We recently used Presbyterian Health Services potential breach of protected health information (ePHI) as a case study in why employee behavior and training are key elements of security and compliance. Not even a month later, and here we go again. Last week, Grays Harbor Community Hospital in Aberdeen, WA issued a formal notice of a potential electronic protected health information (ePHI) breach. Like Presbyterian Health Services, this potential breach was the result of a phishing email. In this case, the attackers initiated a ransomware attack holding the organization’s medical records hostage and demanding a $1 million ransom to release the key to de-encrypt their data. Grays Harbor seemed to have done everything right to prepare for this type of incident. They have an IT department, anti-virus solution, data backups, and even took out a $1 million cyber insurance policy. Even though they seem to have followed the playbook, there are some lessons to be learned from this incident.
There are four different ways most businesses acquire IT support. You can: Hire an internal IT person Hire an on-demand IT vendor or freelancer when you need help Pre-purchase blocks of IT support hours Partner with a Managed Service Provider (MSP) Each approach to IT support has its pros and cons, and within each approach are various pricing models.
I'm currently re-watching The Office (US) for what feels like the 100th time. This time, I realized that some parts have a whole new meaning now that I work for an IT company that provides tech support to businesses like the fictional Dunder Mifflin Paper Company. In this clip from Season 7, Episode 9, "WHUPF.com," Jim tries to reset the server after a power outage causes it to go down. He's stuck and The Office can't do any work since he doesn't know the password to sign into the server. This causes Michael to recall all of The Office's former IT guys to determine who originally set up the server. As Michael thinks through the list of IT guys backward from the most current by the nicknames he gave them, "Glasses, Turban, Ear Hair, Fatty 3, Shorts, Fatty 2, Lozenge, and Fatso," Kevin remembers that 'Lozenge' set up the server eight years ago. Michael recalls that whatever the password was made him laugh when he heard it but, "Pam got really offended." Jim ultimately enters Kevin's suggestion of "big boobz," based on Michael's clues. The password is accepted, the server is reset, and Dunder Mifflin lives on to sell paper another day.
On June 6, 2019, Presbyterian Health Services, a health care system and health care provider in New Mexico, discovered a potential breach of protected health information (ePHI). You might assume that a hacker breached their firewall or snuck into their network undetected. That was not the case. The breach occurred because well-intentioned employees fell victim to a phishing email.
Think of your business’ domain name as your own, branded corner of the internet. It is the space you own for business-related web and email traffic. In today’s digital economy, most businesses own a custom domain for their website. However, it’s surprising how many aren’t using a custom domain for email and instead use generic email addresses like gmail.com, yahoo.com, aol.com, etc. Even if you have not yet registered a custom domain, the process is relatively simple and inexpensive, and the benefits to your business are significant. Here are the top five reasons every business needs a custom email domain.
Welcome to the third and final installment of our three-part series demonstrating the types of services you should expect from a quality outsourced IT vendor. Part I outlined the support you should expect from a help desk and service team, and Part II showed how your IT vendor should advise on business strategy. Now, we’re featuring the third element of service provided by an outsourced IT vendor, project management and implementation. Part III: Project Team Projects are pre-planned, scheduled activities, like new device installation, software migration, cabling, etc. This role might be filled by the same team that handles your day-to-day support. However, when you’re evaluating an IT partner, it is important for you to understand how they maintain the capacity to respond to daily requests while meeting their pre-scheduled project commitments.
In Part I of this series we outlined the Service Team component of an outsourced IT vendor. The Service Team tends to see the most day-to-day activities from customers since they handle incoming help desk calls and emails. They resolve issues remotely or on-site at the customers’ locations. Plus, they proactively monitor and maintain customer networks to address as many potential issues as possible before end-users ever notice a problem. As you evaluate the benefits of working with an outsourced IT vendor, you’ll want a good understanding of the process for requesting assistance and their guaranteed response and resolution times. Additionally, you’ll want to understand what proactive steps the team takes to resolve issues before they impact business processes and productivity. But it doesn’t stop there - the Service Team is just one component of the relationship you’ll have with a quality IT vendor.
You've reached the point where you know your business needs some more sophisticated IT support than your current model can provide. You've evaluated the options, and are considering working with an outsourced IT vendor or managed service provider. An outsourced IT vendor can handle a lot of different functions for your business, but you're struggling to evaluate the return on the potentially significant investment you're about to make in their services.
Photo Credit: Associated Press Kelley Earnhardt Miller, Co-Owner / Vice President / Business Manager, of JR Motorsports, recently joined her brother, Dale Earnhardt Jr. on his Dirty Mo Podcast, to talk about childhood memories growing up together while their dad, Dale Earnhardt, was becoming a NASCAR racing legend. Before the conversation got started Kelley briefly described her ongoing IT problems and uttered a sentiment shared by many executives unnecessarily suffering from unproductive technology. She said, "everybody has IT problems.”