Posts

pokemon go security

Pokemon Go: Global Craze or Huge Security Risk

If you see people, adults and kids alike, walking around town with their eyes locked on their phones – chances are, they’re playing Pokemon Go. The game, which was released on July 6, has been a massive success. It’s been downloaded millions of times, already overtaking the dating app Tinder, and set to shortly overtake the social network Twitter.

Using augmented reality technology, Pokemon Go fuses the real world and digital world together, allowing you to see and catch virtual Pokemon alongside real-world objects right from your phone screen. For instance, a Doduo could be peeking out from a tree just outside your house.

However, due to the app’s immense popularity, users have experienced problems such as crashing servers, freezes, and delays. On top of that, security issues have been raised. According to Adam Reeve, the principal architect at the cybersecurity analytics firm RedOwl, when users sign into Pokemon Go using their Google account (instead of registering for an account), they risk granting the game access to their entire Google account – allowing the app to see and modify nearly all the information in your account.

In response to the security issues, Niantic Labs, the company that developed the game for Nintendo, said the app’s request for full account access was a mistake. In fact, they’ve addressed the security concerns with a new update that is live in the app store.

The update fixes some security bugs that stops the popular app from requesting full access to your Google account. Now the game will only ask for basic information such as your name and email address. The update also promises more stability and patches such as:

  • Resolved issues causing crashes
  • Fixed Google account scope
  • Trainers do not to have to enter their username and password repeatedly after a force logout
  • Added stability to Pokémon Trainer Club account log-in process

Fixing the Security Issues Ahead of the Update

To revoke the full account permissions access, Pokemon Go users should go to their “My Account” Google page. From there, navigate to “Connected Apps and Sites” under “Sign-in and Security.” Then select “Manage Apps,” click on the Pokemon app, and select “Remove Access.”

motion-sensors-security

Using Motion Sensors To Protect Your Home

The Incorporation of Motion Sensors in Home Security Systems

More people than ever are using technology to protect their homes and businesses. If you wanted to have a security system back in the day, the best you could do was analog video, which produced tapes that you could evaluate at a later date. But technological advances have come far enough to where you can have a digital video security system that live-streams directly to your smartphone, tablet, or computer over the internet. One of the biggest new features that homeowners and business leaders are taking advantage of is motion sensors. Motion sensors take technology that used to only be available to the military, and make it available to those who want to keep their homes or enterprise facilities safe from intruders. Although motion sensors are primarily used as anti-theft technology, they have other uses too — such as informing you if a teenager has missed curfew and is arriving home late or alerting you if a customer has entered your business. Motion sensor technology works by using microwave pulses, infrared sensors, or a combination of both to detect movement. Once detected, notifications are sent to your monitoring center, letting you know exactly where the motion was found.

Different Types of Motion Sensors

There are several different types of motion sensors that you can use to keep your home or business safe. Passive infrared, or PIR motion detectors, detect body heat. They are the most common form of motion detectors used in home-based security systems. Microwave, or MW motion detectors, are another option. They send out microwave pulses, which reflect off of a moving object, tripping the sensor. Although these sensors can cover large areas, they aren’t as widely used because they are prone to electrical interference issues. There is also the option of choosing a dual technology motion sensor, which combines both of the features of the MW and PIR sensors.

Different Ways You Can Use Home Security Systems

Although motion sensor technology is typically used to protect against theft and home invasion, you can also use them for other purposes. You might connect your motion sensors to your lights, for example, and save money by only having the lights on while you are moving in a particular room. You can use motion detectors to restrict the movement of pets or small children while you are in the house as well. Motion sensors can alert you to when a friend or neighbor is at the door, so you know to expect them before they ring the doorbell. Motion sensors are versatile and can meet all of your home/business security and safety needs.

