Traditional measures like firewalls and antivirus software may not be enough to protect most practices.
Many of my previous articles have focused on the steps you need to take if you ever get hit by a computer virus such as ransomware. Having a good backup for your data is critical, as is ensuring that you have adequate insurance. Being hit with ransomware, the viruses that lock your files and require you to pay to get them unlocked, is a breach and you must notify all relevant parties; the costs can be staggering.
However, there’s an old adage: An ounce of prevention is worth a pound of cure. Although being able to recover from a virus attack is certainly important, it’s better to never be hit by a virus in the first place. When I work with staff at a dental office to develop their security protocol, there are 4 steps that I recommend to prevent viruses and other malware from ruining your day:
1. Install and properly configure a business-class firewall. A firewall controls the flow of data both into as well as out of your network. Although you can and should set up the firewall that comes with Windows, I highly recommend an external hardware firewall as well. Some of the better-known vendors include Sophos, SonicWall, and WatchGuard. Many firewalls include an antimalware subscription; though you still need software-based antivirus, it’s never a bad idea to have your firewall doing the initial filtering.
2. General purpose antivirus software. Windows has a built-in antivirus program called Microsoft Defender Antivirus. Although it certainly has improved over the years, I believe there are many others that work better. My current favorite is Emsisoft. I’ve also used and recommended ESET NOD32, Trend Micro, and Kaspersky. There are many free antivirus programs but I don’t usually recommend those. Most require that they not be installed in a commercial (i.e., dental office) environment. A decent antivirus program will cost approximately $20 to $30 per computer per year.
3. All the general-purpose antivirus programs will tell you that they do a great job against ransomware. In my experience, this just isn’t the case, so I normally recommend an extra layer of protection specifically to handle ransomware viruses. Intercept X and HitmanPro are 2 popular options.
4. The concern with the first 3 steps is that many newer viruses are what we call zero-day viruses. In essence, these are so new that your firewall and antimalware software won’t recognize them as viruses and won’t know what to do with them. The best and final piece in the puzzle is to invest in software called application whitelisting. This software will scan your computers and create a “whitelist” of approved programs. If any program (such as a virus) tries to run and it’s not on that whitelist, it literally gets stopped in its tracks—it is unable to run.
The days of just slapping an antivirus program on your computers and being done are unfortunately long over. Dental offices need to consider a layered or stacked approach that includes multiple levels of protection to keep their patient data safe and secure.