She details how legislators around the United States are working to pass measures so that encryption is no longer optional.
We explored the topic of HIPAA compliance in the first episode of our Google Hangout on Air (HOA) series (see the video above). The HOA featured Internet entrepreneur and development technologist Gabriel C. Murphy, who has cofounded four Internet companies and been a thought leader in the hosting industry since 1997.
Much of the focus on healthcare technology is on its dark side, the potential that the information will be hacked. That’s a reasonable concern, especially given the gigantic exposure of user data at Anthem, which many security experts now believe originated with government-sponsored IT security researchers in China.
Well, here’s the light side: healthcare technology is saving lives – as demonstrated by a recent Information Age article by Bryan Lewis of the Virginia Bioinformatics Institute (VBI): “How Big Data is Beating Ebola”. VBI is a firm that specializes in computational epidemiology, which essentially means that they study data related to epidemics to better control the spread of disease and determine the degree of success achieved by public health efforts.
In order to properly understand how the disease might spread, VBI designed a virtual model containing populations that were each assigned adjustable characteristics. The virtual geographic environment was fed information including race, sex, age, typical family arrangements, travel between different areas, and gatherings – essentially a predictive analytic model on a worldwide scale.
The synthetic data “was created in such a way that it mirrored actual census, social, transit and telecommunications data patterns from the targeted population,” explained Lewis.
The resultant sophisticated system allowed VBI to help improve the response to the disease and minimize its death toll, which exceeded 9000 as of January 2015.
While the Anthem hack reminds us that technology with patient data must be incredibly secure, the positive impact of computing on healthcare is truly remarkable. We must build systems that improve the effectiveness of healthcare while never forgetting the security concerns when handling protected health information (PHI).
The second episode of our Google Hangout on Air (HOA) series (see the above video), featured Gene Geiger, one of the founding partners of security and compliance firm A-lign. We spoke with Geiger about the general security climate and compliance with the Healthcare insurance Portability and Accountability Act of 1996 (HIPAA). Atlantic.Net offers a full lineup of SSD Cloud Servers that fully support our full line of HIPPA Compliant Servers.
© 2017 Atlantic.Net, All Rights Reserved.