PCI-Compliance-IT-Security

4 Signs that You’re Out of PCI Compliance

Compliance with the standards set by the Payment Card Industry (PCI) Security Standards Council can be cumbersome and flat out difficult. And the punishment for non-compliance can be stiff penalties and fines – or even worse, non-compliance could allow a hacker or data thief to get into your company’s systems and steal critical data from you or your customers. To avoid these unsavory outcomes, it is best to make sure that your business gets PCI compliant and maintain that compliance status. It is critical that you know if your company is PCI compliant so that you can keep your business protected from fines and hackers alike. Here are some of the ways that you can know if your business is not compliant. If any of these signs describe your business, then it is time to make a change and get back into compliance.

You Store Cardholder Data

Storing cardholder data means that you have highly sensitive information that can be stolen on your systems. To maintain PCI compliance, you should not save or store any cardholder data, whether in digital or written form. To avoid storing cardholder data, you can use a card reader, POS terminal, or a payment processor that doesn’t retain that information. That way, you don’t have to think about protecting or encrypting that data on your systems.

You Don’t Have A Separate Network For Payment Processing

PCI compliance can put extra pressure and security measures on your network. That’s why it is a good idea to have a separate system for your regular business connection just for payment processing. This is especially relevant if you are using IP-based credit card terminals.

You Don’t Automatically Log Customers Out

When your customers log in and make a purchase, they might be doing so on a public computer or at a public kiosk. When they leave that computer, they might forget to log out, allowing another person to stumble upon their open session and make unauthorized purchases. Make sure that you avoid these kinds of scenarios by automatically logging your users out of their sessions after a set period. If for example, users are automatically logged out after five minutes being idle, you have a significantly higher chance of stopping unauthorized purchases.

Your Employees Don’t Have Unique Login Information

To be PCI compliant, all of your employees need to have their unique login information for sensitive systems. That way, if there an issue, you know which employee was responsible.

regulatory compliance

Three Most Important Facts About Regulatory Compliance

When it comes to regulatory compliance, even the most enthusiastic managers can quickly get bored. It’s not hard to see why—regulatory compliance can be a long and frustrating process if you are trying to stay compliant without any professional help. Because regulatory compliance is so complex, it can be difficult to understand some of the legal concepts behind the process. That’s why we’ve broken down the three most important facts, so that you can easily know what’s vital to your business without having to pore over dozens of policy documents or looking through legalese.

  1. You Need Physical and Digital Security Policies

Sure, digital security policies get all of the press. And they are absolutely critical to your company’s regulatory compliance, as well as your long term success. But you need physical security policies too. You need to specific which employees are allowed physical access to particular facilities. This includes guests and vendors too—you have to be able to know who is able to access server rooms and other rooms that house critical IT infrastructure. These policies breed accountability. In order to uphold these physical security policies, you can use key codes, badges, or other ways to regulate access.

  1. Compliance Issues Must Be Relayed To Employees

Because regulatory compliance issues are so complex, it can be difficult to make them seem relevant and purposeful to employees. But if your regulatory compliance efforts are to succeed, you must let your employees know the importance of compliance and train them to make sure that they are up to date. The best way to do this isn’t to throw complex legalese at them, but to use simpler terms. Compliance isn’t always black and white, there are always grey areas, and your employees need to know what is expected of them when they encounter a grey area.

  1. There Are Hidden Benefits To Compliance

Often, it is assumed that there are no benefits to regulatory compliance other than avoiding fines and penalties. That isn’t true. There are hidden benefits to compliance that your business can take advantage of. Compliant businesses are more up to date on industry trends, and generally have more streamlined employee processes, where employees know what the appropriate decisions are. Compliance can improve standardization across your business, which can ultimately result in greater efficiency as well. Businesses that are compliant tend to have greater transparency, with workers at all levels—from the top down—more aware of what is expected of them.

Just Because You’re Not a Big Target, Doesn’t Mean You’re Safe

69Not too long ago, the New York Times’ website experienced a well-publicized attack, which raises the question – how can this happen to such a world-renowned corporation? If this can happen to the New York Times, what does this bode for the security of a small company’s website? What’s to stop someone from sending visitors of your site to an adult site or something equally offensive?

