Emergency Preparedness
Appendix H.4 – CYBER ATTACK
Kern Medical Emergency Preparedness CYBERATTACK Connected Devices Personal computers (PC’s) •
Change passwords every 90days • Must login to user account each person was assigned • Removal of Group Accounts IE: KMCNurse, OR ,ER etc. • At least 12 Characters with combination of Upper and lower letters/symbols/numbers are used at least 3 out of 4. • Require all staff to lock computers when not in use (Win+L= windows button plus L for locking) • Passwords required for unlocking access computer, email, and remote access . • Do NOT share your password • Do NOT write passwords down where they are easily accessible • Do Not plug USB devices, Phones into PC’s that were NOT issued by Kern Medical Email • Forward any suspicious emails as an attachment to IT that may be a possible virus or request for information (W-2, salaries, etc.) infosec@kernmedical.com • Use up to date version of the attachments, be mindful of sensitive data types: MRN, DEA, SSN and Credit Card Information is prohibited by email policy. Servers • File Servers is attached per profile; please make sure that files are being saved. As well as archived. DO not share files or store personal data in the File Servers. Tablets/Laptops • Require all staff to lock when not in use • Hospital Owned devices will need to be encrypted via HDD • BYOD, devices will need the above as well as passwords for each device and biometric | facial • Passwords required for unlocking access. Smart Phones • Personal Devices must conform to MDM, usage: Download and use of Outlook app are approved. • Password for the devices, 4 or more and touched can be used. • Screen Capture will be disabled in the Outlook Application • iOS device will install Native MDM profile to devices • Android does not apply
Page 221
Made with FlippingBook - Online Brochure Maker