Important Data Security Tips for Aged Care Providers
As an ISO 27001 certified organisation, we have high levels of data protection. In our current climate, we recommend that you deploy additional measures to minimise potential threats.
We have taken steps to provide high levels of data security as part of our ISO 27001 certification requirements, and e-Tools applications are developed with the latest security measures in mind.
However, several of the measures we introduce are optional, in order to meet different organisational requirements. In light of recent cybersecurity breaches, we highly recommend that you assess and deploy these measures accordingly, to strengthen security and minimise potential threats.
Two Factor Authentication (2FA) or Multi Factor Authentication (MFA):
2FA requires an extra login step on top of the user’s password, to minimise risks associated with compromised passwords. It can reduce the success of phishing and similar attacks, because a second layer of approval is requested for user access to an application.
2FA is fast becoming a standard across many applications and organisations. Examples include the use of Google Authenticator or Microsoft Authenticator mobile app.
reCAPTCHA:
The Google reCAPTCHA service is important to help prevent automated cyber security threats. Triggered upon too many failed login attempts, users will be prompted to verify their identity via the reCAPTCHA widget.
Password complexity:
Enforcing password complexities can significantly increase your protection. You can introduce complexities such as minimum number of characters, inclusion of uppercase, numeric and special characters. You can also select to enforce periodic password changes for added protection.
Azure AD:
Currently available as an integration option with NeRA Cloud software, Azure AD is a secure user authentication solution. Streamline user access to your applications and resources using MFA and/or Single Sign On (SSO).
^ Azure AD is an integration option and is not part of the NeRA Cloud standard package price inclusion. Organisations will need to manage their own Azure AD accounts.
The 2FA, reCAPTCHA and password complexity options were introduced as part of our latest e-Tools Gateway release, so clients can check eGateway v2.0.0.0 Release Notes in the client support portal for setup instructions. Please reach out if you need guidance.
Additional resources:
The Australian Cyber Security Centre (ACSC) is a website that we recommend you visit, as it contains useful general cyber security information.
Image source: Freepik.com