Is Healthcare Compliance Enough?

Is Healthcare Compliance Enough? 600 328 Greenlight Managed IT Support Services | Sydney | Melbourne

The healthcare industry is a top target for cybercriminals. Healthcare providers hold patients’ personal and financial data. Plus, they offer a critical service and could be more likely to pay ransom to get systems back up and running. Recognizing the threat, industry regulators have instituted cybersecurity standards. Noncompliance is costly, but the real question is whether meeting the standards is enough.

With growing threats to the healthcare industry, meeting compliance standards is important. Achieving compliance with industry standards indicates a healthcare provider has met the minimum, but this still may not be enough.

Compliant, after all, does not mean cybersecure, not as rigorously as required to protect patient data and electronic health records, or to avoid the damage of a ransomware attack or system downtime caused by another type of virus.

Consider who is making the rules about compliance. How agile can they be? Industry-wide standards are not established quickly. That means medical compliance will never be able to keep up with the pace of change in cyberthreats.

Healthcare Compliance Focal Points

Healthcare compliance focuses on specific components of cybersecurity and patient privacy. There are rules about:

  • who can access patient data;
  • controlling and tracking access;
  • using and disclosing patient data;
  • how to safely store and or discard personal and financial data;
  • steps to take if a breach is detected;
  • training staff with access to protected data.

Nevertheless, thousands of compliant healthcare organizations still get breached every year.

Why You Need More than Compliance

It is important to note that compliance protects the healthcare user first. Securing the healthcare provider’s environment means authenticating users, encrypting data, and more.

Reacting to the latest compliance policy statement from the industry regulator isn’t enough. Protecting against new threats also means keeping up to date on the latest.

If that sounds like a lot of work, it is.

Healthcare providers want to keep patients healthy and protect their health. Who has time to learn about new cyber exploits, inventory technology, or audit systems?

Working with a managed service provider (MSP), healthcare providers gain a valuable partner. An MSP can do a risk assessment. These IT experts can also recommend the best data backup, plus, assist with business continuity planning. They can watch all access points in the healthcare environment. Beyond desktops this can also mean:

  • mobile devices such as tablets or cell phones;
  • Internet of Medical Things devices, including digital stethoscopes;
  • third-party system integration.

Partner with an MSP that understands healthcare cybersecurity – that’s both compliance and technical, physical, and administrative safeguards needed. Doctors want their patients to be proactive in disease prevention. An MSP takes action in advance to avoid cyber viruses and keep data secure. 

Hey You, Get Off the Public Cloud

Hey You, Get Off the Public Cloud 600 329 Greenlight Managed IT Support Services | Sydney | Melbourne

The Rolling Stones sang, “Hey you, get off my cloud,” yet businesses might want to think instead about leaving the public cloud. Weigh these possible public cloud concerns against the advantages of alternate cloud solutions.

When most people think of the cloud, they are thinking of the public cloud. Apple users are on its iCloud. Others may be storing files on Dropbox, OneDrive, Google Cloud, or other services. These all typically have a free level of service. You can pay a monthly fee to upgrade based on the resources you use. [Also please remember that if you are not paying for the product, then you are the product!]

Cloud data is easy to store and access. This can enhance business productivity and efficiency. Added advantages of hosted cloud services – public or private – include the following:

  • Speed. Hosted cloud services come on demand or self-service. It’s possible to have cloud resources up and running in a matter of minutes.
  • Performance. Cloud providers focus on running secure data centers with the latest infrastructure. It’s their job to worry about hardware setup, software patching, and network reliability.
  • Scalability. Add cloud capacity without buying equipment or software, or training employees.
  • Mobility. Employees can access the cloud from anywhere, on any device.
  • Disaster recovery. Providers build in redundancies to ensure uninterrupted service.
  • Responsibility. You don’t need to invest in on-site equipment, maintenance, and management.

