Protecting yourself and your business online involves several areas, one of which is passwords. As the number of online accounts that we deal with grows, so do the number of passwords we need to have and remember. Follow these best practices to safeguard this information.
It is vitally important to never re-use passwords. I think we are all guilty of re-using passwords from time to time and for some of us, the same one all the time! But the reality is that sites and services are constantly being attacked and breeches are not uncommon. Which means it is vitally important to never re-use passwords – especially for e-mail accounts.
What’s the harm in re-using a password? Let’s say I signed up for a photo sharing site with my personal e-mail (firstname.lastname@example.org) and I used the same password that I use to access my Gmail. A few months later, the photo site experiences a cyber-attack, and my username and password are exposed. The first thing a bad actor will do with my username and password is try logging into my email. Since I used the same username and password, they now have easy access to my email and can see that I use this email for my bank, my credit card, Netflix, Dropbox, etc. If I also used the same credentials for those accounts, I have a real problem on my hands!
When businesses are attacked user information is often taken. Names, e-mails, passwords, addresses, phone numbers, etc. may be posted or sold on the ‘dark web’ for scammers to use. An e-mail disguised as a company you regularly do business with, may mention you by name, may even contain past e-mail content… “Hey, I’ve shared a document with you, you just need to log into Microsoft or Google to view it!” or “Hey click the attachment to see our latest newsletter!”. When email servers are hit, bad emails can come from a legitimate domain and not even need spoofing!
Another common reason for compromised accounts is users being tricked into GIVING their credentials to bad actors. If you’ve used your e-mail address for anything, fact is, it is out there in the world and bad actors are going to send you deceitful e-mails to either plant malware on your computer that can steal your credentials or trick you into handing it over to them directly. Depending on where your email is listed, bad actors may be able to figure out your employer, your co-workers, even industry partners or associates and you can be target phished. This is even more convincing than an e-mail imitating a legit entity like UPS, Microsoft, PayPal, Google, etc., as they can try to disguise the e-mail as coming from your dental practice, dental systems, co-workers, or even a partner business. Some of these fraudulent emails can be very clever so it is important to always have your guard up.
Always be on guard. Look for bad grammar, misspelled words, or other signs. An example is an e-mail that looks like it’s from Microsoft but the actual address it’s coming from is odd – ie. microsoftwebservices.com. HTML file attachments, an unexpected file share or file attachment, even from someone you know, can clue you to suspicious activity. Hover over hidden hyperlinks and if the website does not match the sender or if a link brings you to a login page not the URL in your browser, chances are it is a phishing e-mail.
Password Best Practice Tips
Strong. Make passwords no less than 20 characters AND do not use common words (hackers have sophisticated tools that can break passwords that use common words or word combinations).
Unique. Make every password unique so that if one account gets hacked you are not handing over the keys to your other accounts.
Management. Consider using a password management tool like LastPass, Bitwarden, 1Password, to name a few.
If you suspect an account has been compromised, it’s best to change the password immediately, monitor all accounts for any irregular activities, and stay alert to legitimate and counterfeit emails.
The act of paying for something with a credit card is seamless. First, swipe or insert a card into a machine. Then, wait for the authorization to happen. Lastly, sign off on the purchase, if needed. All of this happens in a few seconds.
However, a lot goes on behind the scenes while you’re waiting for that quick authorization! We’ll discuss what happens when you enter your card, in addition to the security measures that are in place to protect your data long after you make a purchase.
Who takes part in the credit card payment process?
Cardholder: This is the customer that presents their card for payment of goods or services.
Issuer: The issuer (or “issuing bank”) provides the cardholder with their credit and a physical card. They are responsible for approving and declining transactions, customer billing, and collections.
Merchant: This is the business that sells goods or services.
Merchant Account: This is a type of bank account that allows businesses to accept credit, debit, and mobile payments.
Acquirer: An acquirer (or “acquiring bank”) solicits, underwrites, and owns the accounts merchants need to accept credit cards. They can provide the technology permitting businesses to process transactions, take on chargeback risk, and deposit funds into a merchant’s bank account.
Payment Processor: Payment processors are organizations that partner with acquirers to open merchant accounts, handle support, manage payment processing, and build technology on behalf of acquirers.
Facilitating the payment process
Credit Card Machines
First, a credit card reader or terminal is needed. Today, there are various credit card machines available that can cater to any processing environment.
Popular devices include point-of-sale (POS) terminals, which support credit cards with magnetic stripes and chips. Some are magnetic stripe (“magstripe”) only, in addition to devices specially made for an unattended or kiosk type of environment.
The payment transaction starts when the cardholder presents one of the following:
EMV chip card: A payment card containing a computer chip that can validate personal identification numbers (PINs), authorize purchases, verify account balances, and store personal records. Chip cards facilitate EMV® payment processing throughout Europe and the US.
