Call us: 6460 6460
hello@enabletech.com.au
Enable ITEnable ITEnable ITEnable IT
  • Home
  • Services
  • Cloud
  • Why Enable
  • Blog
  • Contact Us

Medical Centre Hacked

    Home enableblog Medical Centre Hacked
    NextPrevious

    Medical Centre Hacked

    By Kim | enableblog, Problems and Pain, Risk and Ruin | Comments are Closed | 11 December, 2015 | 0

    OK, we have all read about the well publicised hacking of a Medical Centre in Queensland.  Most businesses are now asking how can they take better precautions to avoid becoming victims themselves.  Having a reasonably secure network is not difficult, however don’t expect a magic bullet because there isn’t one.  Read on and see if you are at risk.

    http://www.abc.net.au/news/2012-12-10/hackers-target-gold-coast-medical-centre/4418676

    1) Don’t ever rely on anti-virus software.  It plays a role but it is not fail safe.  It needs to be centrally managed and monitored.   Remember your network is only as strong as your weakest link.

    2) Consider installing a Unified Threat Management (UTM) device.  These do many things to greatly improve security.   They scan web traffic in and out, and provide an additional layer of email inspection.  They look inside the data packets whereas most firewalls simply look at the data packets.

    3) Have your email washed offsite before it is delivered to your email server.

    4) Make sure your servers and PC’s are fully patched and are fairly recent versions.   It is almost impossible to secure Windows Server 2000 and 2003.  Most hackers exploit bugs in server operating systems to take control of them.

    5) Ensure that you have password complexity across your organisation.  Having password as a password is not a password 🙂

    6) Have a password changing regime.  Yes it can be a pain to be prompted every ninety days to change your password but it is a key ingredient in having a secure network.

    7) Have at least 3 layers of backup.  First is at the file system level so that corrupted files can be recovered without relying on your main backup systems.  Second is local imaging of all of your servers to a secured NAS device.   Don’t stick a HDD into the USB port and leave it there for weeks.  Third is to replicate your backups to an offsite data store.  Preferably one that has the capacity to run your entire network up as Virtual Servers in the cloud should the need arise.

    8) Consider hosting your email off-premise.  This means that you will not have ports 25, 80 and 443 exposed on a server that can be used as a stepping stone to others.

    9) Don’t allow your support company to expose server ports 3389 to the outside world.  This is what some companies do to remotely support servers.   If they have advanced management tools then there is no need to do this.

    10) Make sure all of your staff are educated in email scams.  Don’t click on the email attachment that says “here are your tickets”.

    These are just a few practical “Best Practices” which are listed in our Proactive Maintenance Schedule.  There are about 150 items in our schedule, simply because nothing can be taken for granted when it comes to security.  We know this from experience, however, it never ceases to amaze me how some people simply rely on their anti-virus software and a cheap HDD for their backups.

    Reading between the lines the medical centre was hacked because it had a poor understanding of its IT and didn’t place enough value in maintaining and protecting it properly.

    A secure network starts with the right attitude.

    Hacked, Hacking, security

    Kim

    More posts by Kim

    Related Post

    • 10 important steps to protect your business against Cryptolocker scams

      By Kim | Comments are Closed

      The number one IT threat facing business today is Cryptolocker (randsomware). The reason why it is so dangerous is it will encrypt all files that a user has access to. Imagine the impact on yourRead more

    NextPrevious

    Recent Posts

    • How to identify a scam email.
    • Running lean: the smart way to grow your small business while minimising IT costs
    • Medical Centre Hacked
    • How effective is your Antivirus?
    • 10 important steps to protect your business against Cryptolocker scams

    Categories

    • Cloud Corner
    • enableblog
    • Managed Services
    • New Tech
    • Problems and Pain
    • Risk and Ruin
    • Video

    About Enable IT

    Enable Technology Pty Ltd commenced operations in 2001. We have come a long way from our single room setup. Our growth has been steady and deliberate, with some strategic acquisitions along the way. We like to think that the staff and customers from Hardware House, ZoomIT and TSA have benefited from the Enable Way.

    Recent Posts

    • How to identify a scam email.

      We are surprised how often people are tricked into clicking on bad

      31 August, 2017
    • Running lean: the smart way to grow your small business while minimising IT costs

      So, you have successfully nurtured your new business through the crawling stage.

      12 September, 2016

    Contact us

    Head Office
    224 Stirling St, Perth WA 6000

    Phone Number
    +08 6460 6460

    Email Address
    info (@) enabletech.com.au

    Copyright 2020 Enable IT Services | All Rights Reserved | Site by Start Digital
    • Blog
    • Cloud
    • Contact Enable IT
    • Home
    • Lean Starter IT Pack
    • Services
    • Video
    • Why Enable
    Enable IT