January 4, 2018
Subject: Meltdown and Spectre Computer Vulnerabilities
Dear Valued Customer,
By now, you have likely heard the news about the “Meltdown” and “Spectre” computer vulnerabilities. Both are “side channel” exploits, meaning they do not access protected data directly, rather, cause the system processor to operate in a way that allows for the observation and timing of visible characteristics to infer the protected data.
InTouch Health Teams are closely monitoring for the general availability of patches for all affected systems and software. Upon patch availability, InTouch Health will:
- Obtain, thoroughly test, verify, and schedule deployment as quickly as possible
- Maintain usability and safe operations of services and devices
- Make updates and patching schedules available to our deployed software and hardware solutions as soon as possible
Prior to the availability of patching and firmware updates, InTouch Health will continue to limit and mitigate immediate risk by following common security best practices, including:
- Unverified code execution prevention
- Limiting access to only known and trusted users
- Installing only vetted, verified, and trusted applications
- Following all established security monitoring and management policies and procedures
Further, InTouch Health has verified that our cloud hosting partners have already taken appropriate action to correct and/or protect against Meltdown and Spectre based threats.
If you have questions, comments, or concerns please contact your account executive or other designated InTouch Health point of contact.
Thank you for your patience and continued support.
May 16, 2017
Re: WannaCry Ransomware Virus
Dear Valued Customer,
InTouch Health has not been impacted by the WannaCry ransomware virus. InTouch Health became aware of WannaCry the morning of Friday, May 12, 2017 and took the following proactive, preventive actions:
- Initiated an incident response plan in the event of a potential incident
- Confirmed anti-virus definitions are up to date to ward off potential threats
- Completed an immediate Windows Patch assessment and initiated remedial action on Microsoft patch MS17-010
- Shut down SMB (TCP/455) between all critical and PHI containing systems to restrict access from systems potentially infected with the WannaCry virus
- Executed point in time backup of all systems for business continuity and disaster recovery
- Disconnected Windows-based backup systems server from the network to preserve data integrity
The proliferation of the WannaCry virus is primarily through a Remote Desktop Protocol (RDP) vulnerability and through Server Message Block (SMB) shares. InTouch Health does not allow system level access to map network drives via SMB or RDP access for applications containing patient health information (PHI). The operating systems these applications use are predominantly Linux based, and are not directly susceptible to this WannaCry threat.
At InTouch Health, we pride ourselves on secure, reliable connections, and actively monitor our networks to ensure a smooth experience for both our clinician and patient users. Should you have any questions, please review the FBI Flash, or email me directly.
Sr. Director, Information Technology