Ransomware Attacks In The Healthcare Industry

May 28, 2020 / in Cybersecurity, IT Trends, / by Number8

Ransomware attacks have become increasingly common in recent years. Individuals involved attack healthcare systems and other installations that contain critical private information to get data that is valuable to their targets. According to recent reports, damages caused by ransomware attacks are increasing, totaling billions of dollars every year. For example, a Boardman, Ohio-based Urology practice paid thousands of dollars to hackers during a ransomware attack in order to get their data unlocked, as reported by Ciso Mag. These attacks take over established systems and only release them when the ransom is paid. Doctors and medical staff are locked out and can't access important patient files, which can place people at serious risk.

Why is Ransomware so Challenging?

Ransomware attacks are challenging because they are very difficult to prevent. Hackers constantly change and improve their strategies and many have resources at their disposal to invade poorly secured systems. The healthcare infrastructure is particularly vulnerable because it doesn't have the best cybersecurity. Ransomware attacks may happen when employees accidentally download malicious code into a hospital's systems. For example, something as simple as opening an attachment from an unknown source can create a dangerous hole in your security. Employees receive hundreds of emails every day so it is easier to miss warning signs, which enables malicious code to enter into the IT infrastructure. While firewalls and internet security systems can stop some of these attacks, they can’t fully prevent them. That’s one of the reasons why these attacks have become so common and can even happen to systems with relatively strong security measures in place. Attackers used to target small and less secure IT systems in the past but they have changed their strategy and have become bolder. It is important to take aggressive steps that will help keep these invasions at bay.

How to Secure Your Systems Against an Attack

Stopping these attacks will require strategy and a careful approach. Companies need to come up with a multifaceted response policy that involves employee training, prevention, early detection, planned response to an attack, and strategies for dealing with a locked-down system. Here are some suggestions that can help:

1. Secure Your Systems

The first step to prevent a ransomware attack is to secure the IT infrastructure as much as possible. Install internet-facing security software like antivirus, firewalls, and other such programs. They will act as the first layer of security to block most malicious codes. Make sure essential programs on all devices accessing the company’s network are up-to-date. Software developers release upgrades with protections against the latest threats regularly. Outdated software programs have more security holes than new programs.

2. Control Access

Controlling access is a very efficient way to ensure your systems are more secure. Create multiple levels of access based on an employee’s level of authority in the organization. Make sure people can’t get into sections that aren’t relevant to their responsibilities. For example, a nurse from the cardiology department has no reason to get into the oncology department’s servers. Restricting access as much as possible can help keep vital information secure. Set up privileges for different departments and different levels of employees.

3. Training

Ransomware attacks happen because of ignorance. Many employees don’t know how to detect and avoid malicious code. They unknowingly download these codes onto company servers and create a vulnerable access point. Comprehensive training and regular seminars will help keep employees alert to ensure they remain vigilant.

4. Create a Response Plan

If ransomware code is already in your system, you need to trace it and try isolating it as quickly as possible. A fast response and strong emergency procedures will help protect your information and limit damages. It will also provide IT teams a clear guideline on how to handle the threat. Just paying the ransom isn't enough and it won't make your systems safe. Ransomware gangs maintain backdoor access to their victim's infrastructure for months and may attack at any time if you don't upgrade your security. It pays to stay vigilant and ensure your security is up-to-date as possible. As an information technology company with many years of experience, we’ve helped hundreds of clients leverage technology to become more efficient and increase profits. Interested in learning more? Let’s connect. Send us an email or give us a call at 502-212-0978 and we can get the conversation started.

The Future of Remote Work in a Post-Pandemic World

May 21, 2020 / in IT Trends, Remote Workers, / by Number8

During the current coronavirus pandemic, businesses across the world have had to adapt in myriad ways as in-person services and office spaces have been disrupted. Some businesses have not found ways to adapt and remain closed, while others have been able to change on the fly and continue to operate. Remote work has become a new norm for many. But what does all of this mean for the future? In a post-pandemic world, will remote work infrastructure need to be available indefinitely to prepare for future disease spread? Will some workers simply stay remote?  Let’s take a look at the future of remote work. 

The Future of Remote Work in a Post-Pandemic World

Initial successes and issues during the pandemic

As mentioned, some businesses were much more prepared for adapting to remote work than others. Many tech companies that already had significant numbers of remote workers and work from home policies have found it easy to go remote with office teams. However, industries like manufacturing, where in-person work is essential, have not been able to take the same approach. Many have had to adapt on-site operations to meet social distancing guidelines. Further, many other factors like access to computers at home, employee tech proficiency, company culture, and unaddressed security risks for remote workers have prevented some companies from fully adapting, regardless of industry. 