The short answer to that question is nothing. In the New York Times’ attack, the attackers changed the newspapers’ Domain Name System (DNS) records to send visitors to a Syrian website. The same type of thing can very well happen to your business website. For a clearer perspective, let’s get into the specifics of the attack and explain what DNS is.

The perpetrators of the New York Times’ attack targeted the site’s Internet DNS records. To better understand this, know that computers communicate in numbers, whereas we speak in letters. In order for us to have an easy-to-remember destination like nytimes.com, the IP address must be converted to that particular URL through DNS.

Therefore, no matter how big or small a company’s online presence is, every website is vulnerable to the same DNS hacking as the New York Times’ site. The good news is the websites of smaller companies or organizations fly under the radar and rarely targeted.  Larger targets like the New York Times, or LinkedIn, which was recently redirected to a domain sales page, are more likely targets.

For now… There is no reason to panic and prioritize securing DNS over other things right now. But there is a belief that DNS vulnerability will be something cybercriminals pick on more often down the road. Here are a few ways to stay safe:

Select a Registrar with a Solid Reputation for Security

Chances are, you purchased your domain name through a reputable registrar like GoDaddy, Bluehost, 1&1, or Dreamhost. Obviously, you need to create a strong password for when you log into the registrar to manage your site’s files. Nonetheless, recent DNS attacks are concerning because they’re far more than the average password hack.

It was actually the security of the registrars themselves that was compromised in recent attacks. The attackers were basically able to change any DNS record in that registrar’s directory. What’s particularly frightening is the registrars attacked had solid reputations. The New York Times, along with sites like Twitter and the Huffington Post, is registered with Melbourne IT. LinkedIn, Craigslist and US Airways are registered with Network Solutions. Both had been believed to be secure.

So what else can be done?

Set Up a Registry Lock & Inquire About Other Optional Security

A registry lock makes it difficult for anyone to make even the most mundane changes to your registrar account without manual intervention by a staff registrar. This likely comes at an additional cost and not every domain registrar has it available.

Ask your registrar about registry locking and other additional security measures like two factor authentication, which requires another verifying factor in addition to your login and password, or IP address dependent logins, which limits access to your account from anywhere outside of one particular IP address.

While adding any of these extra safeguards will limit your ability to make easy account change or access your files from remote locations, it may be a worthwhile price to pay.

CLICK HERE for a free network assessment and avoid cybercrime with Cognoscape.

Cognoscape at CompTIA Great Security Debate - is antivirus dead?

Is Antivirus Dead? Cognoscape at CompTIA’s Great Security Debate

Charles Tholen, Brian Dye, Chris Johnson, Dan Liutikas

Charles Tholen joins a panel of IT security experts to discuss antivirus software, bring-your-own-device (BYOD) and much more at CompTIA’s ChannelCon 2014 in Phoenix.

By Dan Kobialka | Talkin’ Cloud

Several IT security experts discussed antivirus software, bring-your-own-device (BYOD) and numerous solution provider concerns during “The Great Security Debate” at CompTIA‘s ChannelCon 2014 in Phoenix.

Panel members discussed a variety of IT security topics, including whether “antivirus is dead.”

Brian Dye, Symantec‘s (SYMC’s) senior vice president for information security, told The Wall Street Journal in May he believed “antivirus is dead” because it is no longer “a moneymaker in any way.”

Cognoscape CEO Charles Tholen compared antivirus solutions to “locks” because both provide security, but there are still questions about whether antivirus solutions and locks deliver sufficient protection.

“Antivirus solutions are still more like the locks on our house, but are the locks on this business really good enough?” Tholen asked attendees.

Tholen noted a risk mitigation strategy is important for businesses, yet this plan should only be one component of their overall IT strategy.

