" security Archives - Page 4 of 8 - LuxSci

Posts Tagged ‘security’

Application Specific Passwords / Login Aliases at LuxSci

Thursday, December 14th, 2017

LuxSci now supports the creation of “application-specific passwords” for individual user accounts.

What are these?  The are essentially “login aliases.”

Increase your security through application-specific passwords
Users can create distinct username/password combinations for use with different applications, devices, or for shared account access.  These login aliases can have limited privileges; for example, granting access only to email or only to web site file storage.  Use of application specific passwords can greatly enhance user security.  In this article, we will discuss application-specific passwords, what their benefits are, and how to use them effectively.

Read the rest of this post »

Tags: application password, login, password, security
Posted in LuxSci Library: Security and Privacy
No comments »

WordPress & HIPAA – can these coexist?

Monday, October 23rd, 2017
For a deep dive, see our white paper: Securing WordPress

As we discussed in an earlier post, WordPress, despite its vulnerabilities, is the world’s most popular content management system for both blogging and creating web sites.  It is popular because it is quick to set up, easy to administer, with a very large choice of plugins for add-on functionality, and themes for making the sites look good.  As a result, many LuxSci customers use WordPress in one fashion or another for their web sites hosted at LuxSci.

As LuxSci caters to a large segment of customers who have specific compliance needs, specifically HIPAA compliance, we are frequently asked about using WordPress in a medical provider setting. Given the information about WordPress vulnerabilities, the question usually asked is whether a site created using WordPress can secure access to electronic protected health information (ePHI) in a way that meets the requirements of the HIPAA-HITECH regulations.

WordPress for HIPAA-compliant sites?

Such questions are reasonable because although WordPress has many great features that make it quick and easy to get a web site running, it is still a third-party tool which is not specifically designed to conform to HIPAA standards. When using any third-party software, you should be aware of the associated risks that are out of your control. Vulnerabilities in WordPress can disrupt your site’s availability, perhaps even lead to a breach of protected and private information. Even if it is the WordPress software that’s at fault, the responsibility for any security lapses still falls on the site owner.

However, it is not all doom and gloom. The short answer to the question posed in the title of this post is “yes”. It is possible with care to build a site with WordPress (including plugins and themes) that is secured in a way that meets the requirements of the HIPAA security rules. The remainder of this post will discuss how this might be achieved.

Read the rest of this post »

Tags: hipaa, security, wordpress
Posted in LuxSci Library: HIPAA, LuxSci Library: Web Design and Programming
No comments »

Securing WordPress sites

Tuesday, October 17th, 2017
For a deep dive, see our white paper: Securing WordPress

We have written posts describing WordPress vulnerabilities and the methods hackers use to exploit these. In this post, we describe steps by which a web site owner can mitigate the risks of using WordPress as a content management system. After all, it cannot be denied that WordPress remains the most user-friendly tool for creating and managing both large and small websites, as shown by its enormous adoption rate.

There is a very rich literature describing WordPress vulnerabilities and ways to harden a system against exploits. Here we distill some of these learnings into a practical guide for WordPress-based web site owners. We specifically have in mind small to medium-sized medical practices that wish to use WordPress to create (or maintain) their online portal for patients. In a future post, we’ll describe how such steps can meet HIPAA-HITECH guidelines for safeguarding electronic protected health information (ePHI).

We describe these steps in a layered way – starting at the bottom with the hosting server infrastructure, before moving to the WordPress platform itself and other applications.

Read the rest of this post »

Tags: security, wordpress
Posted in LuxSci Library: HIPAA, LuxSci Library: Web Design and Programming
No comments »

6 Telehealth Privacy and Security Essentials

Thursday, September 21st, 2017

HIPAA covers telehealth but does this make it safe? Learn the measures that ensure patient safety and privacy while using a virtual doctor visit program. 

Over the past few years, the rise of telehealth in healthcare has transformed patient-doctor interactions. Nonetheless, the privacy and security of protected health information (PHI) remain a big question. These concerns make sense because new technology often comes with new challenges.

Luckily, every problem comes with a solution. Thus, making a few smart choices can work wonders to keep the patient data protected.

Read the rest of this post »

Tags: ePHI, hipaa, HIPAA-compliant video conferencing, privacy, security, telehealth, video conferencing
Posted in LuxSci Library: HIPAA
1 Comment »

Why Should You Bother with Information Security? Isn’t Everything Hackable Anyway?

Thursday, June 1st, 2017

With the ever-increasing flow of large-scale hacks, many seem resigned to the fact that its only a matter of time before they get hit too. Security and its challenges have fully penetrated mainstream thought. Everyone knows that the CIA, the FBI, Russia, and even the hacker next door can break into your computer or phone, hijack your router, intercept your traffic, and take over your life.

In response, there has been a huge cry for better training, more secure software, secure email and secure texting. Basically, security everywhere. But if the hackers and agencies are really this powerful, why should you bother?

Cynbersecurity

Are security services and products worth anything these days? Do they actually provide any protection? Or are they the emperor’s new bullet-proof-vest? It is surprising how many people have come to accept a complete lack of security. Some seem to use this as an excuse to avoid technologies that could benefit both their personal and business lives.

A great example comes from a dentist who was interested in sending notices to his patients via text, but resigned himself to “not bothering” as there is “no way to secure these things, anyway.” While that may be true in an absolute sense, it is not true practically.

In this article we will examine the reasons why we should bother with security and how it can help us in our personal and business lives.

Read the rest of this post »

Tags: compliance, cybersecurity, hackers, saas, security, threat
Posted in LuxSci Library: Security and Privacy
No comments »

« Older Entries
Newer Entries »