Where remote work may become essential

There are some industries where cultivating remote work in our newly changed world may be a key to survival and growth. Educational institutions have had to adapt to online learning and working quickly. Many universities have switched to online courses for their current semesters, and some may be moving towards doing the same in the fall of 2020. With potential future outbreaks following the current situation, it’s very possible that remote working and learning may become a new norm at least some of the time for universities.  Healthcare is another industry where remote adaptation has been essential for some. For those healthcare providers deemed non-essential during the pandemic, telehealth has become a lifeline to an otherwise inaccessible portion of their patient bases. Therapists, primary care physicians, dentists, and others have launched remote care options to continue treating and advising patients. During continued shifts in disease spread in the future, this may be the key to making non-emergency care possible.

Disparities in access to remote work

As alluded to before, access is a key part of making remote work systemically possible. Many employees do not currently have the equipment needed to work from home. They may not have the training or familiarity to efficiently work remotely either. Companies that can work to address these disparities may be able to make remote work accessible to more employees.  Additionally, remote work itself is accessible at different levels to different groups of people depending on their industry. While information workers are much more likely to be able to work remotely, service industry workers have a much harder time given the structures of job duties. Macrosocial disparities also impact who gets access to remote work. When you add in just the layers of educational attainment and class, the disparities in the data grow even more. Many workers with a bachelor’s degree or higher have the option to work from home. Those with less educational attainment have the option at a much lower rate. Higher wage white collar jobs often tend to skew towards remote accessibility too. High wage employers are often more likely to offer equipment and training to make it possible.  As an information technology company with many years of experience, we’ve helped hundreds of clients leverage technology to become more efficient and increase profits. Interested in learning more? Let’s connect. Send us an email or give us a call at 502-212-0978 and we can get the conversation started.

A Deeper Dive into Natural Language Processing with number8 Senior Architect Alexis Alulema

May 19, 2020 / in Computer Science, / by Number8

Alexis Alulema - The first time someone hears about Natural Language Processing (NLP), they often don’t consider it to be overly complicated. After some additional consideration, though, they’ll realize how much the AI community has worked on the topic. The technology is even appearing in headlines like this one, as featured on sciencealert.com: Google’s AI has Learned to Become ‘Highly Aggressive’ in Stressful Situations.

As the above article suggests, this technology could become dangerous in the wrong hands or if managed incorrectly. However, I believe that if we get a better understanding of the nuts-and-bolts of NLP, we will conclude that there is nothing ‘magic’ under the hood. Rather, there is a growing, rigorous body of scientific work on creating better algorithms to process data and generate impressive solutions.

Neural Networks have started to become ubiquitous ever since Deep Learning experienced considerable growth with big data, cloud computing, and the appearance of Deep Learning frameworks like TensorFlow or PyTorch. These advancements are visible in areas like Computer Vision (CV), where predictions are incredibly precise and reach 95-98% accuracy. This precision is at the core of impressive advancements in face detection, artificial face generation, self-driving cars, and many other implementations.

Natural Language Processing

In comparison, NLP currently reaches accuracy rates of around 80%. At first glance, it may appear that NLP is not as good as CV. However, I don’t believe this is a fair evaluation, as language is ambiguous and context-bound. For example, a native speaker of a language can often use and understand regional slang and idiomatic expressions comfortably. In comparison, a non-native speaker may have trouble understanding these expressions and might express similar ideas in a different way. These and other factors create a massive task for prediction algorithms, which must attempt to understand idiomatic expressions and much more due to the complexity of language. The best-rated algorithms like GPT-2 require more than 150 GB of data to train the algorithm; for context, 150 GB of training data means days of training neural networks algorithms on super-computers.

I implore you to dive deeper into this topic by reviewing my recently published paper, Deep Learning Methods in Natural Language Processing. In the paper, I attempt to classify the most relevant NLP Deep Learning methods to understand how to use them and identify which situations are best suited for specific NLP methods.

Who would benefit from this content

This paper is a state-of-the-art document that will serve as a starting point for researchers or developers who want to become familiar with the broad spectrum of NLP techniques and how to optimally apply them in different scenarios.

Alexis Alulema
Senior Software Architect and Machine Learning Engineer

LinkedIn: https://www.linkedin.com/in/alulema/
Twitter: @alulema
Personal Website: https://alexisalulema.com/

Tips For Transitioning To An Agile Approach To Software Development

The agile software development lifecycle is often considered one of the best approaches by industry experts. Studies show that this approach ensures software development teams are 37% faster in delivering products and 16% more productive, which can benefit your company significantly.

Many software development teams follow the traditional waterfall approach, which is fairly straightforward while also being very rigid. With this approach, the design tends to happen all at once up front, with the final product being unveiled at completion.