“A risk mitigation strategy around the risks of end users is not a real strategy; you have to look beyond the end users,” he said.

Bring-your-own-device (BYOD) also creates challenges for solution providers, especially since more employers are searching for ways to leverage cloud and mobile solutions.

Chris Johnson, CEO of healthcare IT provider Untangled Solutions, said mobile devices are like “panes of glass,” and businesses need to implement strategies to manage these devices.

“I look at devices like panes of glass … we just assume they will work without human interaction,” Johnson said. “For the most part, a mobile device involves turning it on and it works. That’s where the challenge is for businesses.”

BYOD may create new challenges for both solution providers and end users as well.

“There’s no question that end users have a lot of issues to deal with, [and] the question becomes what role the IT solution provider will play,” CompTIA Chief Legal Officer Dan Liutikas added.

Johnson said antivirus solutions and BYOD, however, can create opportunities, and he pointed out education is key for solution providers and end users to avoid security and compliance issues.

“Security and compliance is not a product; it’s a mix of products and services, it’s a moving target. That education point is so important,” Johnson said.

Is your Antivirus an appropriate “lock” for your business, or is it “Dead”? Click Here to request a security check by Cognoscape.

Is That Email A Phishing Scheme?

49Research has revealed that over half of all users end up opening fraudulent emails and often even fall for them. Phishing is done with the aim of gathering personal information about you, generally related to your finances. The most common reason for the large number of people falling for fraudulent emails is that the phishing attempts are often so well-disguised that they escape the eyes of a busy email reader. Here are a few tips that help you identify whether that email really came from your bank or is another attempt at defrauding you…

1. They are asking for personal information – Remember, no bank or financial institution asks you to share your key personal information via email, or even phone. So, if you get an email where they ask for your ATM PIN or your e-banking password, something’s amiss.

2. The links seem to be fake – Phishing emails always contain links that you are asked to click on. You should verify if the links are genuine. Here are a few things to look for when doing that:

  • Spelling – Check for the misspellings in the URL. For example, if your bank’s web address is www.bankofamerica.com, a phishing scheme email could misspell it as www.bankofamarica.com or www.bankofamerica-verification.com
  • Disguised URLs – Sometimes, URLs can be disguised…meaning, while they look genuine, they ultimately redirect you to some fraudulent site. You can recognize the actual URL upon a mouseover, or by right clicking on the URL, and selecting the ‘copy hyperlink’ option and pasting the hyperlink on a notepad file. But, NEVER ever, paste the hyperlink directly into your web browser.
  • URLs with ‘@’ signs – If you find a URL that has an ‘@’ sign, steer clear of it even if it seems genuine. Browsers ignore URL information that precedes @ sign. That means, the URL www.bankofamerica.com@mysite.net will take you to mysite.net and not to any Bank of America page.

3. Other tell-tale signs – Apart from identifying fake URLs, there are other tell-tale signs that help you identify fraudulent emails. Some of these include:

  • Emails where the main message is in the form of an image, which, upon opening, takes you to the malicious URL.
  • Another sign is an attachment. Never open attachments from unknown sources as they may contain viruses that can harm your computer and network.
  • The message seems to urge you to do something immediately. Scammers often induce a sense of urgency in their emails and threaten you with consequences if you don’t respond. For example, threat of bank account closure if you don’t verify your ATM PIN or e-banking password.

4. Finally, get a good anti-virus/email protection program installed. It can help you by automatically directing spam and junk mail into spam folders and deactivating malicious attachments.

CLICK HERE for a free network assessment.

Cybercrime and SMBs

 WHAT HAPPENS ON MAIN STREET STAYS ON MAIN STREET

When hackers breach the security of corporations it makes headlines, yet there is rarely a mention when cybercrime hits small to medium sized businesses (SMBs). Very few people are even aware that today’s cybercriminals are targeting SMBs, not just supersized global businesses. According to Verizon’s 2013 Data Breach Investigations Report, 71% of the data breaches investigated by the company’s forensic analysis unit targeted small businesses with fewer than 100 employees. Of that group, businesses with less than 10 employees were the most frequently attacked.

