With cyberattacks on the rise, especially in the healthcare field, it is crucial to keep your digital information under lock and key, including your passwords. It’s best to store passwords just as you would store your personal and patients’ information. They are just as, if not more important.
But how exactly do you securely store your practice’s passwords? Everyone seems to have a different method, but not all are effective. In fact, many of these storage systems aren’t in compliance with healthcare regulations or even as safe as you may think.
Pen, Paper, and Password Theft
Perhaps you’re more old school and remember your passwords best by writing them down. This is fine as a memorizing tool (so long as the written passwords are safely disposed of after) but should never be used to store passwords. Whether these passwords are written on sticky notes on your desk or in a notebook in a drawer, this method of password storage is the least secure. There is nothing standing in the way of someone else walking into your office and taking the keys to all your information.
Phone Storage and Notable Issues
Maybe you prefer easy access to your passwords and store them on a note taking app on your phone. The phone has a passcode on it for security, so the passwords inside are safe, right? It depends on how strong your phone’s passcode is. A simple four-digit passcode won’t be enough to stop a hacker set on getting your information.
Let’s say you have updated your phone’s password to be long with plenty of numbers and unique characters. That’s a great practice, but it doesn’t mean your notes app is safe. Cybercriminals are getting more proficient every year and have a wide variety of tricks to obtain your information. From phishing attacks to fake update messages to direct password hacks, you must be extremely vigilant about your phone’s security. Especially if it holds the passwords to sensitive information regarding your patients and practice.
Digital Documents Lack Encryption
Like a note taking app on your phone, a document on your computer lacks the proper protection for password storage. You may be able to add a passcode to lock the document in addition to your computer passcode. However, these are only effective if the passwords are strong and different from each other. Reusing passwords is common, but hackers know this and can access multiple accounts if they can guess the right phrases, putting your practice in jeopardy.
Another issue not just with digital documents but with all the above-mentioned ways to store passwords is that none of them encrypt their information. In other words, none of these options convert your passwords into an unintelligible form only you can read with a passcode. If someone can see your storage system, they can read your practice’s passwords and steal your information.
Password Managers Can Save the Day
With so many uncertain ways to store passwords, what are we to do? Simple, use a password manager. They are the best defense against password theft. At Strategy, we use and recommend the program LastPass to store and share passwords securely. But how are these password manager programs better than the storage systems already discussed?
First, password managers like LastPass store your practice’s passwords in a secure, encrypted vault. Even your master password, the one used to log into the vault, is encrypted so no one can see it but you. Not even LastPass can see what your passwords are, ensuring you are the only one who knows your information.
Say you need to share that information with a co-worker. LastPass can be used by businesses to safely store and share passwords. Team members can be added and removed from your practice’s account so no unauthorized personnel will have access. Passwords are stored in an encrypted vault and labeled so you and your team members can easily find the right password.
Some password managers like LastPass also help prevent major catastrophes. By monitoring the dark web, LastPass instantly alerts users if there have been any breaches in their password security. This way businesses can act fast and recover as quickly as possible.
Need Help with Your Password Management?
To keep your company and patients’ information safe, you should only use the best practices to store passwords. Traditional methods like paper and pen or digital files aren’t as secure as you may think. Do you really want to risk it all? A surefire way to protect your practice’s passwords is to use a password manager like LastPass which keeps these phrases locked in a digital vault, encrypted so that only you can read them. Unless of course you decide to safely share your passwords with co-workers. And if your passwords are somehow breached, LastPass will notify you immediately to mitigate the potential damage. With a password manager you don’t have to remember countless passwords to your systems and can instead focus all your attention on your patients.
Need help keeping your passwords and data safe? Strategy can help! Schedule a free consultation today to discuss all your cybersecurity needs.