Such an approach isn’t very suitable for modern markets, especially if you need to develop a complex, large-scale application. Follow along for some tips to help teams that are intimidated by the prospect of transitioning to an agile approach.

6 Tips To Help Your Software Team Become More Agile

1. Make Sure Everyone is Onboard

Agile relies on collaboration between different teams. it will only be successful after a comprehensive implementation involving all departments from executive and management levels to ground teams. That's why it is important to make sure everyone is on board and agrees to adopt the agile approach. Program sponsors must get management commitment in particular to ensure success. Make sure both business and IT sides of your company agree to get involved before working on the transition.

2. Train Staff

The Waterfall and V-Shaped software development approaches don’t require much formal training, but agile is different. It is a little more complex and flexible, which means training can help developers adopt it completely. A few training sessions will ensure your team is familiar with the system and knows how to use it well. It will also ensure your staff doesn’t feel confused or overwhelmed by agile’s more complex workflow. Making the transition easier for a development team ensures your end-product isn’t affected by the change.

3. Maintain Communication

Communication is an important aspect of Agile because different teams working on different phases of the product must remain on the same page. Communication is especially vital when you're transitioning from other systems like Waterfall or V-Shaped to agile.. Teams should work from the same location and report their progress on a consistent schedule to team leaders. This will help you notice any issues with adaption and clogs in the machine early on.

4. Collaboration is Important

Agile places a lot of emphasis on collaboration during software development. Teams that were traditionally isolated from one another must communicate regularly to ensure they move through all phases smoothly. That can only be possible if you encourage a collaborative atmosphere. Agile requires team members to contribute their thoughts, opinions, and ideas to the project. It encourages people from different teams to identify mistakes and share them, which helps improve the quality of the end-product.

5. Create a Plan and Road-Map

Experts recommend creating a plan and road-map for agile adoption. This ensures the process isn't as intimidating for your team. Developers transitioning from Waterfall or other methodologies are accustomed to a rigid, straightforward project structure. Agile is more flexible so creating a plan or road-map can help. This plan will change during the project if needed, but it will still provide some direction.

6. Ensure the Transition is Gradual

Shifting to the agile model abruptly will do more harm than good. A gradual transition gives your team and stakeholders some room to adjust and adapt their work habits accordingly. This also ensures team members don't develop bad habits that may hamper the quality of their work later. 

It is a good idea to bring in an experienced agile coach to guide your team and establish a foundation for the system. This ensures you have a good plan in place and the transition is as smooth as it can be.

At Number8, our philosophy is to empower our clients to produce better software, faster. We are experts in augmenting scrum teams with senior consultants that can help increase team velocity immediately. I f you’re interested in learning more about Number8 and what we do, give us a call at (502) 890-7665, or check out our information page.

SOC 2 – Securing Our Future

May 12, 2020 / in Uncategorized, / by Number8

We have an announcement- number8 is now a SOC 2 compliant organization!

 

logo for AICPA and SOC certification               

Oliver Ray - Roughly a year ago, our management team had a discussion about the impactful investments our organization could make to establish a more secure future for number8. These conversations quickly crystalized into a clearly defined need to adopt and implement a standardized framework for control and oversight activities related to our consulting offering. The management team set out to find the most appropriate audit and control framework for our remote software development consulting services. Through multiple client and prospect interviews we landed on the SOC 2® - SOC for Service Organizations: Trust Services Criteria that has been defined by the American Institute of CPAs (AICPA). The SOC 2 standard creates consistent reporting on controls enacted throughout a service organization that are relevant to security, availability, processing integrity, confidentiality, and privacy. These reports are intended to play an important role in the oversight of an organization. They also establish key processes for internal corporate governance and risk management processes, as well as regulatory oversight. The last key advantage of the SOC 2 standard is the ability to continually enhance different controls to suit the needs of clients. At number8, we value the creativity of helping clients get more work done and reduce the barriers to deliver quality software. Due to the number8 track record of high-quality client interactions, SOC 2 seemed to be the ideal standard for us. There have been no major security incidents in the 11 years number8 has been in operation even as we’ve grown our team to over 200 consultants distributed across 14 countries. Our long-term commitment to our clients and our consultant’s long-term commitment to development has certainly had an impact on our ability to provide secure processes to our clients. More than 50% of number8 consultants have been in some form of a development role for more than 8 years and 75% of our current consultants have been working with the same client for more than 1 year. While working through the preparation of our most recent SOC 2 report, it became clear that the standards and control framework established by the AICPA matched closely with the corporate values defined at number8. We have developed our core values with our clients firmly in mind. Not just as they are today, but how they will evolve in the future. Specifically, 3 of our 8 values were prominent in this decision:
  • Everyone at number8 is Customer Obsessed – we guarantee our client needs are met. We adopt our clients’ products and challenges as our own.
  • We always Embrace Transparency – we ensure all work is completed with the highest degree of quality, honesty and integrity. We seek to own our errors, be realistic about the expectations we set, and express courage in asking difficult questions. We are open about everything we do.
  • Every consultant the comes to number8 Builds for the Future while Prioritizing for the Present - It is imperative for the success of our clients to consider the impact that daily decisions have on the future of their organization. number8 consultants consider future impact; while increasing velocity today.