55EVERYONE IS A VICTIM WHEN IT COMES TO CYBERCRIME

The loss and exposure of confidential data from a cyber-attack is costly to both the people victimized and the businesses whose data was compromised.

For the victim, hackers typically retrieve personal information, bank account, credit card and social security numbers, resulting in identity fraud. The stress and time involved to reclaim their identity and get their financial house back in order is beyond measure.

For businesses, there are 47 state-specific DBN (Data Breach Notification) laws in effect in the United States. Adding to the complexity and costs of this process is the fact that laws and compliance obligations vary from state to state. A breach of customer data in Pennsylvania will have different breach notification and follow-up requirements than a breach involving a customer in Massachusetts. This means firms servicing customers and clients from more than one state are responsible for these duplicative legal, regulatory and compliance burdens.

CYBERCRIME COMES AT A HIGH PRICE FOR SMBs

According to research compiled by the Ponemon Institute in their 2nd Annual Cost of Cyber Crime Study, the average cost per breached record in the U.S. is anywhere between $150 to $200. This amount factors in the costs of the investigation and notification process, fixing the issue that led to the breach, possible liability and litigation costs, lost business, and the time and effort that go into damage control. In many cases, a damaged reputation may prove to be irreparable. Nearly two-thirds of victimized companies are out of business within six months of a significant cyber-attack, making cybercrime the death knell for many SMBs. This is because the consequences of cybercrime extend well beyond the actual incident and have long-lasting implications.

Small businesses obviously don’t have the same financial footing to rebound and carry on with business as usual in the way organizations like Target, Amazon, Apple, or Citibank can.

Symantec’s research found that customers affected by security breaches are generally less forgiving of smaller businesses, especially smaller online retailers, than larger companies. SMBs are contending not only with lost revenue and expenses, but also the possibility of never regaining the trust of customers, clients and business partners.

Symantec’s 2012 State of Information Survey found that nearly half of all SMBs admitted to a data breach damaging their reputation and driving customers away.53

The trend of cybercriminals preying on smaller businesses doesn’t seem to be waning. According to Symantec, the number of cybercrime attacks targeting firms with fewer than 250 employees jumped from 18 percent of all attacks in 2011 to 31 percent in 2012.

WHY CYBERCRIMINALS ARE ZEROING IN ON SMALL BUSINESSES

Large corporations have the resources to invest heavily in the most sophisticated security strategies and successfully stop most cybercrime attempts. A typical large enterprise may have over twenty in-house IT dedicated employees ensuring that every device connecting to their network is adequately protected.

In comparison, SMBs have neither the money nor the manpower of large enterprises and can’t afford the same level of security. Very few SMBs have fulltime IT dedicated personnel on hand to run routine security checks. Even those who do have in-house IT support often find that their internal resources are too bogged down with other tasks to properly address security upkeep.

A joint survey of 1000 SMBs conducted in September of 2013 by McAfee Internet Security and Office Depot further confirms how lax many SMBs are when it comes to protecting their data.54

Not only have SMBs become easy prey for cybercriminals, but their sheer abundance also makes them an alluring target. There are roughly 23 million SMBs in the United States alone. Half of that figure is comprised of home-based businesses. Even in a struggling economy, it’s projected that there are still an estimated 500,000 startups launching every month with only a handful of employees.

SMBs ARE NOT “TOO SMALL TO MATTER”

Since most cybercrimes affecting smaller businesses go unreported by the media, there is no sense of urgency by SMBs to prepare for cyber-attacks. Too many SMBs mistakenly view their operations and data as trivial to hackers. They feel that large online retailers, global banks, and government entities are much more attractive targets for hackers.

