Is your Agency secure against Digital Threats?

| July 23, 2012

Internet Security

A growing number of agencies are utilizing the Internet to seek and store health and medical information. Electronic health records are becoming standard for their ease of use, speed of access, and lower costs.

But with the systematic collection of a patient’s medical history, personal stats, and billing information, it’s no wonder patients are feeling apprehensive about where their information is being stored. Because as the Internet evolves and becomes more expansive, hacking schemes are becoming increasingly sophisticated as well.

Each year brings a host of new digital threats and malicious attacks that compromise agencies and individuals alike. For an agency to use a digital format such as an EHR, which contains valuable medical information, accounts, and passwords, an attack can have major implications. That’s why being conscious about Internet security and taking all possible precautionary measures to avoid being susceptible to attacks should be an integral part of your agency’s operation.

So how can your agency protect itself from digital threats?

One often under-looked but hugely preventative measure is the password. A report released by Verizon in March 2012 revealed how commonplace it is to crack weak passwords by guessing a simple sequence of username and password combinations or — even worse — the default password. Protecting sensitive information can be as easy as requiring staff and agencies to use variations in their passwords such as capitalized letters, lower-case letters, numerals, and special characters.

To ensure that each piece of sensitive information on our servers remains protected, MyOutcomes Version 10 includes a multitude of added security measures and enhancements. One new requirement is that all passwords must contain one capital letter, one lower-case letter, one numeral, and one symbol, in addition to being a minimum of seven characters long.

Do these new requirements really make that much of a difference?

Would you like to find out just how secure your passwords are?

Let say previously I used the password “insession” (in session)to access MyOutcomes because it was short and easy to remember .

It would take a desktop PC only 22 minutes to crack this password.

Let’s say I previously used the password “insession” to access MyOutcomes because it was short and easy to remember .

It would take a desktop PC only 22 minutes to crack this password.

What if I revised the same password according to our new requirements to “Insession+1” (adding the required capital letter, numeral, and symbol)?

It would now take a desktop PC 4,000 years to crack my new (and still easy-to-remember) password.

The length of a password profoundly affects the time it takes to crack it.

For example, if I shortened “Insession+1” to “Inses+1” so it was quicker to login and just met the minimum seven-character requirement, it would take a desktop PC only one hour to crack my new abbreviated password.

The “sweet spot” for a truly secure password appears to be about 11 characters.

Want to find out how secure your passwords are? Go to: How Secure Is My Password?

A big reason why many people don’t use longer, more secure password is because they’re too difficult to remember. There are a couple of solutions to this dilemma:

1) Sentence passwords: Make your password an easy-to-remember phrase or sentence. For example, “I left at 1 a.m.” translated as a password into “Ileftat1AM.” would take a desktop PC 7,000 years to crack.

2) Password software: Programs such as LastPass or 1Password can help you create, securely keep, and insert into login pages all your passwords. One of their great advantages, among their many other features, is that you only have to remember a single password. I’ve used this type of software for years and couldn’t function without it. It’s helped me make sure all my passwords are unique, secure, and easily changeable.

If you have any questions or would like to find out more regarding digital security here at MyOutcomes, please feel free to phone or e-mail us.


Want to find out more about MyOutcomes Version 10.0 including new security enhancements?


Pinterest Twitter Facebook Linkedin Youtube Email

Tags: ,

Category: Agencies, MyOutcomes, New Features, Privacy & Security, Private Practice

Comments are closed.