According to NHS Digital, ransomware attacks on the health sector increased by 44 per cent during the pandemic. With this is mind, it is important to be aware of the effects cyber security can have on clinical risk so proactive measures can be taken.
The global effects of the WannaCry cyber-attack in 2017 shone a light on some of the weaknesses in the NHS’s cyber security. Affecting 80 NHS trusts, the attack halted access to electronic patient records, prescriptions, scans and treatment.
Since then, the sector has looked to improve its approach to digital systems. With the aim to digitalise the industry by 2024, the NHS Long Term Plan has noted that “This will cover clinical and operational processes across all settings… and be based on robust, modern IT infrastructure services for hosting, storage, networks and cyber security."
With the increase of cyber-attacks on the health sector and a greater reliance on digital systems, the NHS and independent healthcare providers should consider the ways modern working relates to cyber security. This includes remote and mobile access. So, what factors help make digital systems safe and secure? We are going to take a closer look at a couple of important features - Cloud-based systems and two-factor authentication.
A Cloud-based system uses the internet to store and access data. This type of software has become increasingly popular for many reasons, including having a stronger security resilience than traditional on-site systems.
The servers used for Cloud-based systems are external to the organisation using it, meaning the digital provider monitors security and updates the system automatically. Providers are able to notice and resolve any small vulnerabilities before criminals have the chance to exploit them.
Data that is stored in Cloud-based systems is backed up on these external servers. This helps to reduce loss or damage to data, as it is saved away from a potentially vulnerable hard drive.
The NHS’s Long Term Plan has also stated that it wants to “Ensure NHS systems and NHS data are secure through implementation of security, monitoring systems and staff education.”
Organisations have a responsibility to remind staff of the vulnerabilities they are exposed to when it comes to cyber security. An example of everyday security that we all use is passwords, and it can be too easy to use the same password for multiple logins. Once a password is known or shared, a cybercriminal can gain malicious access. Staff should be educated on the importance of strong and private passwords, but there is another step healthcare providers can take to help prevent cyber-attacks.
A system using two-factor authentication is designed with an additional level of protection by asking the user to verify themselves using two methods. Two-factor authentication will use a mobile phone app which enables the user to prove that it is them logging in.
For example, when a staff member needs to sign into the NHS Spine, they will start by going through the normal process of logging in. This will then send a notification to their registered mobile phone app, asking them to verify their login. Only then, will they be able to access the system.
What does this mean for smartcards?
The NHS is Europe’s biggest employer, with 1.3 million people employed across England alone, and over 800,000 of those are using smartcards. NHS staff use their smartcards to access various digital systems throughout the day so they can view records and keep in touch with other sectors.
Traditionally, staff would need to carry a physical chip and pin style smartcard to log into various systems. These are easily lost, can struggle to connect (especially when working remotely) and could be shared between staff. In contrast, virtual smartcards avoid these issues by moving the ‘card’ onto a mobile device. And by combining a Cloud-based system with two-factor authentication, virtual smartcards become a safer and faster way for NHS staff to log in.
If you are interested in using an NHS Digital-accredited solution to enhance cyber security, have a look at our Virtual Smartcard. The Cloud-based Software-as-a-Service (SaaS) combined with two-factor authentication is the digital alternative for the NHS physical smartcard. It provides access using the same NHS identity as a physical card, but with enhanced security and flexibility for mobile working.
Get in touch here and we can discuss how we can tailor our Virtual Smartcard to your organisation and help boost your cyber security.