Tech Tool:
Frequent Password Changes Provide Bulwark Against Cyber-Siege
Published on Thu Aug 18, 2005
E-mail from Russell Crowe? Something's probably not right
Think your employees know how to stop an Internet scam in its tracks? Think again.
You must educate your staff members on how to react to even the simplest virus or hoax, or you risk leaking your patients- protected health information (PHI) to hackers and identity thieves.
Strategy: Distribute a -Do's and Don-ts- tip sheet similar to the one below to all your regular e-mail or Web users, says Elisabeth Derwin, an information technology specialist with Bennet Health System in San Francisco. Tell them to refer to the sheet each time they spot a suspicious e-mail or are contacted by companies claiming to need personal data.
Bonus: You can also hand this sheet out to your patients who request that you contact them through e-mail. If you host a Web site, post the list prominently so that anyone visiting your site can easily see your Internet security policies: INTERNET SAFETY DO's and DON-Ts 1. If you don't recognize the sender, don't open the e-mail or attachments. Before you open the attachment, try to determine if it's legitimate by scanning the e-mail. Does it contain a phone number you can call to double- check that the attachment is not a virus? If a friend or co-worker sent the attachment, call or e-mail that person to make sure he meant you to receive the file. But if the body of the e-mail is empty or contains text that makes no sense to you, your best bet is to delete the e-mail without opening the attachment.
When in doubt, check for these common signs of an e-mail virus:
- The e-mail's subject line is suspicious (e.g., -iloveyou,- -Russell Crowe- or -Anna Kournikova-)
- It was sent in the middle of the night, or there are multiple messages containing attachments from the same sender.
2. Do use hard-to-guess, frequently changed passwords. The strongest passwords mix uppercase, lowercase, numbers and symbols to create a code not found in the dictionary (e.g., gu2@VW05). You can also build your passwords from slogans or phrases that you encounter every day. Best: Think of a phrase or your favorite song lyric. Then shorten the line to the first letters of each word to come up with your password. Remember to swap out at least one letter for a number and one letter for a symbol, and make at least one letter uppercase.
Example: You can shorten -All the world needs is love- to -ATWNIL.- Then swap out a few characters to create -@TWN1L.- Next make some of those letters lowercase: -@tWn1L.- Now you-ll need to add two characters to lengthen the code to eight characters: -&@tWn1L&.-
Make your passwords at least eight characters long.
And you should create multiple passwords [...]
You’ve reached your limit of free articles. Already a subscriber? Log in.
Not a subscriber? Subscribe today to continue reading this article. Plus, you’ll get:
