WVSOM places importance on cybersecurity

As we become more dependent on technology, are you confident your information is secure?

West Virginia School of Osteopathic Medicine’s (WVSOM) information technology department recognizes the importance of cybersecurity and continues to take steps to increase awareness of the subject among employees and students.

“Battles used to be on the battlefield, but now warfare will be in cyberspace,” said Kim Ransom, WVSOM’s chief technology officer. “When our students go into medical facilities, we want them to be cognizant of their email account information and patients’ data. If we do the right things here on campus, that should carry over when they are in hospitals and clinics.”

October was National Cybersecurity Awareness Month, and WVSOM was recognized by best-selling New York Times cybersecurity author Marc Goodman as the only osteopathic medical school or association to have published information about the topic on its website, encouraging employees and students to educate themselves.

“To date, the only osteopathic medical school which has publicly posted information on their website about these challenges is WVSOM — a great initial effort that should be built upon extensively in the future,” he said.

Ransom said information about cybersecurity is provided on the school’s website all year, but awareness efforts are amplified in October. The school has had cybersecurity information on its website for about five years.

“As the chief technology officer, I want to know our school is secure,” Ransom said. “We place an importance on educating the end user because you’re only as strong as your weakest link.”

Aside from providing information online, WVSOM posts information on its digital signs across campus, releases security tips in the school’s monthly electronic newsletter, hosts internal training on acceptable use policies for staff, flags external emails as possible spam, and has a webpage dedicated to submitting potential “phishing” attempts, or fraudulent emails.

The school also is a member of EDUCAUSE, a technology consortium that supports institutions’ use of information technology to advance higher education. Additionally, WVSOM works with a consultant on a biennial basis to perform an “ethical hack” on internal and external information technology systems.

One security problem that is a bit more difficult to control is phone spoofing, or the practice of altering the caller ID to indicate the call is coming from someone other than the true originator.

“This is when WVSOM is listed in the caller ID but it’s actually a vendor trying to get information. That has been happening a lot because it makes a number look like it’s a local call. It’s not really something we can stop, but we have to be cognizant of the scam,” Ransom said.

Even though WVSOM is the only osteopathic medical school so far to publicly provide cybersecurity information, the school is still creating new ideas to enhance cybersecurity. Ransom said in the next six months, the information technology department hopes to include a button within campus emails that would allow users to directly report phishing attempts. Currently, users must send those to another email address to report them.

WVSOM President James W. Nemitz, Ph.D., said he applauds information technology staff for bringing awareness to cyber safety and for having those efforts recognized by an expert in the field.

“As a medical school, there is so much sensitive information that could be susceptible to theft, but it’s comforting to know that WVSOM’s IT department is taking all the necessary steps to get that information safe for its employees and students,” he said. “Being recognized by Marc Goodman, a best-selling author who has extensive knowledge in cybersecurity, as the only osteopathic medical school to provide this information to its community is simply humbling. It’s great to know that we could be looked at as an example of what schools could be doing.”

Ransom said cybersecurity threats are more common during the tax season, the beginning of the academic year and the holiday season.

“The hackers are pretending to be well-known companies so they can obtain login information to these sites,” she said. “Potential hackers have become quite savvy in their efforts to gain a user’s login information to companies like Amazon, Google and Facebook.”

Date Added: 
Thursday, December 19, 2019