Cybersecurity for Deathcare

Funeral Industry News GROW Management March 22, 2023
Cybersecurity

Cybersecurity for Deathcare

Most business owners have their hands full just running their business; when it comes to managing technology and its details, the heavy-lifting should ideally be left in the highly-capable hands of tech experts.  A wise call, given what’s at stake, and who better for the task than the pros?

But what is at stake with business technology? You’ve heard of “cybersecurity” (the buzzword gets a lot of press), but do you know what it means?  And do you know what it means for you?

It’s not that most business owners need an in-depth grasp of what goes on in the binary depths of their networks, but it is generally helpful to understand the broad strokes of just what is that the tech wizards do. If nothing else, such knowledge imparts a sense of the real value of the service being provided… and it is substantial. (Tech maintenance is not the place to bargain shop.)

Also, importantly, there may be security regulations in your area with which your business’s network measures must comply; qualified tech support can help navigate those requirements.

Protecting Your Assets

A security breach of any business endangers the privacy of its clientele and, therefore, its professional reputation… possibly to enduring effect. Safeguarding reputation and integrity, therefore, should be a primary concern. Losing the confidence of the community can happen quickly, and should be guarded against.

And it’s important to have adequate protection in place to secure electronic transactions, of course.  Select third-party providers (for services such as cloud servers for streaming and payment processing) carefully, for proven reliability. 

Equally significant is the type of sensitive information entrusted to you by your clients. Whether intake is electronic and clients enter their data into your system themselves remotely, or if the data is simply stored internally, the type of information gathered and handled by a funeral home — email addresses and other contact information, dates of birth and death, gender, social security numbers, addresses – would be a smorgasbord for identity thieves. 

How Data Is Stolen

Following are a few common vulnerabilities which are routinely exploited by criminals to access personal data. However, cybercrimes and methods evolve continually; the following examples do not comprise a comprehensive view of potential vulnerabilities, but a small sampling of some of the ways security is regularly defeated.

  • Weak passwords. Weak passwords which are simple to crack provide an easily opened door for bad actors. Educating employees on what makes an adequately strong password then requiring that they use such passwords to access your network can diminish this risk substantially.  For greater security yet, establish a policy of changing passwords every few months.
  • Phishing. This is a common form of fraud where criminals manipulate and trick people into providing sensitive information or money.  Criminals may impersonate relatives, an associate, or another business.  The way they reach victims is through contact information – usually email, texting, or calling.
  • Ransomware. A type of malware, like a virus, which is introduced to your systems intentionally from outside the organization. The purpose is to give hackers access to your network and information while allowing them to lock out proper network administrators. Business networks are then “taken hostage,” with the criminals demanding to be paid (the “ransom”) before they will release control of your systems back to you.
  • Misconfigured systems. Sometimes things just aren’t connected optimally, leaving just enough wiggle room between joints for trouble. 

How to Keep Them Out

A few tried and true deterrents have been proven effective in safeguarding electronic barriers.

  • Keep up with updates to antivirus software and operating systems.  Patches that close discovered weaknesses are issues frequently. Many types of Software as a Service (SaaS) and cloud-based programs generate automatic updates.
  • Train employees on security.  The more your staff knows about safekeeping your data, the greater
  • Perform regular network audits. Professional evaluation of the integrity of the network and firewalls, along with and assessment of any problems is necessary and should be performed at least quarterly.
  • Encrypt sensitive information. Translate sensitive data into code which requires a key to access.
  • Two-factor authentication: Requiring two (or more) types of identification to access certain data. 

A bit of awareness goes a long way.  Appreciating some of what it takes to keep a sensitive network secure reinforces the importance of having knowledgeable tech support in your corner.