The Paubox Zoom social mixer for October 2024 was a roundtable discussion between Paubox customers covering topics like employee training, Verizon outages, AI and EHR integrations, and, similar to previous months, how AI can help in email security.
What happened:
October's social mixer followed our standard format - a candid, unmoderated discussion amongst healthcare IT and cybersecurity professionals.
This month, we covered product ideas, BIMI, DKIM 2048, and DMARC, how to run a phishing campaign, shared blocklists, multi-factor authentication, and how EHRs are beginning to add AI directly into their services.
Related: Understanding BIMI (Brand Indicators for Message Identification)
Quote of the day:
- "Call IT if anything looks suspicious."
Our takeaways:
- Paubox customers want shared blocklists or blocklist templates
- Employee training is the first line of defense.
- Send fake phishing emails to train employees to look out for email fraud.
- Send regular bulletins of current threats
- One customer has training modules around both email and SMS phishing techniques.
- Most importantly, employees should be comfortable asking IT when an email looks suspicious.
- While only one customer was hit by the recent Verizon outages, all had experienced similar issues.
- When phones are inaccessible, it can block 2FA that relies on SMS.
- SMS is the least reliable form of MFA.
- Use password managers with OTPs or email as a backup.
- Two customers have used StarLink for reliability.
- Everyone agreed the speeds are impressive, and it's a massive help in rural settings and reservations.
- A non-PHI use of ChatGPT is to upload an employee handbook and make it easy for employees to ask questions of the AI.
- Hank.ai was mentioned as a helpful use of AI in healthcare.
- Customers use AI to review regulations and compliance questions.
- Will ChatGPT power their new data center with nuclear power?
- Customers discussed low-tech solutions to hacking and cybersecurity. Sometimes, you just need to turn the servers off.
- Always change default settings on routers and hardware.
- Some sources of cybersecurity advice are:
The bottom line: Paubox customers use a broad range of tools and strategies to keep their email HIPAA compliant, protect their organizations, and find efficiencies.
See also: Our playbook for Zoom social mixers
See also: HIPAA Compliant Email: The Definitive Guide