Ransomware is Creepy

Today’s blog is penned for the benefit of any practice owner or manager who has not read the recently published horror story in CDA Oasis. A dental office was down for 3 days after an employee opened an innocent-looking email.

The email contained Ransomware that immediately infected and encrypted all files – despite the significant backup and anti-virus precautions that the practice had in place. The fraudsters demanded cash to hand over the decryption key.

The stress, expense and loss of revenue are one thing. Pile on patient safety, potential breach exposure, government fines, tarnished reputations and collegial reprimands… the risk is immense. Yet often avoidable!

Here’s the link if you want to read about the Dentist’s horror story. In today’s limited space, I’d prefer to focus on prevention.

What can you do to avoid such a nasty trick?

1. Use a reputable email service provider with both anti-virus and anti-malware security built in. A good email product has layers of filtering to block, quarantine or eliminate bad files from ever reaching the desktop

2. Secure a personalized domain for your practice (name@PracticeName.com)

3. Train yourself and your staff to recognize the warning signs of non-legitimate emails:

    – the sender name is not recognized
    – there are obvious spelling, grammar and language mistakes
    – a legitimate company logo is mimicked – it appears warped, blurred, stretched or otherwise off
    – a different url appears when you hover your mouse over the address or link
    – the subject does not make sense in the context of your business/practice

4. Don’t follow unknown or suspicious links

5. Don’t open attachments from an unknown sender, or if any aspect of the email seems strange. Examine zip files carefully; do not open .exe files. When in doubt, verify with the sender

6. Be wary about websites visited – ensure all users stay on legitimate business sites and not be lured by ads, sponsored banners and pop-ups

7. Have at least 2 backups. Rotate daily and weekly backup files. One must go offsite so that you are protected from fire, theft, or flood. They MUST be encrypted and you MUST safeguard the encryption key (password to decrypt)

8. Have the backup data verified quarterly. This is like simulating a disaster; restoring your data from the backup to make sure that it works!

Note: Simply checking the backup notification is NOT DATA VERIFICATION.

We all take this issue very seriously; it’s alarming that in the first quarter of 2015, the security company McAfee reported a 165% increase in ransomware attacks.

Scary. Even when you are diligent and think you’re protected, malware can strike. One of our clients relates his experience:

“We had been backing up our servers locally to external drives using a service that wasn’t very reliable when needed. Just 2 days after switching to ABEL’s online backup service, one of our servers was compromised by ransomware that encrypted and deleted all our vital data. The local backup drive had also been erased and encrypted. The ransomware demanded $3000 to restore the data.

We contacted ABEL for assistance and, once we were able to get the server running, they logged in, restored our ABEL data and configured the software. Within less than 24 hours, we were back up and running. Had it not been for ABEL’s amazing support and their reliable backup service, we would have lost over 3 months’ worth of data.”

If you haven’t already, please talk to us about protection, backup, data verification and recovery. Malware is everywhere and does not limit its ghoulish behaviour to one day in October.

Thanks to our friend Anne Genge, CIPP/C at Healthcare Compliance Network, for her insights on this topic.

Canadian Beverage Association responds to U.K. Action on Sugar

We know that it’s not healthy, yet many of us still give in to the temptation of eating sugar-laden foods. Good to know that the average Canadian adult’s consumption of added sugars decreased significantly over the past decade and it is still decreasing. Canadian Beverage Association responds to U.K. Action on Sugar

SOURCE: Canadian Beverage Association (October 1, 2015). Canadian Beverage Association responds to U.K. Action on Sugar [News Release]. Retrieved from http://www.newswire.ca/

TAD Annual Winter Clinic 2015

ABELDent Inc. is pleased to announce that we will be exhibiting at the Toronto Academy of Dentistry’s 78th Annual Winter Clinic at the Sheraton Centre Toronto Hotel on November 6, 2015.

ABELDent is Canada’s leading clinical and practice management software for dental professionals.

Visit booth T19 to discover a range of products and services designed to increase dental practice efficiency and productivity. Learn about the latest version of ABELDent and the benefits of seamless integration with ABELDent Portal and mobile apps. Explore ways to go paperless, optimize treatment management, ensure data privacy and security, and more.

ABELDent – your strategic partner for dental practice success. Visit booth T19 to learn more.

See ABELDent at booth T19

Delivering Vital Information… or Whac-a-Mole?

I’ve been struggling with a marketing communication question: At what point does keeping customers informed become intrusive — even annoying? How much is enough?

We discuss this regularly with our marketing colleagues and really strive for an ideal balance… but some days I’m left shaking my head.

Like last week, in a conversation with one of our customers, a Dental Office Manager joked: “It’s Murphy’s Law: When I most need a file is when I can’t find it.”

“What… is your system down?” I was ready to conference in tech support when she told me she wished they could go paperless but didn’t know if ABELDent allowed them to do that.

I almost fell off my chair! We have been promoting our paperless solution for several years now.

And again yesterday, a customer was intrigued by a series of practice performance graphs that one of our competitors had sent him. “You mean something like this?” I asked as I showed him our ABELDent Analytics feature. He was delighted – and it felt great to help. I didn’t have the heart to tell him that our graphic reporting tool has been available for over 15 years!

I imagine that this applies to all kinds of vertical markets, both B2B and B2C. As a consumer, I know I don’t use my products – even my favourite brands – to their full potential. There are hundreds of fun, time-saving and convenient apps that I could probably make good use of on my mobile. And at least one button on my fancy oven that I’ve never pushed.

So I do get it. Comfort and routine trump change. But when product knowledge can make such a big difference in my customers’ daily lives, it matters to me.

How many times should a company try to communicate with prospects and customers before they feel the urge to unsubscribe?

Seriously… how many times? I want your opinion!