The Questions to Ask When Hiring an IT Security Consultant

by Jessica Thiefels, VP of Community Management for PolySwarm. Learn what questions to ask when hiring an IT security consultant, including insight from Alvaka Networks CEO, Oli Thordarson. If you can’t afford an in-house IT security team, you have to look [...]

The Questions to Ask When Hiring an IT Security Consultant2018-06-29T15:22:40-07:00

40% of Hospitals Self-Declared as Struggling Financially Due to IT Problems

94% of the surveyed hospital CFOs self-identified as “struggling”, report that delayed or failed implementations in other IT systems, particularly EHR, have drastically impacted the organization’s financial position.” 

That is what is says in the third sentence of a  fascinating press release I just read  from healthcare market research firm Black Book Market Research.  The press release goes on to cite a number of other statistics from their research including stats that many healthcare CFOs are expecting to lose their jobs by 2016 and that there will be a trend to start hiring CEOs from outside healthcare.

I have witnessed some of the reasons for the IT troubles at healthcare companies: 

·         Healthcare companies on the whole have been laggards in adoption of fresh information technologies.

·         IT personnel at most healthcare organizations themselves are behind the curve on...

40% of Hospitals Self-Declared as Struggling Financially Due to IT Problems2023-08-11T01:44:11-07:00

Happy Hanukkah, Merry Christmas a Happy New Year to All of You

Thank you so much for all your support in 2014.  We are already planning for 2015.  Many of you may have already gotten calls from me as I contact you to get feedback on a set of 10 questions I [...]

Happy Hanukkah, Merry Christmas a Happy New Year to All of You2014-12-23T23:04:11-08:00

Bonus Depreciation Was Just Raised to $500,000 for 2014

We wrote to you three weeks ago to remind you of your $25,000 for tax deduction and bonus depreciation on certain IT and other assets.  We have a news flash, the senate just passed a bill to raise that accelerated [...]

Bonus Depreciation Was Just Raised to $500,000 for 20142023-08-11T01:46:09-07:00

What nineteen audiences in twelve months taught me?

Navigating Fear in the Security and Compliance World

In advancing technology it is fear of having a project go sideways, over budget or fail to accomplish the stated objective that has many frozen. What if that technology we recommend doesn’t work as we hope? What if it is something required by law (such as encryption in healthcare) that we fear an unknown outcome so much that we won’t act? What if we miss a key component of a project or underestimate the effort required and the entire project goes over our budget?

What nineteen audiences in twelve months taught me?2014-12-17T23:02:14-08:00

Why Will My Company be Listed on the HHS Wall of Shame?

6 Reasons Organizations Fail to Encrypt ePHI

The drumbeat of HIPAA breaches in the media is incessant, and the refrain is the same: yet another PC containing electronic protected health information is stolen, so the organization is compelled to notify patients, Health and Human Services, and the media.  The Office of Civil Rights swoops in, levies a 7 figure fine, and posts the offender on the HHS “Wall of Shame”, resulting in a damaged reputation and loss of future earnings.

Ironically, had the PC’s hard-drive been encrypted, the loss would have been a non-event, unreportable given the Safe Harbor provisions of HIPAA.  And inexpensive encryption technology has been readily available for years.  Yet, 538 or 46% of the 1,171 Breach Notifications posted on the Wall of Shame stem from the simple loss of a computer with an unencrypted hard-drive.

So, if it is so obvious how to correct the deficiency that single-handedly accounts for the most frequent HIPAA Breach Notifications, why don’t more organizations properly encrypt and protect the ePHI entrusted to them?  Here are the six most common reasons we discover during our risk assessments …

Why Will My Company be Listed on the HHS Wall of Shame?2014-12-08T18:10:15-08:00

How Frequently Should I Do a Review or Assessment of My IT Systems?

...this then puts all the burden and stigma on Alvaka, our engineer and our NetPlan program.  That fuels some of the debate we have with some clients.  I remember two separate debates with a controller at a 20 year long client.  He said he “should not have to pay for us to check our own work.”  I have two answers for that objection:

1.        He has two of his own guys that work on his IT system, along with other vendors.  His employees can do things unintentionally, etc.  This is not about checking on our Alvaka engineer.  It is all about checking the overall integrity and operational state of his IT system, which has changing needs over time and changes due to different people touching it.  It is simply a matter of doing a periodic review to make sure nothing is getting missed or looking for things that need to be done a different way.  Changing and updating tape/disk backup jobs to accommodate new servers and software is a classic example.  Without review these jobs don’t often get updated and that leads to tragic results down the road.  I have seen it way too many times in 30 years.  It is preventable.

2.       Even if a client does not have their own IT staff, it is prudent to periodically check IT systems to make sure everything is working right, that the current needs are being met and that important requirements/practices are not getting overlooked or wrongly....

How Frequently Should I Do a Review or Assessment of My IT Systems?2014-12-04T16:00:00-08:00

What Should You Do About IT and Network Security in 2015?

So what should you do at your company?

1.       Identify your most valuable IT systems within your company.  What is the most important data that resides there?  Determine your obligations to protect that data and how important is it that those systems are up-and-running.

2.       Do you have a current network/information security policy in place?  Once you determine which systems and data are most important to protect, developing your policy becomes much easier.

3.       Discover where you are most at risk.  A quick and easy solution is to have someone perform a vulnerability assessment on your system.  Alvaka Networks can help you with this.  Vulnerability assessments are our most common security service we provide.  It makes your work easy.  We will help you match the protection needs of your most important IT assets with the vulnerabilities identified in the vulnerability assessment.  From there you can easily create a roadmap for what you should do to protect you, your company and your IT assets from cyber-attack.

What Should You Do About IT and Network Security in 2015?2024-10-09T05:08:03-07:00

What Do I Do if I have CryptoWall or CryptoLocker?

I am surprised how many people are still calling with CryptoLocker problems.   I have gotten three calls in the past two days from people who have had infected/encrypted Cryptolocker files for as long as three months and they are just now dealing with the issue.  At this point in time I am not even sure paying the ransom will work for victims as the CryptoLocker network was taken down a couple of months ago by international law enforcement and with CryptoWall users only have 30 days to comply with the ransom demands.

So what options do you have if you are like these recent callers?

What Do I Do if I have CryptoWall or CryptoLocker?2014-10-13T21:22:18-07:00

How Do I Stop Being a Hostage to IT and the Six Reasons We Feel Like a Hostage?

Over the years we have seen many new clients come to Alvaka Networks feeling like they are hostages to Information Technology.  These people feel this way for many different reasons.  Most often the person feeling this way is the CFO, Controller, CEO, COO, IT manager or an IT technician for the most part in that order in terms of frequency.

Why do they feel that way?

It is usually because their systems were:

1.       Poorly designed

2.       They don’t work right

3.       The system is insecure

4.       No one knows what the last guy...

How Do I Stop Being a Hostage to IT and the Six Reasons We Feel Like a Hostage?2020-05-28T15:18:08-07:00