We recently sat down with our resident IT Expert/Chief Technology Officer, Bobby Randolph, for a Q&A about Medcom's IT and security in general.
Interviewer:
Let's dive right in. First question, can you explain the importance of security for a company like Medcom Benefit Solutions?
CTO:
Sure, in our line of work, where we handle sensitive healthcare and benefits information, security isn't just a preference, it's a necessity.
It protects our business and our clients from data breaches, ensuring compliance with regulations like HIPAA. Adequate security measures help maintain trust, which is paramount in the healthcare industry.
Interviewer:
That leads us to our next question. What are some of the key security protocols that Medcom uses?
CTO:
We use a multi-layered security approach. This includes employing strong encryption for data at rest and in transit, utilizing advanced firewalls and intrusion detection systems, and conducting regular security audits and penetration testing.
Additionally, as you know, I try to ensure that all staff are trained in the latest in cybersecurity awareness. I don't know if I'm getting through, but I try.
Interviewer:
I must say that I have learned a lot through the various security shows you send to staff.
Now, shifting focus a bit, what advice would you give to employees about maintaining security in their personal lives?
CTO:
Well, that's a good question! First, everyone needs to be more cautious with their personal information.
Some of the passwords I've seen people use are ridiculously simple. Use strong, unique passwords and use different passwords for different accounts.
Also, enable two-factor authentication wherever possible. Be wary of phishing attempts and stop clicking on everything!
Finally, keep your software up to date to protect against vulnerabilities.
Interviewer:
How should employees handle suspicious emails or security concerns at work?
CTO:
If you receive a suspicious email, don't interact with it. Don't open the email or click the attachment. If you are unsure, contact the IT security team for investigation.
If you're ever unsure about a security issue, it's always better to ask. I try to encourage a culture of openness where everyone feels they can raise concerns about a possible security threat without being seen as overreacting.
Interviewer:
What's one common security mistake people unknowingly make?
CTO:
One common mistake is using the same password across multiple sites.
Doing this can lead to a domino effect of breaches, where one compromised account can lead to others being compromised.
Always use distinct passwords, especially for work-related and sensitive personal accounts.
Interviewer:
Last question, looking ahead, what are some emerging security technologies that Medcom is excited about?
CTO:
We are particularly excited about advancements in artificial intelligence for security monitoring and threat detection.
AI can help identify patterns and anomalies faster than humanly possible, enhancing our proactive defense measures.
Additionally, we're exploring secure access service edge, or SASE, which integrates networking and security services into a unified cloud platform, streamlining our security management.
Interviewer:
Fantastic insights! Thank you so much for your time and for sharing your expertise with us today.
CTO:
Anytime! This was fun! If anyone will take anything from this, let it be to "stop clicking on everything!"