IntroductionTechnology has helped to transformthe healthcare sector because it enables firms to successfully manage theirdiverse information needs.
Moreover, technology has assisted in the developmentof agile, flexible, and scalable structures that help in accomplishing thestrategic objectives of organizations. Healthcare organizations have beenincorporating technology with the aim of reducing workflow activities,improving service quality, and responding to the needs of their keystakeholders. However, the advent of technology has created risks andvulnerabilities to the networks used by healthcare organizations. The differenttypes of threats include viruses, Trojans, malicious programs, and maliciousintruders that might try to steal or alter the critical data of healthcareorganizations. The result is the need for comprehensive cybersecuritystrategies and network security approaches that can be used for protecting andsafeguarding the data of companies from a wide range of threats. Networksecurity should start with clear, precise, and specific goals. It shouldinvolve the complete assessment of the network at periodic intervals in orderto identify vulnerabilities. Furthermore, network security is enhanced whencompanies are able to use technology and administrative practices for achievingthe network security goals.
Medical record companies need to be equipped withthe proper network security strategies. These strategies should focus on usingtechnology and best administrative practices that would mitigate the impact ofthreats encountered in the network. Furthermore, it is critical that networksecurity should be continuously updated in accordance with the needs of theorganization as well as the changing threats. Databasesto be UsedA database managementsystem ensures that information can be properly stored and retrieved by theorganization when it is needed for performing activities. Selecting the properdatabase is an important part of the network security strategy for the medicalrecord company. The selected database is MS Access which is a Microsoft productthat offers robust performance for the company (Peltier, 2016). It can be usedfor meeting the needs of the company because it has security features that canbe integrated with the anti-virus and intrusion detection system installed inthe company for network security. DomainConfigurationThe network securitystrategy will configure the domain in such a way that it strives to establishrights and privileges for each user (Peltier, 2013).
Furthermore, the networksecurity plan will focus on training the users so that they are aware about thebasic security protocols. The domain should be configured in such a way that itis integrated with the network security strategy of the medical record company.OperatingSystems for Client ComputersWindows 10 is thelatest version of Microsoft Windows which should be used for the clientcomputers of the medical record company. It has several types of securityfeatures that could play a critical role in safeguarding against differenttypes of information security and cyber security threats (Peltier, 2016). Itcan be run on PCs, tablets, smartphones, and other computing devices.
It has asuperior system that allows mouse oriented interface and touchscreen optimizedinterface to meet the needs of users. It has Windows Defender Smart Screen that prevents employees from accessingany suspicious website over the Internet (Peltier,2016). The WindowsDefender Application Guard is another built-in security feature that providesadded levels of protection to the network in the medical record company. DataTransmission RequirementsData transmission isone of the most important functions of the network security plan. The securityof information across networks is a major issue that is plaguing the entireworld. The medical record company needs to develop a proper plan for ensuring thatdocuments and information can be exchanged in a secure manner (Raiyn, 2014).
Emailsare the primary method of communication in many firms as they help in thetransmission of information. The data transmission policy should ensure thatsensitive information is not sent through this method. Secure data transmissioncan be undertaken through the use of web based email services that provideencryption for email messages that are sent and received by the medical recordcompany (Raiyn, 2014). This strategy will be beneficial as it will enhance theability of the company to safeguard and protect its networks. The medicalrecord company should strive to use an enterprise level anti-virus system thatcould provide further levels of protection to the entire network. Protectionof Confidential Records and AuthenticationThe process for protection ofconfidential records and authentication must be done by securing the keyassets.
One of the key approaches is that the servers should be providedphysical security so that they can be safe from unauthorized access. Empiricalstudies argue that accidental data loss or theft occurs due to missing devicessuch as portable storage media, laptops, desktop computers, and hard drives takenout from the entire networks (Raiyn, 2014). Properly designated areas for the servers storingthe critical information are needed for the medical records company while it isimportant to develop other policies for the success of the organization. The strategy for protecting confidential recordsand authentication should involve the use of proper passwords by the users. Thepasswords must be used in such a manner that they are safeguarded by theindividuals while the passwords must not be stolen by potential intruders.An access control system for the medical recordcompany should authenticate based on user names and passwords (Alpcan & Basar, 2010). Accessibility toinformation for the staff should be based on their needs and privileges.
Fileaccess permissions should be set accordingly to meet the needs of the staffmembers depending on their roles and privileges in the medical record company. Theadditional role controls can be developed based on the role of the staff memberin the medical record company. Access permissions must be established based onthe above staff roles which will help to provide augmented levels of securityfor the company (Alpcan & Basar, 2010).Process for Storing Informationon Separate DatabasesDatabase security has been considered tobe a vital goal of network security because databases allow users to store andretrieve the confidential data and information of any company. The databases ofthe medical record company can be vulnerable to unauthorized access or misuseby potential intruders, users, and administrators. Another threat is that ofmalware infections that can cause alteration or tampering of the critical data (Ahmad et al, 2014). Databasesecurity can be compromised by performance constraints and capacity issues asusers might be unable to access the systems. Finally, there is always thethreat the programming bugs and design flaws in specific database systems mightlead to problems for the medical record company (Ahmadet al, 2014).
The database security strategy shouldfocus on storing information on multiple databases. This means that backupsystems should be in place for the security of the medical record company. Thiswill help to achieve the highest levels of success as the company will be ableto distribute the data and ensure that proper backup measures are in place inorder to ensure the safety and integrity of the critical data (Ahmad et al, 2014). User access rights, log management, databasereplication, and backups must be part of the network security strategy in thecompany so that sound outcomes can be attained. The proper security policiesshould seek to focus on achieving long term growth and development (Ahmad et al, 2014).ConclusionA database managementsystem ensures that information can be properly stored and retrieved by the organizationwhen it is needed for performing activities.
Selecting the proper database isan important part of the network security strategy for the medical recordcompany. The selected database is MS Access which is a Microsoft product thatoffers robust performance for the company. Data transmission is one of the mostimportant functions of the network security plan. The security of informationacross networks is a major issue that is plaguing the entire world. The medicalrecord company needs to develop a proper plan for ensuring that documents andinformation can be exchanged in a secure manner.
The strategy forprotecting confidential records and authentication should involve the use ofproper passwords by the users. The passwords must be used in such a manner thatthey are safeguarded by the individuals while the passwords must not be stolenby potential intruders. An access control system for the medical record companyshould authenticate based on user names and passwords. Accessibility toinformation for the staff should be based on their needs and privileges.
