Category: Cybersecurity

Screenshot of two-factor authentication setup in hMael

Two-factor authentication now available on hMael

Last weekend the hMael team at Patients First released a new feature in hMael called “two-factor authentication”. Two-factor authentication (2FA) gives a second layer of protection against unauthorised use of your hMael account. Our friends at CERT NZ explain that 2FA “verifies you are who you say you are, by asking for a second piece of information (often a code) as well…
Read more

phishing concept

How to avoid the hook, line and sinker of a phishing email

The damage of a phishing attack can be huge. Learn how to avoid falling for a phishing email with these great awareness tips. Most phishing emails look as if they come from a legitimate bank, government agency, or other such ‘real’ company. They typically try to trick you into handing over your personal information such…
Read more

Passwords on sticky notes

6 reasons to use a password manager

If you write your passwords on a post-it note and hide it in your desk drawer, you need to do yourself a favour and start using a password manager! Our friends at CERT NZ say that “a password manager is like putting your passwords in a safe that only you have the key to.” It’s…
Read more

ransomware concept

Cyber insurance in action: Insights and cautionary tales

In July we invited Petra Lucioli, Claims Manager at Delta Insurance, to share her insights on cyber insurance claims at the PHO CIO Forum. Petra has been looking after cyber insurance claims for six years and had some useful (and frightening) insights to share with us. What is cyber insurance? Firstly, what is cyber insurance…
Read more

Detect security breaches concept

Detect security incidents with the power of logging and auditing

Healthcare has a high risk of cybersecurity incidents because, by nature, healthcare is a system that puts a lot of trust in people. Providers engage in sensitive activities on behalf of patients and need to exchange or access confidential patient information. Outsiders (e.g. hackers) are a threat but, sometimes, insiders (e.g. employees) can be too.…
Read more

Protect your website with HTTPS

Using HTTPS on your website

The ‘s’ stands for secure Enabling HTTPS is the first of four priority measures in CERT NZ’s ‘Protect It’ campaign.  Your patients and customers trust you to keep their information, and the communication you have with them, confidential and safe. HTTPS (Hypertext Transfer Protocol Secure) keeps the information transferred between you and your patients or customers confidential by…
Read more

Step up your website security

Protect It – Step up your website security

Patients First are proud to be participating in CERT NZ’s ‘Protect It’ campaign, aimed at helping New Zealand businesses to improve their website security.  Any healthcare organisation that consumes or provides services using websites must take ownership of the services that they provide or pass-on to patients. Patients First is especially focused on helping you to reduce cybersecurity risks in your businesses and organisations, and urge you…
Read more

Illustration of multi-factor authentication (MFA) process

Why you need to enable MFA for your Microsoft 365 account

Enabling multi-factor authentication for your Microsoft account will give you better protection against attacks and phishing attempts. A single password, which is often weak and used across multiple websites, is not enough to protect your organisation against a cyber attack. If a hacker cracks that password, they will very quickly have access to not only your…
Read more

Doctor video conferencing with patient

How to use Zoom securely

Many people and organisations across the globe are turning to online video conferencing solutions to enable continuity of communication and social interaction. Among this there has been a concerted effort for New Zealand health providers to reduce face-to-face consults in favour of virtual, after the government announced a $20 million investment in telehealth amid the battle against Covid-19.   While there are many video conferencing tools available, Zoom has surged in popularity. With its widespread usage, Zoom has become a major target for…
Read more

Man typing on laptop

Cybersecurity advisory for Telework and Telehealth in response to COVID-19

Coronavirus Disease 2019 (COVID-19) will force many healthcare organisations to consider remote workplace options for their employees (VPN), new ways to interact with their patients (telehealth) and third-party communication (video conferencing/file share). Some options can be secure when implemented properly, though if implemented in a rush or not properly maintained, may pose a significant risk.…
Read more

OWASP New Zealand Day 2020

Buzzing about information security at OWASP New Zealand Day 2020

Don’t let the acronym put you off – we weren’t subjected to any nasty stings at the Open Web Application Security Project (OWASP) New Zealand Day. But we certainly learned plenty about the misconceptions, challenges and harsh realities of information security in New Zealand.  Consisting of a two-day training course and a one-day conference, OWASP…
Read more