Basic email security protocols can help health systems defend against data breaches.
We rely on email for the majority of our business communication, including in healthcare. Worldwide, approximately 200 billion emails are sent each day. But the surge in popularity of email has brought about a new form of data security threat. Professionals are increasingly becoming targets of cyberattacks, and email is the preferred entry point.
>> READ: To Fight Phishing, Let’s Look at Fatigue
In hospitals and other provider organizations, email attacks have resulted in data breach after data breach. And these cyberattacks have wrought devastating consequences for healthcare organizations, who suffered monetary penalties and reputational harm.
However, there’s no need to lose sleep over email security. There are steps that healthcare organizations and their employees can take to ward off hackers and those looking to steal data by illegally accessing emails. Here are five quick tips to boost email security, for you or an entire health system staff.
Guessing usernames and passwords is one of the most common ways hackers use to access email accounts, believe it or not, be it manually or in a brute-force attack. Creating a strong password, especially with a password generator, greatly reduces the possibility of hackers accessing an email account. Ideally, passwords should be long and unique — in the sense that nobody in the service uses the same password as you.
A strong password should consist of uppercase and lowercase letters with numbers and special characters. Placement is also key. Sandwich special characters in the middle instead of placing them at the very end. Do the opposite of what seems predictable — common sense goes a long way when it comes to passwords.
Healthcare employees should also consider using two-factor authentication to boost their email security. Two-factor authentication sends a secondary password to a user’s phone when logging in to their email account. The secondary password expires in a few minutes and can only be used one time. Even with the password in hand, hackers will not be able to access an email account if the owner has enabled two-factor authentication.
In today’s cybersecurity landscape, it’s imperative to be proactive when it comes to data security. For instance, users should encrypt emails with a reliable encryption service such as Pretty Good Privacy (PGP) to protect them from being intercepted or being read by other parties other than the intended recipients. Using PGP to protect emails means that account holders no longer have to rely on a bunch of random servers for email security. While it’s still possible for hackers to breach email security even with encryption, the chance of a successful attack greatly reduces.
Transport Layer Security, or TLS, encrypts the connection between a device and the website that it is connected to, as well as the connection between email servers. Activating TLS encrypts emails between a computer and email server, making it very difficult for hackers to intercept communications. Ensure that emails are sent over an encrypted channel when using external email clients such as Outlook or Apple Mail.
Advertisers and newsletter providers often use images to track the reach and effectiveness of their efforts. The images come embedded with tracking code, and when the recipient opens the message containing the image, their identity is revealed to the mailing administrator. Sometimes, the images also contain links that lead to sites that contain malware. You can disable the tracking code by changing the settings in your email provider to prevent external images from loading by default. If you don’t recognize a link or are not sure why it was sent to you, don’t open it.
Did you know that nine out of ten malware and viruses on our computers are delivered via email attachments? Well, now you do. Be extra careful when opening attachments in your email inbox. If you receive an email attachment from an unknown sender, don’t open it. If you have to, don’t open without thoroughly scanning it first. Hackers often disguise themselves as popular companies to trick you to open attachments and download malicious software to your computer. The most commonly infected formats are PDF, XLS, and doc.
Healthcare has more to lose than any other industry when it comes to email security. Ensuring that you and your health system employees understand — and use — these basic protocols can save the organization from great pain down the line.
Get the best insights in healthcare analytics directly to your inbox.
Related
If You Can’t Beat the Hackers, Join Them
Phishing Emails Play on Our Fear of Failure
Inexpensive Actions Against Expensive Data Breaches
Cybersecurity panel: Hospitals threatened by attacks aimed at vendors
November 4th 2024Chief Healthcare Executive presents another installment from our conversation on cybersecurity, with experts from the American Hospital Association, HIMSS and Providence. They talk about breaches tied to business partners.
Cybersecurity panel: The scope of recent ransomware attacks in healthcare
October 28th 2024Chief Healthcare Executive hosted a discussion on cybersecurity with leading experts from the American Hospital Association, HIMSS and the Providence health system. They talked about the growing problem of cyberattacks.