The National Security Agency has released cybersecurity guidance for teleworkers to help enhance security while working from home. The guidance was introduced mainly for U.S. government workers and military service people. However, it also applies to healthcare sector workers offering telehealth services from home using their PCs and smartphones.
There are lots of communication solutions available for consumers and companies with varying offers of cybersecurity protections. The guidance document discusses 9 essential things to consider when choosing a collaboration program. By evaluating each service based on the 9 requirements, remote employees can select the most suitable solution to satisfy their demands.
The NSA highly advises performing high-level security checks to know how the security functionality of every platform works against particular security standards. These checks are helpful for determining risks related with the functions of each solution. The guidance document additionally gives details on utilizing the collaboration services safely.
The NSA wants the guidance to be assessed by all workers who are currently working from home to enable them to make a smart decision concerning the best communication and collaboration programs that can be used to fulfill their particular needs, and for employees to take the actions laid out in the guidance document to minimize potential cyberattacks.
The guidance document entitled Selecting and Securely Using Collaboration Service for Telework is available for download on this page.
The American Hospital Association (AHA) /American Medical Association (AMA) likewise published healthcare-specific guidance for remote employees. This must be utilized along with NSA guidance.
OCR’s Suggested Resources for Helping Healthcare Organizations Fight COVID-19 Risks
On April 30, 2020, the HHS’ Office for Civil Rights recommended a number of resources addressing the present threat landscape. OCR also recommended actions that need to be taken to lessen risks to a good and right level, as listed below:
- FBI guidance in case of COVID-19 phishing attacks on healthcare organizations
- OCR Cyber Attack Quick Response Guidelines
- IC3 guidance on online extortion scams during the COVID-19 crisis
- HC3 guidance on COVID-19 cyber threats
- HHS Health Sector Cybersecurity Coordination Center (HC3) white paper on COVID-19 VTC exploitation