Yet there are some drawbacks to the public cloud. The public cloud is affordable because businesses share resources. The cloud service provider relies on economies of scale. They bring many businesses together for the same services, and it all adds up. But if you’re in an industry with high compliance requirements, the public cloud is a risk.

Advantages of the Private Cloud

The private cloud offers the same benefits as the public cloud – and more.

A private cloud solution is dedicated to your business: yours is the only data on the server. This is a more secure solution offering greater visibility and infrastructure control.

A private cloud can be on- or off-premises. On-premise, your IT team sets up, manages, and maintains the cloud infrastructure. Off-premises, a cloud services provider customizes a dedicated and secure cloud.

The private cloud is appealing to regulated industries such as healthcare and financial services, or those needing strong controls. Costs will vary depending on your requirements but allows businesses to easily access data, applications, and backups, and with reduced security risks and the ability to meet those compliance requirements.

Cloud Flexibility with a Hybrid Option

A third alternative is the hybrid cloud. The business takes advantage of both public and private cloud solutions. You decide which apps and data workloads need more security. Meanwhile, the public cloud is available to offer cost savings and efficiency, plus, it can be a backup for sporadic traffic spikes.

The hybrid option, though, requires strong integration between private and public cloud deployments. Managing the mix of architectures can prove challenging.

Understanding the difference between these cloud offerings can help you choose the best for your business.

Need help migrating to the cloud or changing your cloud solution? Our IT experts can help you weigh the trade-offs and determine the best one for your needs. Contact us today to talk about your cloud options.

Do More with Microsoft Forms

Do More with Microsoft Forms 600 329 Greenlight Managed IT Support Services | Sydney | Melbourne

Most people are familiar with their Microsoft 365 subscription providing Word, Excel, Outlook, PowerPoint. Those are the familiar options. But Microsoft is always evolving its cloud-based services. Microsoft Teams is a chat-based workspace integrating people, content, and tools. There’s also a Planner, To-Do application, Flow for managing notifications, and Power Bi Pro analytics. That’s to name just a few.

Another good one to get comfortable with is Microsoft Forms.

Microsoft 365 Forms Makes Data Collection Easier

Microsoft Forms allows your business to create surveys, generate quizzes, conduct polls, and capture data.

This easy-to-use application simplifies form creation: you simply select “New Form” or “New Quiz,” input the form details, add images if you want them, and you’re ready to go. You can click and drag to choose your question types from multiple choice, text, rating, or date options.

Ready-made themes allow you to pick different colours or graphics to personalize your survey. Before you go live, you can also preview and test your survey. You can even share with a colleague to collaborate on the survey design.

It’s that easy. In a few minutes you can create the tool you need to:

  • collect employee input;
  • measure customer satisfaction;
  • poll your team about how they feel about returning back to the office;
  • quiz employees doing virtual learning.

Once you have your finished link, you can paste it into an email, post it on social media, or put it on your website. You can also generate a QR code for mobile device use.

Get Results with Microsoft Forms

OK, you’ve shared your new survey, and the responses are raining down on you! There’s a dashboard for that. You can track the number of responses and average completion time. Plus, you can drill down into particular question data.

For any question, you can display your results in charts or graphs for that PowerPoint.

Since this is part of the Microsoft suite, Forms integrates with Excel, too. You can import the data there to leverage the full power of Excel’s analysis tools.

If you want to get even more advanced, upgrade to Microsoft Dynamics 365 Customer Voice. Formerly Microsoft Forms Pro, this application helps you gather real-time customer feedback.

There are plenty of survey tools available online today. SoGoSurvey, SurveyMonkey, or TypeForm are top examples, but free versions can limit the number of questions or respondents surveyed.

Microsoft Forms integrates with other Microsoft 365 tools in your subscription. For quick intake or call center satisfaction, Forms is an intuitive application. It’s easy to keep in touch with customers and employees.

