The Healthcare Analytics Summit is back! Join us live in Salt Lake City, Sept. 13-15.Register Now

COVID-19 Healthcare Cybersecurity: Best Practices for a Remote Workforce

March 25, 2020
Kevin Scharnhorst

Chief Information Security Officer at Health Catalyst

Article Summary

Social distancing, effective hand-washing techniques, sneezing into elbows, and the like are critical means of mitigating the spread and impact of COVID-19, but the pandemic has also prompted another area of concern: cybersecurity. A growing remote workforce, more collective time online, and increasingly frequent social engineering attacks that take advantage of public curiosity about and fear of the novel coronavirus are exposing system and network vulnerabilities.
Remote workers can increase their online safety by refreshing and ramping up cyber-hygiene best practices, including learning to recognize and report suspicious emails and protecting home internet connections.

Jump to:
The State of Cybersecurity Amid COVID-19
A Time for Extra Vigilant Cyber-Safe Best Practices
Steadfast Safeguards for Uncertain Times
Up next:
A Roadmap for Optimizing Clinical Decision Support
Health Catalyst Editors

Man operating laptop with an open lock icon superimposed on the screen

Measures to stem the COVID-19 pandemic are driving more of the U.S. workforce to remote, or teleworking, arrangements, including healthcare industry personnel who can operate from home (e.g., financial, administrative, healthcare IT teams, and other non-patient-facing roles). In keeping with state- and communitywide shelter-in-place orders and bans on nonessential travel, work-from-home practices reduce person-to-person contact in an effort control the transmission of the novel coronavirus within populations and families. The well-intentioned transition to remote work, however, carries an underlying risk: increased exposure tocybersecurity threats.

The State of Cybersecurity Amid COVID-19

The simple equation of more users accessing and relying on the internet from more places exposes cybersecurity vulnerabilities (risk= likelihood x impact), as does the possibility of using home internet connections and personal devices that don’t have the same level of security as corporate IT-managed resources. Additionally, collective rising anxiety, fear, and curiosity make internet users more vulnerable to malicious cyberattacks through false communications and information sources that appear legitimate.

Add to the above factors an upward trend in remote work overall before COVID-19-driven changes (a159 percentincrease in remote work between 2005 and 2017) and—for healthcare providers, specifically—an increased incidence of ransomware attacks of350 percent2019年第四季度。In addition, amid the COVID-19 pandemic, the frequency of reportedsocial engineering attacksacross the globe has increased. For example, confirmed threat vectors have usedfake COVID-19 impact mapsto spread malware that steals passwords. These threats have mocked a legitimate and trusted source—John Hopkins Medicine.

Awareness of rising cybersecurity risks during the COVID-19 pandemic as well as cyber-hygiene best practices will help keep an increasingly remote healthcare workforce and their organizations safe.

A Time for Extra Vigilant Cyber-Safe Best Practices

Remote workers can increase their online safety by refreshing and ramping up cyber-hygiene best practices:

#1: Recognize and Report Suspicious Emails (Phishing)

Scamsduring the COVID-19 pandemic may appear to be from reputable public health authorities (e.g., Health and Human Services, the World Health Organization, or the Centers for Disease Control and Prevention) and reference COVID-19, coronavirus, and related topics to exploit a sense of trust in what may seem a known source. Suspicious emailpatternsto watch for include the following:

  • Alerts about suspicious activity or log-in attempts.
  • 警告有关帐户或支付信息的问题。
  • Requests to confirm personal information.
  • Fake invoices.
  • Requests to click on a link to make a payment or update payment details.
  • Alerts regarding eligibility to register for a government refund.
  • An email impersonating a known and trusted company (possibly using that company’s logo and header).
  • An alert that an account is on hold due to a billing problem.
  • An email with a generic greeting (e.g., “Hi, Dear.”).

Follow organizational guidance on how to report suspicious emails. Many organizations will have an anti-phishing program with utilities for reporting built into their corporate email clients.

