May 26, 2017
Staff restrictions on internet use are estimated to be in place for 90 days while security enhancements are being developed. During this time:
Andrew Coyne, chief information security officer, Mayo Clinic, answers questions about these restrictions, the risk to Mayo Clinic and solutions being developed:
|Why are these restrictions in place? Since some staff still access the internet for work, does this restriction really help protect Mayo Clinic?|
|Mayo Clinic has experienced ransomware incidents in the past. While these previous attempts have not caused serious damage, the latest ransomware types are much more dangerous. Most of these previous ransomware incidents were the direct result of staff receiving phishing emails or malware messages in their personal email or Facebook account, and then viewing or opening these messages using Mayo computers.
These sites are the highest-risk internet locations for ransomware and other malware — but are not the only risky places. That is why we have asked for a temporary prohibition on personal email, Facebook and Twitter, and access to the internet for nonbusiness purposes.
These steps will significantly reduce the risk of a successful cyberattack.
From the Mayo News Center