Independent pharmacies that are uneasy about the increasing frequency of hacking in today’s business world can take heart: With a bit of planning, you can significantly reduce your vulnerability to a computer break-in via the internet.
“In this climate, I believe we all need to be on ultra-high alert,” says Kari VanderHouwen, RPh, owner of Duvall Family Drugs Health Mart in Duvall, WA.
“Naively, I would like to believe that we are so small we wouldn’t be worth their time,” VanderHouwen says. “But I do know that they are looking for the low-hanging fruit.”
Some of the most notorious hacks during the past few years have been, and most likely will continue to be, perpetrated by a shadowy group of computer wizards known as Anonymous.
“Anonymous is heroic to many people who are sick of government lies and weary of government intrusion —unwarranted and warrant-less—into the lives of U.S. citizens,” says Sharon D. Nelson, president of Sensei Enterprises, a computer security consulting firm.
“They have become very much like—in ‘The Terminator’ movies—the Resistance fighting Skynet,” she says. “Many are ‘script kiddies,’ casual computer users without deep knowledge of computer code, or amateur hackers. But there is a core group of hackers who have extraordinary skills. They present one of the greatest security threats in recent years. And we have not, so far, done a lot to counter their intrusions.”
Perhaps even more sinister than Anonymous is the professionalization of hacking that has emerged in recent years—scores of hackers have become 9-to-5 workers in today’s world, with jobs that include holidays, vacations, and many of the other trappings associated with legitimate employment.
Kevin Haley, director of Symantec Security Response, says, “advanced criminal attack groups now echo the skill sets of nation-state attackers. They have extensive resources and a highly-skilled technical staff that operate with such efficiency that they maintain normal business hours. We are even seeing low-level criminal attackers create call center operations to increase the impact of their scams.”
One of the preferred ploys of these organized crime rings is ransomware: malware that downloads onto your PC or business network. It then secretly encrypts all your business data and the hackers demand a ransom for your files to be restored.
Rich Conklin, an IT security consultant and owner of Executive Computer Solutions, says one of his clients was recently hit with ransomware that brought down 28 of its computers.
“Because they had a formal data back-up program for their business—which I recommended and maintain—I was able to get most of their data restored later the same day,” Conklin says.
Ryan Naraine, a head of global research and analysis at the cybersecurity firm Kaspersky Lab, hears network take-over horror stories like Conklin’s every day.
“Right now, ransomware is an epidemic,” Naraine says. “Although it has been around for more than a decade, we have seen a recent explosion of new ransomware families that is cause for serious concern.”
Indeed, some of the newest variants of ransomware are now popping-up on smartphones and other mobile technologies, according to a report released by Christian Fredrickson, CEO of F-Secure.
Take Cybersecurity Seriously
The security take-away? Independent pharmacies of all sizes need to make peace with the fact that hackers won’t be neutralized any time soon. And they need to be honest with themselves that their current computer defenses are probably Silly Putty in the hands of experienced of hackers.
The best way to begin hardening the online digital perimeter of your pharmacy is to realize that the person or staff responsible for your web security is the overarching factor in keeping your pharmacy data safe, rather than the security technology that they happen to administer and oversee.
“Fundamentally, good security really is just good systems administration,” says Ira Winkler, founder of Internet Security Advisors Group, a computer security consulting firm. “And if you can’t afford or can’t get a good system administrator, I recommend outsourcing that.”
In fact, Winkler says the smallest of independent pharmacies will probably be best served by using an outsourced third-party computing solution, given that the entire focus of a top-notch network systems provider is on configuring, maintaining and securing computer systems 24 hours a day and seven days a week.
Read More: Generic VESIcare Tablets To Launch In U.S.
In other words: You might want to move the critical computer applications of your pharmacy to the cloud, so you can take advantage of the relatively sophisticated web security offered in those systems, Winkler says.
“We utilize a company called NuArx to manage our firewall and virtual private networks,” says Paul Grisnik RPh, CEO of RxXpress Health Mart Pharmacy in Grove City, PA. “They, in real-time, monitor the data streams for viruses and possible attempted attacks on our computer network.”
Ram Subramanian, PhD, vice president of research and development at PerciptiMed—a software company specializing in making sure drugs are dispensed correctly—says, “Pharmacies should partner with IT service providers specializing in computer support and security that gives them 360-degree protection from various modes of digital threats.”
At a minimum, Sensei’s Nelson recommends a quality internet firewall that’s properly configured; and internet security software that guards against viruses, malware, and spyware. Both are available with software packages like Symantec’s Internet Security, Kaspersky Security, Trend Micro Security, and the like.
And you’ll also need to be sure your staff gets the message that your pharmacy’s security must be taken very seriously. “Education of your employees is key,” Conklin says.
Continue reading on page 2...