Schulman Group

MME is pleased to be a preferred supplier of IT services for the Schulman Group Members

Special Services for Schulman Group Members

Cybersecurity Audit

Is your computer network setup properly to defend against Ransomware? Ransomware can devastate a Practice, encrypting patient data and demanding ransom to prevent its public disclosure.

We all hope that everything is fine and that your IT people have it handled, but if you are honest with yourself are you really sure? Your IT people might be good at connecting a PC to a Server, but are they studying and fixing every new security weakness? Are they double‐checking every change made by your Practice Management software company’s technicians?

If you are serious about protecting your network an external Security Audit is a must. Someone should periodically examine your network to ensure it meets at least basic security standards.

Your IT team may not be thrilled about an outsider reviewing their work. But if everything is in great condition they will get a report they be will proud of — and you will know they are doing a great job. If the audit discovers problems they should be open minded, learn from them, and openly cooperate to promptly mitigate the risks. An IT team that resists the process might itself be a weakness in your Cybersecurity. A team that insists on doing it themselves are missing the point of an outside perspective, one with broader experience in security.

MME is an IT company specialized in helping Orthodontic professionals. Many Schulman Group (SG) members are already our customers. The SG has negotiated special pricing with us for member Security Audits. MME will carefully review your existing network for security weaknesses. We will provide you an executive summary report and a detailed list of findings with recommendations on how to mitigate the risks. We will discuss the results, their implications, and potential improvements with you and your IT team. If you need extra help, the SG has also negotiated discounted rates for MME services to help remedy issues (see below).

Many SG members employ the services of Black Talon Security (BTS). An MME Security Audit works in conjunction with BTS, not as a replacement. MME focuses on reviewing and fixing the foundation layers of your network, digging into the fine details of network configuration. BTS works on top of that, monitoring for new threats, training your team, and providing other important services. A network with both MME and BTS should be well prepared for the Cybersecurity battles ahead.

We look forward to helping protect your Practice. The next step is easy – please contact us to start the process either by emailing Ryan McElvain or by calling (916) 550‐5550.

Preferred Rates on Cybersecurity Services

The Schulman Group Management has negotiated special rates for its members if they need some additional services to mitigate risks discovered by an MME Cybersecurity Audit. Your MME project manager will discuss these costs and special savings with you. These include:

  • Advanced Internet Firewall – MME can replace your existing ‘old school’ Internet firewall with a modern one that has an armada of advanced security features. We’ll replace it, configure it, and continue to monitor and maintain it. Learn more about our solution here.
  • Managed Antivirus Solution – a great antivirus product that we monitor so we know if your systems have detected a threat and we can reach out and start a response. Learn more about our solution here.
  • Bring our IT skills to your team – If your existing IT team needs some help to get the issues discovered by the audit mitigated properly in a timely manner, let MME pitch in on the effort at a special discounted labor rate.

What will be required for the Cybersecurity Audit?

The first step will be to determine who on your team will be our point of contact. If not the doctor, we’ll want to know explicitly who on staff has the authority to help us get the job done. They should have physical access to all the elements of the network, and know how to contact the IT team for additional information.

For the audit to be meaningful, we need to be able to review the entire network. This includes the dark hidden spots where no one else ever goes. We need to see the best and the worst of it. To do this we need all the credentials to access all the devices on your network. We need the Administrator logins to things like the Internet Firewall, File Server, PCs, WiFi System, Backup Systems and more. As the audit is scheduled we’ll be asking more specifically for these things, and you may have them or need to ask your IT team for them. They may be reluctant to share this information, but it is necessary to do the work properly. We will coordinate a secure method to share these passwords (please never email them).

We will be asking for input from your team and IT people on several key areas of the network. We want to know what the backup processes in place are, where passwords are kept, etc. Not difficult questions, but important ones.

Once we have the credentials we’ll schedule a time to perform the audit (done completely remotely). We’ll need help for a few minutes from your team to get connected to the network. At the time of the audit ALL devices will need to be turned on and accessible. We’ll be temporarily tying up a few devices while we do our work. We won’t be changing anything, merely observing. When scheduling we often look to find a non-patient time window so that we are a minimal distraction to your team. The audit might take just a few hours or be much longer depending on the complexity and condition of the network.

After the initial audit is complete we will begin to review the information gathered and document what we found. Once this process is complete we will present the findings noting any issues and potential mitigations that may be considered. We will reach out to schedule a meeting to discuss the results and answer any questions.

Limitations to Services Offered

These negotiated rates apply to both new customers as well as existing MME customers. For existing customers, the discounts apply only to new security audits and any mitigation work that follows as a result (just the same as a new customer).

MME will provide its best effort to uncover potential security issues during the audit, but this is not a guarantee of any kind. It is possible that other risks will exist that remain undiscovered.

While the audit may identify risks, it is your responsibility to implement the mitigation. Knowing you have an issue is the good first step, but getting it actually fixed is the next. The audit does not include the mitigation work. You can address them yourself, or with your own IT people, and/or enlist the help of MME at the discounted rates.

If you are already an MME customer is there any benefit to this? Yes! Our auditing team is a different group of our techs (deliberately), and we check our own customers projects as stringently as a ‘new to us’ customer. We are continually enhancing our security standards to keep up with the new challenges, and the audit will show where improvements need to be made. Cybersecurity is a process of continual evolution.