Gil: I’m Gil Vidals, the CEO of HIPAA Vault, a managed security service provider, and this is Alicia Kay, the social media analyst. So what topic do you want to cover today Alicia?
Alicia: Hi, thanks for having me Gil! So last week we talked about geographically dispersed data, and I could tell you were very passionate about that topic, so I was just wondering what about that topic you’re so passionate about.
Gil: Well protecting our data does have to do a lot with geography, and we talked about keeping your data replicated across different zones in the US, but there’s another thing that’s important, and I’ve seen my colleagues in the industry allow the attack vector to come in from many different countries, and you don’t need to have everyone in the world to see your website if you don’t serve everyone in the world, does that make sense?
Alicia: Yeah, so if you were just serving people in the US, how would you go about blocking an entire country?
Gil: Yeah, we’re talking about HIPAA services here. HIPAA’s traditionally a North American, or just a really US based service, so you can block most of the rest of the world. We have technology, and the technology exists in general, where you can say “I want to block” and you give a country name. Or you can do the inverse, you can say only allow traffic to the US, therefore blocking the rest. So, those are considerations that you should be thinking about, and you should talk to your upstream provider if you’re not the technical one, and say “Hey, what countries are we allowing in?”, and if they say the whole world, then you need to be asking questions, “Is that smart?” “ Is that the right approach?”
Alicia: Okay, wow that’s a very interesting tip, thank you. Is there anything else that you wanted to add?
Gil: No, I think that covers it. Just leave us some recommendations for future videos, we’d really appreciate it.
Alicia: Alright, thank you very much!
Gil: Thank you.