7 Simple Steps for Community Care Organisations to Improve Cybersecurity

In this day and age, it’s inevitable that we leave our digital footprint everywhere — on social media platforms, online banking apps, and even our profile and personal preferences on the mobile apps we use daily.

Even if the security systems for those websites and apps are robust, there is always a risk that hackers can gain access to our personal information and use it for their own purposes. This is why cybersecurity is important, and it starts with the data custodians, which includes Community Care organisations.

Online Scams on the Rise

In February 2021, Singapore Police Force (SPF) reported that online scams comprised 42.1% of all reported crimes in 2020, noting a sharp increase of 14.9% compared to the previous year. Among those scams were banking-related and non-banking-related phishing scams.

“Phishing” is a common tactic employed by scammers to steal banking or personal details such as your login credentials and NRIC numbers. In some cases, the attacker pretends to be a trusted person such as a family member, friend or colleague, and tricks the victim into clicking on a link in an email, direct message or text message. The malicious link would take them to a fake version of a popular website where they will be asked to confirm or update their account credentials. Once the attackers get a hold of crucial data such as usernames and passwords, they will use them to breach a system or account. In another example, clicking the link downloads a file with malicious code. This file will run in the background of your device and create a backdoor for attackers to access your system!

Before you destroy your digital devices, consider adopting these simple steps to avoid or minimise online risks.

Secure Your Digital Devices

Protect inactive devices from unauthorised use by setting up a lock screen on mobile phones or tablets, and locking your computer when you’re away from your desk. While it’s good practice to always lock your devices before you step away, we understand that emergencies do happen. Hence, set a shorter time limit to auto-lock your devices so they remain secured. Remember, lock your devices even if you’re away for a short while because a data breach can happen in minutes.

Update Your Anti-Virus Software

Always install antivirus software on your devices and ensure they are up-to-date. This ensures the threat database can protect your devices against the latest viruses, malware, ransomware, trojans and other threats.

Use Secure Passwords

Use a password manager to help you create and manage logins and passwords for everyone under your care. Alternatively, create unique (and more secure) passwords using descriptive phrases so you can easily memorise them.

Secure Your Networks

IT managers should consider separating your networks for public and private uses, and consider an “air-gap security measure” to physically isolate machines that contain sensitive information such as patient records. You can also customise your router settings to allow varying levels of access for different groups of devices.

Protect Your Ports

Unprotected USB ports are potentially an open door to your system. IT managers should consider disabling them on computers that are for public use or on machines that contain sensitive information.

Practise Safe Browsing

Google Safe Browsing, by default, protects users by warning them when they attempt to visit dangerous sites or download dangerous files. IT managers can add another layer of protection by restricting access to only pre-approved websites on your organisation's digital devices.

Conduct Safety Briefings

Use online resources such as www.scamalert.sg and www.csa.gov.sg/gosafeonline to stay up-to-date on the latest methods of cyberattacks and scam tactics. Schedule regular briefings to share information amongst your team, and talk about ways to protect yourselves from online risks.

Create a Cybersecurity Culture

The greatest fortified wall can be easily undone with the click of a mouse. Together, we can do our part to instil the right practices and attitudes towards information technology in our workplaces, so we can all enjoy cyberspace in a safe and secure manner!