Let’s face it—your information is probably out there. At a certain point, you’ll recognize when your credentials (most likely) or other personal information is exposed.
The fact of the matter is that cyber breaches and ransomware attacks hit hospitals (among other organizations) more frequently now than one would ever have imagined ten years ago.
So your data is exposed, now what?
With everything that’s been happening in cybersecurity over the past few years and in the wake of many high profile breaches all over the world (including many in our own back yards), it might be time for a shift in how we’re approaching security.
As individuals, we can’t control everything. You probably don’t have the bandwidth to audit every single person, bank, or organization that is at all associated with us to ensure that our personal information is secure. In many cases, we might not be able to even avoid sharing our personal information.
But at the same time, you do have some control of your digital footprint and your own behaviors online. That’s where your actions can make a big difference to limit the risk you or your users could have on your hospital network’s security.
By in large, the US remains an opt-out society—it’s your responsibility to opt out of sharing information online with various services—social media, consumer and industry groups (among others), where criminals and hackers could glean information.
One very common example are the three biggest credit reporting bureaus in the US. As soon as you’re issued a Social Security Number after birth, these bureaus have your number on file.
But you do have some control over your personal identity online.
Opt Out—opting out from unsolicited offers is a great first step to mitigate exposure. In essence, choosing not to be a part of datasets limits your risk of exposure, since it limits the number of organizations holding your information.
Look at your default settings—the same thing goes with apps on your phone, as well as your search history on Google, Bing, or any other search engine, in addition to data collection from online banking. These are definitely services that most of partake in because there’s simply no easy way to not stay connected in one way, shape, or form.
When you sign in or sign up to use services, the default settings often in the US is to share your personal information. At some point, your search history could be used against you. The bottom line—the onus is on you to understand the small print and realize how companies may use or store your information (if they are breached, you or your users might be sharing enough information to make hacking onto your network or email even easier.
It’s up to all of us, in part, to figure out how to opt out of sharing information. And if it’s not possible to opt out, to figure out how much personal information is an acceptable amount to tolerate online.
Your social media accounts?—one of the biggest hitters when it comes to credential and identity stealing is related to social media. It might seem harmless enough to post a phot of you, your family and friends at a party and then tag everyone in the picture.
The problem is that hackers and criminals are scouring social media pages like Facebook, looking for influential people that might be the key to big paydays. Realize that as soon as you join a social media platform, by default your information is made public. In order to take precautions to protect your identity, you will need to go into privacy settings and change what you permit being shared.
Yes, you have the choice to share your personal information, and maybe you’re okay with sharing it. But I want to make sure you understand that you might be sharing more information online and through applications than you might think.
Organizations might be collecting data on your habits, where you travel and what you do routinely—information that if put in the wrong hands could make it relatively easy to impersonate you and make identity theft even easier.
Should you delete all of your apps and social media accounts, abandon your bank card and hoard dollar bills?
Probably not, but the size of your digital footprint is something to be thinking about periodically. There is no doubt that many of the apps you’re using for work or play are invaluable and have made your life better. Understanding your risks to using different online platforms and making sure your digital footprint is secure could be an invaluable way to keep your personal identity secure, as well as your hospital’s network.
Mitigating your exposure boils down to figuring out what’s online and what you do and do not want to be there, along with learning how and when to opt out from sharing personal information.
Cybersecurity experts also suggest that if you are concerned about your or your staff’s identities, to partake in cyber monitoring. One of the easiest ways to get started is by getting a ransomware vulnerability assessment of your hospital’s network, one part of which evaluates your user’s compromised online information.