• Malicious Emails are up 600% due to COVID (ABC News)

• The average ransomware fee was around $200,000 in 2020 - up from $5,000 in 2018 (National Security Institute)

• The average ransomware fee for higher education is around $447,000 (BlueVoyant)

• Ransomware damage against healthcare was a whopping $157,000,000 between 2016 and 2020 (HIPAA Journal)

• A new ransomware attack will happens every 11 second in 2021 according to expert estimates (Cybercrime Magazine)

• Remove the Admin User - You may be able to change the Admin user's password but it is best practice to actually remove it. If a hacker knows a user exists it is really only a matter of time before they find the password.

• Turn on Multi-Factor Authentication (MFA) - Having users authenticate a device once a month using a random code helps ensure hackers cannot use their password if they find it or guess it.

• Turn on password expiration - If you use MFA you still need to refresh passwords now and then. This feature will remind users to change their passwords at a chosen interval.

• Turn on the Inactivity Timeout feature - If your workstation is left alone for a period of time docMgt can automatically log you out to protect your data.

• Use IP Limits - If your docMgt system is only accessed from a handful of known locations you can limit access to only those locations. You can also use IP Limits to block problem IP addresses or ranges if the need arises.

• Public PDF Submission - If you do not accept PDFs being submitted directly to your site, make sure this feature is off

• SFTP Upload - If you do not accept direct SFTP uploads (normally for MFP scanners) then make sure this feature is off

• Public Document Sharing - If you are not sharing public information on your site then make sure this feature is off
• 
  
• Standard Entry - With Standard Entry, users can add Records to any record type they choose if they know what they are doing. It is best to turn this off after you have established the Record Types they will need.