Disaster Recovery Services and Support
Fact Sheet
Healthcare data is under attack. Large-scale breaches impacting 500-plus records have doubled in the past five years, with no signs of slowing down. In the wake of recent cyberattacks and resulting disruptions across healthcare, IT leaders are prioritizing data security and disaster recovery efforts. We recommend taking a proactive stance to data security and disaster recovery with these 10 tips. (For help mitigating the impacts of a cyberattack that’s already occurred, see this recent post.)
With cyberattacks occurring more frequently, data security requires ongoing vigilance. Protect against vulnerabilities by keeping all software and systems current and integrating disaster recovery protocols.
Cybersecurity training is not a one-time effort. Enhance your team’s ability to recognize and thwart cyber threats with regular cybersecurity and disaster recovery training.
Secure your systems with robust password policies to encourage high entropy, a measure of password strength, and implement multi-factor authentication. Rather than requiring symbols, numbers, and a mix of lower- and uppercase letters, encourage longer pass phrases that are easier for users to remember but far more complex to break.
Guard sensitive patient and organizational information by encrypting data at rest and in transit. Also ensure that your encryption standards are current. Many previously secure encryption standards are now depreciated due to being easily cracked with readily available modern computing power.
Preserve critical data integrity with routine backups and test restoration processes for assured quick recovery in any event. Consider leveraging cloud solutions for your disaster recovery environment or creating a read-only copy of your data to maintain operations during an outage.
Restrict data access to essential personnel only based on role requirements. Consider adopting a zero trust and least privileged access model. For IT teams, implement a Privileged Access Management tool to better protect administrative accounts.
Be very disciplined with access to your infrastructure. Well in advance of go-live, tighten up access to the servers and clean up that environment.
Chad Skidmore, VP of Technical Services, Tegria
Detecting potential cyber threats early can help prevent attacks and data loss, but increasing encrypted traffic can make inspecting network traffic more difficult. Leverage tools that employ machine learning or artificial intelligence to identify baseline network activity and highlight anomalies that require further investigation.
React swiftly to cybersecurity incidents with a clear, actionable plan for rapid response and recovery. Periodically test and practice your incident response plan, and protect it by keeping a hard copy in a safe place. Your plan should include information regarding cyber insurance and remediation teams.
Protect network access points with VPNs and regular audits, especially for remote access scenarios. Ensure that VPN access is removed when temporary employees complete a project or permanent staff leave the organization.
Strengthen your security posture and disaster recovery readiness by partnering with experts for regular assessments and improvements. Consult with experts in IT security, including vendors, government agencies, and industry groups and associations.
We have a regular call with Tegria about hardware updates, and the firm proactively addresses things that some of our IT administrators and application managers aren't aware of. Tegria is proactive, and if things come up, they tell us.
Director, November 2022, Technical Services, KLASresearch.com
Don’t become another healthcare data security statistic. Tegria provides comprehensive solutions for disaster recovery and data security with market-leading application hosting to shield your operations from cyber threats and ensure continuity of care.
Speak With an Expert