Nobody Home
A few weeks ago, I attempted to call a medical clinic where I am a patient. Instead, I found myself listening to a brief, cryptic message involving no one to take my call and a “full mailbox.” This did not seem right, based on prior experience and the size of the clinic’s staff. What could be going on?
Mystery Solved
A brief online search revealed that a week or so earlier, the parent organization – owner of three SoCal hospitals and more than a handful of large practices – had been the victim of a ransomware attack. Since then, further investigation has revealed that the entire organization’s patient records, totaling more than 17 million, have been not only encrypted (rendered unreadable), but stolen to be used to coerce the parent corp to pay up. All of this started on December 1.
A Devastating Blow
So here we are in January, and as a patient, I’m here to say that things have gotten only marginally better. Phone service has been restored. Patient records have not. Beyond the huge implications involving corporate responsibility to protect private patient info, this is worrying purely from a business perspective. If scheduling and seeing patients is their main revenue source, this paralyzation is a devastating blow to their bottom line.
A Sincere Question
Here’s a sincere question for any business owner to ask: how much complete downtime can your business survive? Two weeks? A month? There is a reason that 60% of businesses that are hit with a cyber attack never fully recover. First, it’s expensive to fix, whether you choose to pay the ransom or have an expert rebuild your systems. Second, the aforementioned downtime only compounds the problem, as your business continues to incur employee and other costs until you are back on your feet. Last, you have a legal and ethical responsibility to inform anyone who relies on your data of the breach – which is a bad look, perhaps even a reputation killer.
Imagine Dragons
Your cyber security is only as good as its weakest point, whether that’s a user who is prone to indiscriminate link clicking, an aged router, or incomplete backup practices. That’s why you need a Business Continuity Plan. This is exactly what it sounds like, a way to ensure that your operations can keep running with minimal downtime in the event the worst happens (cyber attacks, natural disasters, human malfeasance, or maybe something you haven’t thought of yet). Ours at Alchemy Group, which we have tested in a real-world scenario, had us back up and operating from home in about an hour, with no data loss. While there are never any guarantees when it comes to this sort of thing, we feel pretty good about that outcome.
Don’t Wait Until It’s Too Late
When it comes to FileMaker database solutions, we can help with your planning. We will work with your IT professional to craft a customized plan, with your FileMaker solution at its core. Contact us today to discuss. Whatever you do, you should commit to having a comprehensive Business Continuity Plan in the new year!