You can do more with Microsoft 365. We can help. Our IT experts get to know your technology and business needs, then we’ll identify the Microsoft 365 tools that can simplify the work you do. Contact us today!

The Importance Of Creating A Digitally Cultured Workplace

The Importance Of Creating A Digitally Cultured Workplace 600 315 Greenlight Managed IT Support Services | Sydney | Melbourne

In this article, Tony Holbrook helps you to identify the ‘Why’, the ‘Who’, the ‘What’ and the ‘When’ to help take your organization to the next level of a digitally cultured workspace. If you haven’t yet started, the time is NOW! He writes, “I can’t stress enough how important it is to start now. Begin with the team you have in place and assess current talent. Benchmark where you are, identify the personnel we talked about above and then do what you need to do to nurture them into more proactive roles in the right projects.”

Read More…

Remote work from home

Top 6 Tips for Effective Working from Home

Top 6 Tips for Effective Working from Home 1920 753 Greenlight Managed IT Support Services | Sydney | Melbourne

With the outbreak of COVID-19, we are increasingly having conversations with our clients about working from home, so we thought it timely that we share some of our recommendations to help us all get through the next few months with as little disruption to business as usual as possible. While every business is different, here are just a few of our suggestions to help enable more flexible work places.

1. Make effective communication your top priority

This is more of a leadership issue than technical, but it is extremely important for your staff to know what is expected of them. Create a detailed list of what you expect from each team member working from home. List the activities required to do their job well, then have a discussion to ensure that everyone is on the same page. Once these are in place, use the collaboration tools mentioned below to keep things running.

2. Ensure that your team are ‘work from home’ ready

It is very easy to assume that everyone has fast internet and a quiet place to work uninterrupted. Not everyone has NBN just yet, and ADSL might not be good enough to collaborate on large files, so the tools and way we interact as a team needs to be considered. Home environments are also an issue. It might be the case their partner is at work and children are at school and they can work quietly and effectively from their apartment, but circumstances can change rapidly. 

Is providing your staff member a laptop and using 4G a consideration?  Do they need a second monitor, or an IP voice handset, or even a mobile phone? The way we managed this internally was to set up a shared spreadsheet, and asked everyone to update their individual situation to finalise the logistics of what each team member needs to enable them to work from home effectively.

3. Choose and implement the right communication & collaboration tools

Having a quick chat to the person in the cubicle, or quick team meeting is now going to have some challenges. Fortunately, there are already a number of collaboration tools to choose from. Email is great, but online chat, and video conferencing tools will help even more. Many vendors are also assisting by offering free access for the next few months. Some tools to consider include:

4. Think about how you will share files

Once we solve the team communication problem, the next challenge is how do we access our documents and file shares. Unless you already have a Remote Desktop or Citrix environment, this will pose some unique challenges. But there are options:

Option 1: Configure a dial-in VPN to the office and get your IT support team to map a network drive from your file server. 

With this option, your remote workers will see their G: drive (or whatever letter you choose) from their home PC just like they would in the office.   Only downside is that accessing large files can be slow, and is contingent on the internet speeds at the end users’ home, and more importantly at your office.  If your office still runs on ADSL, this is probably not a viable option. Security is also a concern with this option as although the VPN ensures data transmission from home to office is secure, you cannot always guarantee that a user’s home PC is not infected with any number of malware or even worse – ransomware – that could easily impact the server data over the VPN. A robust business-grade anti-virus/anti-malware installed on home user’s PC is essential in this scenario.

Option 2: Use a cloud-based file sharing platform

Dropbox, Google Drive, Microsoft SharePoint Online, and OneDrive for Business can help. They will keep a copy of your work files in the cloud and both Google Drive and SharePoint Online allow simultaneous user collaboration of files. Microsoft Teams also allows this (since it is built on SharePoint Online).  If these tools are not already in place, have a chat to your IT team about getting it set up correctly to avoid problems in the future, especially when it comes to who has access to what files, as by default everyone will typically have access unless the structure is configured correctly from the start with specific permissions.