The goals and methods of cyber attackers are evolving and will continue to evolve. The era of one “big heist” for hackers is over. Cybercriminals today often prefer to infiltrate the data of many small businesses at once, stealing from victims in tiny increments over time so as to not set off an immediate alarm. This method takes advantage of those SMBs who are especially lax with their security processes and may not even realize there has been a security breach for days or sometimes even weeks. SMBs must end the “It will never happen to us” mindset. For instance, political “hactivists” have been responsible for a number of high-profile Denial-of-Service (DDoS) attacks in recent years. The goal of a hactivist is to disrupt the status quo and wreak havoc on the technology infrastructure of larger corporations and government entities. It’s a form of cyber anarchy: A “stick it to the man” philosophy spearheaded by groups like 4chan, Anonymous, LulzSec, and Anti-Sec.

An owner or Chief Information Office (CIO) at a SMB may read of these high publicized attacks in the press and not think anything of it. They aren’t Sony, Apple, or the Department of Defense, so why would a hactivist target their data? But it’s estimated that there are on average 1.29 DDoS attacks throughout the world every two minutes and such activity is much broader in scope than the press may lead us to believe.

SMBs- THE ACCESS RAMP TO BIGGER & BETTER DATA

One reason small businesses are more vulnerable is they’re often the inroad to larger better-protected entities. They are often sub-contracted as a vendor, supplier, or service provider to a larger organization. This makes SMBs an attractive entry point for raiding the data of a larger company. Since larger enterprises have more sophisticated security processes in place to thwart cyber-attacks, SMBs often unknowingly become a Trojan horse used by hackers to gain backdoor access to a bigger company’s data. There is malware specifically designed to use a SMBs website as a means to crack the database of a larger business partner.

For this reason, many potential clients or business partners may ask for specifics on how their data will be safeguarded before they sign an agreement. Some may require an independent security audit be conducted. They may also ask SMBs to fill out a legally binding questionnaire pertaining to their security practices.

Moving forward, a SMB that is unable to prove they’re on top of their infrastructure’s security will likely lose out on potentially significant deals and business relationships. More large enterprises are being careful to vet any business partners they’re entrusting their data to.

CLICK HERE for a free network assessment.

Four Key Components of a Robust Security Plan Every SMB Must Know

41Most businesses are now technology dependent. This means security concerns aren’t just worrisome to large corporate enterprises anymore, but also the neighborhood sandwich shop, the main street tax advisor, and the local non-profit. Regardless of size or type, practically any organization has valuable digital assets and data that should not be breached under any circumstances.

This makes it the responsibility of every business, especially those collecting and storing customer/client information, to implement a multipronged approach to safeguard such information.

Yes, we’re looking at you, Mr. Pizza Shop Owner who has our names, addresses, phone numbers, and credit card information stored to make future ordering easier and hassle free.

 

Today’s SMB Needs a Robust Security Plan

Protecting your business and its reputation comes down to developing, implementing, and monitoring a robust security plan that adequately addresses everything from physical access and theft to the threat of compromised technology security.  This involves defining and outlining acceptable uses of your network and business resources to deter inappropriate use.  Here are four key components to consider.

  1. Network Security Policy: Limitations must be defined when it comes to acceptable use of the network.  Passwords should be strong, frequently updated, and never shared.  Policies regarding the installation and use of external software must be communicated. Lastly, if personal devices such as laptops, tablets, or smartphones are accessing the network, they should be configured to do it safely, which can be done easily with a reliable Mobile Device Management (MDM) solution.

 

  1. Communications Policy:  Use of company email and Internet resources must be outlined for legal and security reasons.  Restricting data transfers and setting requirements for the sharing or transfer of digital files within and outside of the network is recommended. Specific guidelines regarding personal Internet use, social media, and instant messaging should also be clearly outlined. If the company reserves the right to monitor all communication sent through the network, or any information stored on company-owned systems, it must be stated here

 

  1. Privacy Policy: Restrictions should be set on the distribution of proprietary company information or the copying of data.

