General security improvements

Answered

Follow

Permanently deleted user

• January 08, 2020 23:07

Wondering when you will be improving security?

I initially requested improved security about 3 years ago. As we are seeing with the current Ring hacking debacle simple username/password combination is quite simply inadequate.

As the Core Practice system stands it would be extremely trivial for a hacker to access the system. Please would you prioritise current best practice user authentication and restrictions.

We have a statutory obligation to secure and protect our patient's data and also need our business data to be protected.

Thanks guys!!

1

• Official comment

  

  Kenny Ha

  • June 04, 2020 05:56

  Hi Everyone,

   

  Thank you for your feedback, as part of our complete security improvement we have implemented the following:

  Security Improvements

  1. Two-step authentication
  2. Advance User's Device and Location detection.
     • Help user look out for suspicious account activities.
     • Easy to detect if your account was accessed in Russia especially if you have not been there recently.
  3. Restrict user login based on User's Location. Great alternative to two-step authentication on shared computer.
     • Set static internet address for your location to restrict user login within clinic network only.
     • Set static internet address for user home to restrict user login within home network only.
     • Create your own private network to ensure sensitive patient information can only be accessed at approved locations only.
  4. Restrict user login based on time of the day or day of the week.
  5. Receive email notification when user security setting is updated.
  6. Receive email notification whenever login attempts from new devices are detected.
     • This is an extra layer of security to ensure new login attempt is really you.
     • Easy to detect if someone else is using your account without approval.

  Comment actions Permalink
• 

  Saints Dental Management

  • February 03, 2020 05:49

  2 factor authentication should be made compulsory/optional feature for enhanced data security which is a norm now across all websites/emails/business accounts

  0

  Comment actions Permalink
• 

  Warren Yap

  • February 06, 2020 01:24

  Hi Tony and Saints Dental Team, 
  
  Thanks for the posts. I know we have talked with Tony about this one for quite some time. 

  Thankfully, the team's next major update is actually security! 
  
  I can't share dates as to when this will be completed but they are currently planning and working on it as we speak. 
  
  What I can share in terms of what will be within this update: 

  • 2 Factor Authentication 
  • IP address restriction 
  • Automatic timeouts 

  We will be sharing more about this with our customers very soon. 

  Regards,
  Warren 

  1

  Comment actions Permalink

Please sign in to leave a comment.