Physical Security: A Cybersecurity concern for Public Health Institutions in Ghana.

Physical security, at its heart, is the protection of people, equipment, software, networks, and data against physical activities that could result in significant loss or harm. Cybercriminals are highly skilled at their profession these days. As a result, many established cybersecurity measures, such as firewalls and antivirus software, no longer provide complete protection. This presents a significant obstacle for businesses of all sizes. However, in addition to strengthening digital defenses, corporations must increasingly invest in physical barriers. With an increased emphasis on cyber security, it begs the question as to why physical security vulnerabilities in networks are not considered.

The Public health institutions in Ghana are committed to ensuring that every citizen has access to health-care, thereby contributing to one of Ghana’s aims of a healthy population and universal healthcare coverage. In cyberspace, malicious hackers are simultaneously targeting important public health and healthcare systems, resulting in proliferation of risks. Numerous public health institutions in Ghana, that is, Hospitals, Clinics, Health Centres, and CHPs compounds, have physical security vulnerabilities, which I have personally experienced. On a recent site survey, for example, I found out that most of the health professionals do not lock their offices after closing from work, relying on a single security personnel who is in charge of protecting the entire premises.

The few officers that lock their offices do so with the protection of a key lock. As a result, anyone with a master key, or bump key might obtain access to the offices and the Information Systems without anyone noticing. Cyberattacks like this have the potential to expose confidential patient data. When a Wyoming healthcare institution was targeted by ransomware in the USA, it was forced to redirect patients to other institutions and was unable to access patient records in order to continue delivering health care. Numerous exams and processes were cancelled due to the organization’s computer systems being down. Cyberattacks of this kind have the potential to expose sensitive information about patients and force medical systems that are already under stress to invest precious resources in order to recover from these attacks.

While developments in health information technology have the potential to improve clinical treatment, basic research, and public health, this will only succeed if the system is secure. Thus, Ghana’s Public Health Institutions must place a greater focus on physical security.

The next section discusses the role that Public Health Institutes in Ghana and around the world can play in protecting their businesses.

Prevent unauthorized access to premises.

An institute can employ a variety of physical barriers to keep unwanted individuals out of its premises. This can begin with security doors that allow only those with the necessary credentials to enter. Additionally, health institutions can choose to consider the use of lanyards, which enable employees to enter doors without entering a code. To be sure, fraudsters employ a variety of techniques, which is why this is such an important component of online safety. A USB stick containing a message may be dumped on an employee’s desk, and when the employee inserts it into their computer, the virus is activated, granting attackers complete control over their network. Alternatively, if a workplace is not password-protected, criminals may be able to get access and immediately log on to computers. In any case, the last thing health institutions want is for thieves to have access to their premises.

Enhanced Cybersecurity Education and Awareness:

Public health institutions must effectively communicate to their employees the increased risk of social engineering attacks linked to COVID-19 at this time. Additionally, employers must provide their employees with the training and tools they need to effectively handle and defuse any social engineering attacks they may encounter. Also, institutions should train their employees on how to spot and respond to social engineering frauds in real-time. Not only should institutions train their employees on how to identify these dangers, but they should also guide how to implement fundamental cybersecurity policies.

Conducting inspections and taking preventative measures.

Public Health Institutions must consider additional security measures such as placing CCTV cameras on their premises. This kind of physical security measures which do not appear to benefit cybersecurity can easily be overlooked. As a result, CCTV is a great deterrent against criminals; it also gives employees a sense of security and informs any potential criminal that the institution has taken considerable security steps to keep their business safe. To prevent would-be burglars from breaking into their premises, it’s a good idea for Public Health Institutions to make it clear that they have CCTV cameras installed. Unwanted guests will be more inclined to abandon the business of Public Health Institutions.

Conclusion

Public Health Institutions may be vulnerable to cybercrime as a result of insufficient financial investment in physical security. The current public health crisis caused by COVID-19 is no exception to the pattern of cyber criminals adjusting their techniques to capitalize on new chances. As COVID-19 spreads all over the world, health and healthcare institutions need to invest in resources to manage risk and minimize weaknesses caused by hardware, software, and humans depending on one another to provide security. A cyberattack can cause a devastating effect on Public Health Institutions, which is why they must prioritize physical security immediately.