 

  1. Inappropriate Use: Obviously, any use of the network or company-owned system or device to distribute viruses, hack systems, or engage in criminal activity must be prohibited with the consequences clearly noted. Any website that employees cannot visit should be identified if not altogether blocked and restricted. For instance, downloading an entire season of True Blood from a Bit Torrent site isn’t an acceptable use of company Internet resources. Every employee must know these policies and understand the business and legal implications behind them.  Companies must also make sure these policies are clear and understood by all, and most importantly, strictly enforced.

CLICK HERE for a free network assessment

 

 

Five Major Benefits of the Cloud for the Healthcare Sector

28How Cloud Computing Enables Industry Advancements

When it comes to staying on top of industry trends, those in the healthcare sector utilizing cloud computing will undoubtedly have an advantage over those slow to adapt to change. The Internet is more widely used now by both patients and those providing health services.

Today’s patient desires anytime/anywhere access to health-related information and physicians may need access to digitized health data such as MRI scans, ultrasound images, or mammograms. Patient information must also be accessed for clinical decision-making such as potential prescription drug interactions or the American Recovery and Reinvestment Act of 2009 (ARRA) funded community health information exchanges (HIEs) that enable health providers and insurers to share a patient’s medical records with his or her permission. The cloud supports all of these.

In many ways, cloud computing levels the playing field as its affordable benefits are available to anyone from a small physician’s office or non-profit to large organizations or insurers. This fosters an all-inclusive collaboration that isn’t restricted to only large institutional players.

Major Benefits of the Cloud for the Healthcare Sector

  1. Security – Ironically, the biggest concern most healthcare entities have about taking to the cloud is one of its biggest strengths. Recent updates have made CSPs as responsible and liable for HIPAA compliance as the healthcare institutions that hire them. CSPs must ensure that data is encrypted, backed up, easily recoverable, and secured with permission-based access.
  2. Costs – Reduced costs are an incentive for healthcare entities to take to the cloud. Costs are dramatically cut since the cloud moves everything into a virtual environment, eliminating the need for costly hardware, software, maintenance, data center space, and IT labor. Pay-as- you-use fees requiring little-to-no capital investment replace these often overwhelming up-front capital expenses.
  3. Scalability – With the 2015 HER conversion deadline nearing, and the fact that health service providers are generally required to maintain patient medical records for at least six years, it’s easy to anticipate that managing such a high volume of patient data will inevitably stress any on-site IT infrastructure. But the cloud presents a scalable alternative where additional server or storage capacity is available as needed.
  4. Mobility – The cloud improves a physician’s ability to remotely access readily available patient information. This enables even the busiest physician to review a patient’s medical records or test results even after they leave the office.
  5. Sharing – Cloud computing keeps physicians better connected to not just their patients but their colleagues as well. Patients will notice benefits to medical professionals being able to share patient information online – for example, referrals to specialists will be more timely, there will be less paperwork to fill out with each office visit, and no unnecessary repeat diagnostic tests.

Are You Ready for This Transition?

The transition to cloud computing is underway in the industry. For healthcare service providers, it is no longer a question of if they will transition to the cloud, but when they can start benefiting from its potential savings and all of its capabilities.

Healthcare is a heavily regulated industry and cloud computing will continue to evolve to meet the industry’s growing security requirements and regulatory mandates. Many legitimate CSPs familiar with the healthcare sector already have strict security protocols in place to comply with regulations and will not hesitate to sign a BAA when asked. It is best to choose a CSP cautiously. Avoid any CSP who refuses to sign a BAA and carefully evaluate even those who do to get a feel for their stability, level of service, and delivery on promises.

Taking care of people – not your IT infrastructure – is your core service. Why not put the money being spent right now on hardware, software and equipment back into patient care while actually strengthening patient data integrity and security? Contact us today if you’d like to learn more about HIPAA compliant cloud-based technology.

CLICK HERE for a free network assessment.