#2: Protect Home Internet Connections

企业IT和基础设施工程团队通常有许多适当的控制,以保护办公环境中的互联网连接。When connecting from home, however, certain practices will ensure security and quality:

  • Bandwidth当前位置随着2019冠状病毒病导致全球更多员工回家,对带宽的需求也随之增加。远程工作者应该确保他们得到的带宽是他们与互联网服务提供商(ISP)合同规定的。Tools includingspeedtest.netorfast.com可以测量家庭带宽。Some ISPs have been known to place data caps, or limits, on their services, but in light of the pandemic, many ISPs areremoving capsvoluntarily.
  • Connectivity:Individuals using Wi-Fi or a hotspot at home, need to ensure they’re using a modern encryption tool, such as Wi-Fi Protected Access II (WPA2), with a strong preshared key (PSK), that’s equivalent to a password, to establish a connection to the home network. Never connect over public Wi-Fi, such as airports, coffee shops, libraries, community wireless access points, or other connections that aren’t verifiably secure. To access the internet away from home, tethering to a mobile hotspot (smartphone) is the safer option.
  • Virtual private network (VPN) with multifactor authentication (MFA): A VPN encrypts information to tunnel it from its source to its destination. Many organizations’ corporate IT and infrastructure engineering teams maintain a VPN infrastructure to keep team members secure. With MFA, a device user must successfully present two or more pieces of evidence (e.g., codes smartphone apps generate) to an authentication mechanism to gain access to a network.
  • Corporate-issued devices: Remote workers connecting to their corporate network or partner-hosted environments should only use corporate-issued devices—versus personal devices. These devices likely have the necessary safeguards to work securely and are managed and updated regularly by the corporate IT team.
  • Web browsing: Internet users need to be cautious about the sites they visit. As mentioned earlier, there are confirmed malicious websites related to coronavirus that may appear legitimate but are engineered to infect devices through a web browser. While conducting sensitive transactions, verify the sites used are secure and implement secure socket layer protocols (SSL) with the website to secure the traffic between the originating device and the destination site.
  • Phishing (email), vishing (voice calls), and smishing (SMS):Increased social engineering attacks like these demand extra diligence. If a remote worker identifies suspicious activity, they need to report it to their organization, such as with a reporting email utility built into their corporate email or to the organization’s information security team.
  • Video conferencing: Virtual conference room users need to inventory their meeting attendees. Increasingly, known cyberattacks may attempt to allow eavesdroppers by randomly identifying links to meetings. Virtual conference hosts should require a password to join the meeting and ask anyone unfamiliar to identify themselves.
  • Passwords: Many corporate IT and infrastructure engineering teams set requirements on minimum password lengths, composition, and complexity. Strong passwords and long passphrases are more secure than shorter passwords, and users need to rotate passwords at least every 90 days. Enabling MFA, as applications and systems allow, supplements passwords security; two-factor authentication (one factor the user knows, such as a password, combined with another they have been provided or receive digitally, such as a one-time password token) is an effective authentication practice.
  • Stay patched: A corporate-issued device is likely managed centrally and receives updates via a systems management and deployment solutions (e.g.,Quest KACE,Microsoft System Center Configuration Manager,SolarWinds Patch Manager等);远程工作者在接触设备时应该及时了解这些更新。用户负责为家庭基础设施(如路由器和防火墙)打补丁(从供应商下载并应用最新的固件更新)。
  • For additional advice on avoiding phishing and social engineering attacks, see theDepartment of Homeland Security.

Steadfast Safeguards for Uncertain Times

In a time marked by global uncertainty, the growing remote workforce can protect their personal and organizational internet security by relying on a known entity—cyber-hygiene best practices. Despite unprecedented change and adaptation, individuals working from home who follow proven cybersecurity guidelines, with some added awareness of COVID-19-specific threats, will keep themselves and their organizations cyber-safe through the pandemic and beyond.

Additional Reading

Would you like to learn more about this topic? Here are some articles we suggest:

  1. Health Catalyst Plans to Support Health System Clients’ COVID-19 Response with Three Initial Solutions Focused on Patient Tracking, Public Health Surveillance and Staff Augmentation Support
  2. Health Catalyst Unveils Two Systems and a Service for COVID-19 Response

PowerPoint Slides

Would you like to use or share these concepts? Download the presentation highlighting the key main points.

Click Here to Download the Slides

A Roadmap for Optimizing Clinical Decision Support
德国vs家具

This site uses cookies

We take pride in providing you with relevant, useful content. May we use cookies to track what you read? We take your privacy very seriously. Please see ourprivacy policy详情和任何问题。

Name(Required)