Option 3: Take a copy of the files and try to reconcile later

Our least preferred option would be to copy a batch of files to a USB drive and take them home.  Obviously, this has major security implications if the company data is lost or intercepted, as well as the problem of merging back the changes at a later date (which would be an extremely time-consuming process). This should only ever be considered as a last resort, and not recommended.

With any of these options it is also important to consider how you will continue to back up company data once it has been dispersed outside of the normal server infrastructure to either a cloud-based platform, home PCs or a combination thereof. With cloud-based platforms like SharePoint Online and OneDrive, products like Datto SaaS are perfect for ensuring back ups continue no matter how many staff the company data is shared with. If the data is being stored directly on home PCs this becomes more difficult (but not impossible) however company data stored in this way is not recommended.

5. Think about how you access applications

Once we have access to the raw data, we need some software both for the documents and your unique line of business applications. For Microsoft Office documents, customers with Office 365 Business Premium or E3 may be entitled to download and install an instance on their home computer.  Otherwise licensing might be a problem. Talk to your IT team about your options.

For your business applications, generally you won’t be licensed to run them from home and you probably have a server in your office where the database resides. So your options are: Use or create a Remote Desktop Server, or potentially remote control your office PC.  There are a number of ways to implement this, with varying security considerations, so it is best to talk to your IT team about what the best option with the least risk is for you.

6. Think about your processes

Some roles are more suited to remote work than others so we might need to adapt the way we manage and allocate work. Line managers may need to have daily morning huddles with their team and potentially break work down into smaller, more manageable pieces. Goals and tasks might need to be tracked in a shared spreadsheet or an online tool like Asana. If you don’t have scorecards for your team now is the time to implement them.

With a bit of planning businesses should be able to get through the next few months without too much of an impact on productivity from your remote teams working from home. Keeping in mind government and health official advice changes daily and no one really knows how prolonged this crisis will be. However once this crisis is over the way we work may be changed forever.  If you have any questions about the suggestions in this article please reach out to us.  As always, at Greenlight we are here to help.

Mandatory Data Breach legislation: Do you have a Data Breach Response Plan?

Mandatory Data Breach legislation: Do you have a Data Breach Response Plan? 1000 450 Greenlight Managed IT Support Services | Sydney | Melbourne

[one-half-first]22 February 2018 is fast approaching, and with it the new Data Breach Laws.

If you run a business, you need to be aware of your obligations under this new law.  One part of this obligation could be to have a response plan. Failing to disclose a breach can leave individuals and business subject to significant fines for non-compliance. So what should a plan look like?[/one-half-first]

While every plan needs to be tailored to the individual business needs, some common things to consider in your plan might include:

  1. How to determine a suspected breach?
  2. What should the staff member who detected the breach do?
  3. What should the Company Directors do?
  4. How do you contain the breach?
  5. How do you determine the risks associated with the breach?
  6. Who needs to be notified?
  7. How do you prevent further breaches?

The legislation does vary across industries, so it is also worth checking with your relevant industry association as to what you may need to do.  If you are in the Financial or Medial industries, you may also have additional obligations.

From an IT perspective, we believe that prevention is also imperative to reduce your risk.

There are a number of strategies and technologies that Greenlight has put in place that can significantly reduce the likely hood of your systems being compromised. Some of the technologies we already deploy for our clients include:

  1. Penetration tests – when was the last time a ‘white hat’ hacker tried to breach your network?
  2. Phishing campaigns – We have software to send fake malicious emails and provide video training to anyone who gets tricked into downloading our fake malware.
  3. 2-factor authentication – to increase password security by requiring a second form of authentication, such as a mobile device.
  4. Mobile device management – So we can remotely wipe your phone or laptop if it gets lost or stolen.
  5. Single Sign on – a system to sign onto every cloud platform with a single login, meaning that your users never need to know more than one password.

