It's honestly hard to over-estimate just how big a problem cybercrime has become for businesses today. The wealth of company data online creates a tempting target for criminals, and plenty of them are taking advantage of it.
In fact, according to a recent study, a single cyber-attack ended up costing, on average, more than a million dollars to resolve. The most costly case studied topped $58m before everything was said and done.
Those aren't losses any business can afford today, especially in the healthcare industry. After all, regulations on healthcare providers and their data-handling are among the strictest in the world, as medical records are afforded the same protections -or greater- as legal or financial data.
A single data breach could cost a hospital or doctor's office millions in government fees and penalties alone, not counting whatever direct damages are done.
It's absolutely vital your doctor's office is doing everything possible to protect your data over WiFi.
Four Must-Dos When Securing WiFi for Doctor's Offices
1 - Physically secure all equipment.
More than in most businesses, a health care facility must keep its network equipment under lock and key. Your servers should be in a dedicated, locked room with access restricted solely on a need-to-use basis. No one besides qualified IT personnel should enter your server room, not even other employees.
Likewise, all your access points need to be out of reach. Generally, placing them high on the walls or within ceiling dropspace will be good enough. If necessary, they could also be secured in small locked cages, like thermostats often are.
2 - Establish a guest network.
Virtually any business-grade network software makes it easy to set up a guest network that runs "beside" your main business network. These guest networks generally are given access to the outside Internet (filtered by your firewall, of course) but have no ability to access anything on your business network.
These keep everyday members of the public off of your work network, as well as giving employees an option when using "unsafe" applications you don't allow on the work network. For example, you might require workers to use the guest network if they want to use social networking apps.
3 - Hide your SSIDs.
The SSID is simply the visible name for your network, as it shows up on lists of connections. Many people don't realize that these names do NOT have to be broadcast. An access point hosting a hidden SSID can still receive incoming connections, but only from users who already know the exact network name to ask for.
In other words, your network name can be nearly as private and secure as your passwords.
This is one of the most secure moves you can make, because it means no one outside your health care facility even knows what your business network is named. That makes intrusion almost impossible, without inside assistance.
4 - Strictly enforce NPI policies.
A multi-million dollar security system can be defeated by a single Post-It note.
One of the biggest enablers of data intrusions and cybercrime is simple unintentional negligence. A patient record sheet left out in the open, or a password written down under the keyboard, is often all a malicious visitor would need to cause real problems.
When you install WiFi in your office, it should be accompanied re-training on how to handle Non-Public Information. Even if your workers grumble, this is an absolutely vital area of security. If possible, we suggest annual refresher courses specifically to ensure your NPI policies are being followed.
WiFi Should Bring Opportunities, Not Burdens
We won't lie: there are bigger security issues in implementing health care WiFi than in most businesses, but that shouldn't be a deterrent. With strong security policies and a well-trained workforce, WiFi can bring big benefits to your office.
Got questions? We've got answers. Contact Hummingbird for any help you need establishing your new doctors office WiFi network!
