1. Teach the characteristics of social engineering scams
The more aware employees are of cyberattacks, the more likely they will be able to avoid them. The 5 most common types of social engineering scams are phishing, baiting, quid pro quo, pretexting and tailgating.
2. Make sure attachments are from someone legitimate
Before clicking on an attachment you didn’t expect, confirm with the sender via text, separate email or phone that they actually sent the attachment and ask what the attachment is.
3. Password protection
Train all users to set up difficult-to-guess passwords so protected information is safe from unauthorized users. A solid password policy recommends using passwords with a mixture of letters, numbers and symbols; contains at least 15 characters; and is unique for each account the user owns.
4. Encrypt emails
Encrypted emails protect sensitive communications from unauthorized users. This is especially helpful when communicating via email with patients (and with HIPAA
5. Log off the system
When employees step away from their desks or leave for lunch or the day, they need to log off the network.