There is no silver bullet, the threat landscape is constantly changing, and the rise of crypto-currencies and ransomware is only adding fuel to the fire.  However if you combine all of the five items above, the your systems will be harder to compromise and an It team may be able to mitigate any damage quickly, thus protecting your business.

If you would like help in formulating a Data Breach Response Plan, or improve the security of your systems in response to this new law, please talk to your Greenlight account manager or contact our sales team for further assistance.

Business intelligence

What is business intelligence? And does my small business need it?

What is business intelligence? And does my small business need it? 1000 667 Greenlight Managed IT Support Services | Sydney | Melbourne

Business Intelligence, also known as BI, is becoming essential for enterprise-level operations. But what about small businesses? Does the cost provide real value, or is it simply unnecessary unless you plan to scale up?

The answer is surprisingly pleasant: as essential enterprise services such as BI move to an SaaS model (Software as a Service), the cost of entry is significantly lower than ever. There are even free versions of highly functional BI platforms that allow any small business to access BI benefits without the need to hire specialists to decipher its deliverables.

Small businesses are producing more data than ever

As business technology becomes more accessible, every point of contact, every single keystroke produces actionable data. From omnichannel customer service to eCommerce to logistics and fulfillment, every single business that operates online in any capacity produces thousands of trackable digital insights every day, insights that can easily translate to process improvement and optimization through each layer of business activity.

In the past, tracking this data was almost impossible, unless a company had the resources to retain an entire team to chase each node, then analyze, and then recommend improvements. Often, by the time these insights landed on a decision-maker’s desk, the data was outdated and the action that may have been effective yesterday was moot today, as that ship had sailed on.

Today, businesses of any size have the ability to access this data in real-time so real change can actually happen in a timely manner. Missed opportunities become a thing of the past once we have gotten our heads around what is going on “in the now”.

What will BI do for my company?

What BI does, essentially, is it collects your company’s digital data and translates it into easy-to-understand reports that you can set up to run on your schedule: hourly, daily, weekly, monthly, whatever you deem necessary for your needs. Company decision makers can then access and leverage that information into smart, timely business decisions that can make all the difference in this competitive global marketplace.

Your digital data is an asset

Your BI software ties into all your company’s essential functions – at least, all those that depend on software or an application to manage it. Examples include accounting and payroll, customer support and help desk operations, your CRM, sales, marketing, logistics, and fulfillment.

Once you have identified all the software your company uses to operate, you will need to map out how your data is generated and where that data is stored. With this information in hand, you are ready to connect to a BI solution and translate that data into valuable, actionable insights.

SaaS BI tools are affordable for small businesses

BI tools on the market today are largely self-service, which makes it easy to manage without an on-staff business analyst to decipher its output. In fact, many of the leading BI providers offer a free or low-cost entry-level version that provides enough functions and value to satisfy many businesses, and it’s a good place to start. If you find you need more than the free version provides, upgrading is a simple task.

Top BI tools for small business

If you are dipping your toe into the BI space, you’ll quickly find that there are a dizzying number of choices out there for you to try. For free entry, you might want to check out some of the open-source BI platforms that are available. Like other open-source platforms, they each have a massive developer community from which to pool answers. Some may require a little coding knowledge to set up, customize and update, and some are a little more user-friendly.

BIRT is an open-source BI tool that is widely used throughout Australia, and with 2.5M developers and 12M users worldwide (including Cisco and IBM), you won’t find any lack of endorsements.

Microsoft Power BI is the free version of Microsoft’s BI platform, and can be upgraded to Power BI Premium for heavier data volumes or to add company-wide and peer distribution functionality. If you are already a Microsoft Office 365 or Sharepoint user, Power BI offers seamless integration and report output to systems you already know and love like Excel and Word.

Greenlight-ITC powers your small business BI needs

If you would like to speak to one of our technicians about which BI solution is right for your small business, call today. We’d love to be a part of your success story.