Robin Hanna, Director, said “As you will know, McLernons can manage all Windows Security updates on your behalf in order to keep your devices secure and upto-date and ensure that there are no conflicts with your pharmacy applications, on your Dispensary and EPOS systems, Head office and networks.”
“As part of an ongoing review into your IT security we have sourced a new partner to provide a managed workplace solution, and over the next few months we will gradually be migrating all our customers to this. Not only will this provide an enhanced level of Anti Virus, but will also facilitate an enhanced level of content filtering, ie, denying access to certain websites which have been flagged as potentially unsafe.”
“This new application suite allows us to see if laptops and PCs which are accessing your pharmacy PCs have AntiVirus on them as this is a potential ‘back door’ for malware and hacking attempts.”
Our solution provides network protection features including:
- Anti-Malware – detecting and blocking malware threats before they have a chance to inflict damage to devices..
- Behavioural Analysis – examining the behaviour of a file and determining if the file may be a threat.
- Network traffic scans – providing data protection for email and user web browsing in real time, and scanning various types of network traffic for potential security threats.
- Content Control – providing a way to restrict what users can access and send over the Internet.
- Anti-Phishing – preventing the attempt to obtain sensitive information such as credit card numbers or account information from a bank for malicious reasons
- Disk encryption – this will now be managed centrally by McLernons
- Password management – we will be implementing password changes on PCs over the coming months.
In order to provide these new enhanced features we have had to increase the cost of this service by €10 to €30 per terminal per annum, and this increase will only be charged from 1st January 2021.
What else can you do?
An AV package can only help mitigate your exposure to cyber security attacks, it cannot prevent all of them. There are a number of steps which you can take to enhance your pharmacy IT security and ensure that a successful attempt by a hacker doesn’t result in a catastrophic loss of data, which is unlikely to be recoverable.
Every day brings news of new phishing attempts, email scams and concerted attacks on pharmacy systems, not just in the US but here in Ireland. The Data Protection Commissioner Helen Dixon has issued a series of warnings, recognising that the rapid adoption of new ways of working during the Covid pandemic means that you might need to share or collect information quickly and in new ways.
Steps to improve your IT security
We strongly recommend that you implement all of the following recommendations in order to increase the cyber security of your business, and our staff are able to help advise you.
- Upgrade to Windows 10
For over a year, we have been urgently requesting that our customers upgrade to a Windows 10 operating platform. We are aware there are still 100s of customers currently running their pharmacies on sub-optimal, unsupported Windows 7 systems. These are no longer routinely supported by Windows, who have only pledged to issue patches for any operating issues for a short period of time to facilitate the upgrading to Windows 10. At some point, this will stop, and if your system becomes corrupted your data will be lost.
- Passwords and administration rights
We understand how busy a dispensary can be, with more than one member of staff accessing a PC at any one time. However, the sharing of passwords, or failure to change passwords on a regular basis is putting your business at risk. We will be rolling out password management for MPS over the next few months but you should also think about changing the password on your PCs on a regular basis.
- Email security
We know that many community pharmacies use unprotected free-to-use email accounts such as Gmail and Hotmail for their pharmacies. In using such email addresses you are effectively leaving the back door of your pharmacy PC unlocked and vulnerable to attack. We can give you advice and guidance on setting up a more secure email account today, and recommend Office 365 with Advance Threat Protection.
- Staff training
Although your staff are undoubtedly the greatest asset of your business, they are also the inadvertent cause of a successful cyber attack on your business. One of the ways in which the security of your data can be compromised is through what are known as ‘phishing’ or ‘social engineering’ attacks. We can direct you to a number of sources of help and training, including the ones we use for our own staff training, which provide tips on how to spot such attacks and avoid risks to your patient data.
We strongly recommend that pharmacies consider installing a hardware-based firewall, and to review the various devices that you allow to access your network. The basic ISP router which facilitates your access to the internet is not sufficient to protect your pharmacy systems. A firewall works by controlling access to network resources, network services, and to the Internet by specified applications. Take a moment to consider how many other devices are currently on your pharmacy network, such as CCTV, mobiles, laptops and tablets, and credit card units. Are they patched and up-to-date? Should you consider segregating your networks and placing them behind a firewall. Social distancing applies to more than humans in this new world of working! We can provide Firewall solutions from as little as €300 per year.