Cyber Security, etc.

[genebrabston]

I have been an Open Dental user for about nine years. All workstations and the server have AVG antivirus loaded. What other precautions should be observed to prevent "cyber harm".

Thanks,

Gene B.

[cmcgehee]

Gene, that's good to see your thinking about this sort of thing. Here are some practices to follow for best security:
-Set a MySQL password
-Make sure your database is not exposed to the public internet
-Make sure the database files on your server are not shared to your internal network
-Don't use your server for anything other than the Open Dental database and A to Z folder (i.e. don't let your staff check their email on it)
-Make sure your router does not allow any incoming requests from the internet
-Encrypt your server's hard drive using something like BitLocker
-Encrypt all your database backups
-If you really wanted extra security, you could use Middle Tier to connect with Open Dental so that you don't have to allow access to the MySQL database across the entire network. https://www.opendental.com/manual/middletier.html

[Manny Ramirez]

Get a commercial grade Firewall, commercial grade Anti-Virus, Business Continuity with Disaster Recovery solution to stores local and cloud images of your server, and a good computer use policy. All of our customers use Watchguard firewalls, our Automated Managed service includes Webroot, automatic Windows and third-party application updates, patch management, and our state of the art DataVault solution. Our Datavault solution includes a local device which takes images of the server three times per day and stores them on a local appliance and in the cloud. Should a disaster strike the server, we can instantly virtualize the latest server image containing no errors or virus infections. We can also run the server in our cloud data center should there be a complete office light out and access your server from the cloud. It is like having a second server waiting online to continue churning out. Lastly, nothing beats common sense. Ask your users to pay attention and use their phones to check their email, pay bills and do the much-needed shopping

[Justin Shafer]

Gene, that's good to see your thinking about this sort of thing. Here are some practices to follow for best security:
-Set a MySQL password
-Make sure your database is not exposed to the public internet
-Make sure the database files on your server are not shared to your internal network
-Don't use your server for anything other than the Open Dental database and A to Z folder (i.e. don't let your staff check their email on it)
-Make sure your router does not allow any incoming requests from the internet
-Encrypt your server's hard drive using something like BitLocker
-Encrypt all your database backups
-If you really wanted extra security, you could use Middle Tier to connect with Open Dental so that you don't have to allow access to the MySQL database across the entire network. https://www.opendental.com/manual/middletier.html

do a security risk assessment (part of HIPAA, sure you done plenty. )