          -Oliver Ray, Managing Director  

An Overview Of Software Development Lifecycles

A software development lifecycle is a term that describes all of the tasks and activities involved in developing an application or program. A lifecycle includes everything from initial planning and consultation to final launch as well as ongoing maintenance.

There are different approaches to software development and every approach has some advantages. Many development teams choose lifecycle systems based on their benefits and their particular requirements. Here’s a brief overview of some of the different software development life cycles used today.

4 Popular Software Development Life Cycles

1. Waterfall

This is one of the most commonly used and popular software development cycles because it is so simple. It works like a waterfall, consisting of a linear sequential flow with one phase of development following the other. Developers only start to work on the next phase after the first phase is complete.

This approach to software development offers several advantages. It is easy to explain to other team members so there’s little room for miscommunication. The structured approach ensures the project remains on track more easily. All stages and activities of the project are clearly defined so all of a team’s members are on the same page. Verification at the end of every phase reduces the chances of error.

Unfortunately, this approach has several disadvantages as well. It is rigid and inflexible so developers are more likely to assume that all requirements are locked in. There’s little room for adjusting the scope or requirements of a project. The waterfall approach is much less unsuitable for large or complex development projects.

2. V-Shaped

The v-shaped model is similar to the waterfall model, with an added advantage of an early unit test phase. The model follows the Waterfall process until software plan implementation, after which it moves upward from unit testing to maintenance. Like the waterfall model, this approach is fairly straightforward and easy to understand.

The biggest advantage of the v-shaped model is that it has specific deliverables at every phase. Developers create test plans early during the lifecycle, which reduces the room for error and improves flexibility.  The v-shaped model is ideal for small, straightforward development projects with clearly defined goals and expectations.

However, this model is still very inflexible and it is difficult to adjust its scope once a project has launched. It is not possible to generate early prototypes using this model and there is not a clear structure for correcting errors.

3. Spiral

The spiral model or SDM is a great solution for large-scale and complicated projects. This model combines design and prototyping systems, making it more flexible. It still uses the main elements of a waterfall approach as the foundation, assigning different sections for planning, risk assessment, prototyping, and simulations, but offers more options to move backward or forward in the project.

The SDM system has several advantages like more realistic estimates, early developer input, and better risk management.

However, this approach to software development has some disadvantages as well. It can be very expensive and time-consuming. Developers need specialized training to utilize this approach effectively and the system has limited re-usability across different kinds of projects.

4. Agile

The agile approach has become very popular because it offers maximum flexibility and is suitable for all kinds of projects. This approach requires collaboration and movement between different teams as well as phases during the development process. Developers can go back to earlier phases after learning from their mistakes to optimize an application.

This approach has several advantages like decreased development time, time to take input from the team, customers, and stakeholders, and no guesswork. You get high-quality software that fits a customer’s requirements perfectly at the end of the process.

However, agile requires special training and skill which can involve an investment of time and money.

Choosing the right development lifecycle is essential to keep a project on track and ensuring the result lives up to the original specs. A successful software development lifecycle can produce software with the highest quality and lowest cost in the shortest time.

At number8,  our measure of success is delivering working software faster. That's why when it comes to meeting a project's full potential, we believe in embracing the agile development model. As an information technology company with many years of experience, we can help any team adopt the practices, processes, and tools needed to deliver with more agility. Interested in learning more? Let’s connect. Send us an email or give us a call and we can get the conversation started.

GET STARTED TODAY

We’d Love To Schedule A Time To Talk.

Provide your information to talk with a number8 Relationship Manager about your development needs today and feel what it’s like to be listened to before being sold a solution.

  • This field is for validation purposes and should be left unchanged.

We’re Everywhere

number8’s onshore office is located in Louisville, Kentucky where our Account and Relationship Managers work hard to provide all of our clients with exceptional customer service. We also have consultant offices located in Escazú, Costa Rica and San Pedro Sula, Honduras that give us a strong local presence allowing for top-level recruitment, technical training and low employee turnover.

Our Locations
orange_Pin-10Feb