Technology is an essential part of our day to day. By becoming aware of possible threats and vulnerabilities, you can help to protect KindHealth as well as yourself.

Tip #1 - You are a target to hackers

We are all at risk and stakes are high to your personal and financial well-being, and to KindHealth's standing and reputation.

• Keeping computing resources secure is everyone's responsibility

• Following the tips below and remaining vigilant, we are all doing our part to protect ourselves and others

Tip #2 - Keep software up to date

Installing software updates for your operating system and programs is critical. Always install the latest security updates for your devices:

• Turn on Automatic Updates for your operating system

• Use web browsers such as Chrome or Firefox that receive frequent, automatic security updates

• Make sure to keep browser plug-ins (Flash, Java, etc.) up to date

Tip #3 - Avoid Phishing scams - beware of suspicious emails and phone calls

Phishing scams are a constant threat, using various methods of social engineering, cyber-criminals will attempt to trick you into divulging personal information such as your login ID and password or banking/credit card information.

• Phishing scams can be carried out by phone, text, or through social networking sites but the most common is email.

• Be suspicious of any official looking email message, phone call, or text message that asks for personal or financial information.

Checkout these phishing resources for details about identifying phishing scams and protecting yourself.

Tip #4 - Practice good password management

We all have too many passwords to manage - and it's easy to take short-cuts, like reusing the same password. A password management program like LastPass and 1Password can help you to maintain strong unique passwords for all of your accounts. These programs can generate strong passwords for you, enter credentials automatically, and remind you to update your passwords periodically.

Here are some general password tips to keep in mind:

• Use long passwords - 20 characters or more is recommended.

• Use a strong mix of characters, and never use the same password for multiple sites.

• Don't share your passwords and avoid writing them down (especially not on a post-it note attached to your monitor).

• Update your passwords periodically, at least once every 6 months (90 days is better).

• Password protect all of your devices.

Tip #5 - Be careful what you click

• Only use trusted, secure web pages when entering personal or sensitive information online. Don't log in to web sites or online applications unless the login page is secure.

  • Look for https (not http) in the URL to indicate that there is a secure connection.

• If attachments or links in an email are unexpected or suspicious for any reason, don't click on it.

Tip #6 - Never leave devices unattended

The physical security of your devices is just as important as their technical security.

• If you need to leave your laptop, phone, or tablet for any length of time - lock it up so no one else can use it.

• If you keep sensitive information on a flash drive or external hard drive, make sure to keep these locked as well.

• For desktop computers, shut-down the system when not in use - or lock your screen.

Tip #7 - Protect sensitive data

Be aware of sensitive data that you come into contact with, and associated restrictions - review the KindHealth Data Classification page to understand data protection level requirements. In general:

• Keep sensitive data (e.g., SSN's, banking information, consumer records, health information, etc.) off of your workstation, laptop, or mobile devices.

• Securely remove sensitive data files from your system when they are no longer needed.

• Always use encryption when storing or transmitting sensitive data.

• Don't keep sensitive information or your only copy of critical data, projects, files, etc. on portable devices such as memory sticks, CDs, etc.

• Don't send sensitive or restricted data via email, text or instant message (IM). These are not generally secure methods of communication.

Unsure of how to store or handle sensitive data? Ask the Security Management Team!

Tip #8 - Use mobile devices safely

Considering how much we rely on our mobile devices, and how susceptible they are to attack, you'll want to make sure you are protected:

• Lock your device with a PIN or password - and never leave it unprotected in public.

• Only install apps from trusted sources.

• Keep your device's operating system updated.

• Don't click on links or attachments from unsolicited emails or texts.

• Avoid transmitting or storing personal information on the device.

• Most handheld devices are capable of employing data encryption - consult your device's documentation for available options.

• Use Apple's Find my iPhone or the Android Device Manager tools to help prevent loss or theft.

• Backup your data.

Tip #9 - Install anti-virus protection

Make sure your computer is protected with anti-virus and all necessary security patches and updates are kept current.

• Shut down or restart your computer at least weekly - and whenever your programs ask you to install updates. This helps ensure software and updates are properly installed.

• If you get an antivirus alert there is malware on your computer, please submit a Service Desk ticket for assistance.

Tip #10 - Back up your data

Back up regularly - if you are a victim of a security incident, the only guaranteed way to repair your computer is to erase and re-install the system.

Additional Tips:

• Use a firewall - Mac and Windows have basic desktop firewalls as part of their operating system that can help protect your computer from external attacks.

• Use public wireless hot-spots wisely - follow these tips for staying safe.

• Be conscientious of what you plug into your computer (flash drives and even smartphones can contain malware).

• Be careful of what you share on social networking sites.

• Monitor your accounts for suspicious activity.

• Bank or shop online only on trusted devices and networks - and logout of these sites when you've completed your transactions.

• Staying safe online tips

...because sometimes you can do everything right and things still happen.

• Report any suspected compromise (hacking, unauthorized access, etc.) by informing your supervisor and submitting a Service Desk Ticket.

• If KindHealth equipment (i.e., phone, laptop) was stolen or lost, also report this to the local authorities.

• See Reporting a Security Incident for additional information.