Contactless card: A credit or debit card that does not require physical contact between the card and the credit card machine.
Digital wallet: Digital wallets store a cardholder’s payment information on a mobile app or smartphone device, enabling payment to happen without a physical credit card. Examples include Samsung Pay®, Apple Pay®, Google PayTM, and Fitbit PayTM.
How does credit card processing work?
Once the card is entered into or “tapped” on the credit card machine, the authorization begins. Authorization is the process where the issuer approves or declines a transaction. Merchants use it to ensure customers have sufficient funds available when they purchase something.
The credit card information enters a payment gateway, which serves as a connector between the merchant and a payment processor (like Global Payments).
The payment processor will take this information and send it to the card brand (such as Visa or Mastercard).
The card brand sends this information to the issuer.
When the issuer receives the cardholder’s information, authentication begins.
The issuer will verify that the cardholder has sufficient funds in the credit line to approve the transaction.
They may also check the card verification value (CVV) and ensure the billing address matches what is on file to prevent fraud.
If the transaction is approved, the merchant receives authorization, and the issuer places a hold for the amount of the purchase on the customer’s account. The card reader or POS terminal should see a message that says, “Approved.”
The merchant gives the cardholder a receipt at the end of the sale.
At this point, the payment verification process is complete.
How long does a credit card payment take to process?
Payment verification only takes a few seconds at the point of sale. Then, the payment process continues behind the scenes with the settlement process.
Merchants send all approved transactions to the acquirer at the end of the day. This group of transactions is called a batch.
The payment processor routes the batch to the card branch for settlement.
The card brand forwards the transactions to the issuer.
The issuer transfers the funds to the acquirer, and in the process, takes an interchange. Card brands set the interchange fee, and the acquirer is responsible for paying this fee to the issuer.
The acquirer credits the merchant’s account with the approved transactions.
The issuer posts the transaction on the cardholder’s account. The cardholder will be responsible for settling their debt at the end of their billing cycle.
Payment processing times vary, but on average, it takes one to three days. Additionally, batches sent during the weekend or a bank holiday get processed on the next business day.
How does a refund on a credit card work?
Even if a transaction is approved, a cardholder can dispute it for a refund post-purchase. These disputes are called chargebacks. The main reasons for chargebacks include fraud, receiving faulty goods or services, and technical errors, such as double charges. A successful chargeback would mean the return of funds to the cardholder.
Encryption is one way to protect cardholder data. With laws becoming more stringent over time, in addition to increasing cybersecurity threats, encryption uses a numeric binary code to shield sensitive data such as the cardholder’s name, account number, expiration date, and service code. The more random the encryption code is, the more difficult it is for hackers to gain access.
Tokenization is another way of protecting cardholder data, particularly the cardholder’s account number. During an online transmission, a token replaces the account number with a unique string of characters. Tokenization differs from encryption in that each token is original and can apply only to a specific merchant and cardholder.
Finding the best payment processor
Now that you understand how complex the payment process can be, it’s essential to choose a processor that will enhance your business.
A reliable payment processor will integrate with your software to provide a seamless checkout and bookkeeping experience for your clients. Additionally, they will enhance cardholder data protection by helping you and your customers stay PCI compliant, ensuring secure payments every time.
Contact us to learn how our solution can benefit your business and add value to your software.
EMV® is a registered trademark or trademark of EMVCo LLC in the United States and other countries. www.emvco.com.
Apple Pay® is a trademark of Apple, Inc. All trademarks contained herein are the sole and exclusive property of their respective owners.
Google PayTM is a trademark of Google, Inc. All trademarks contained herein are the sole and exclusive property of their respective owners. Any such use of those marks without the express written permission of their owner is prohibited.
Samsung Pay® is a registered trademark of Samsung Electronics Co., Ltd.
FitBit PayTM is a registered trademark of Fitbit, Inc. and/or its affiliates in the United States and other countries.
Microsoft Windows 8.1 and Server 2012 Operating Systems
If you currently have computers running Windows 8.1 or if your server is running Windows Server 2012 it is time to start thinking about replacing or upgrading. Microsoft is ending extended support for Windows 8.1 in January 2023 and Windows Server 2012 in October 2023, bringing both to End-Of-Life status.
What does it mean when an operating system is End-of-Life?
End of Life status means Microsoft will no longer develop patches or fixes for any newly discovered bugs or security vulnerabilities within this version of the software nor will they provide technical support. When operating systems are no longer supported by Microsoft, other software developers, such as practice management developers, will stop building and testing in unsupported operating systems.
How does running an end-of-life operating system affect my business?
When an operating system is no longer receiving security updates, exploitable vulnerabilities will likely emerge and could create a security risk for your business. In addition, you may be unable to install newer versions of other software programs on computers running an unsupported operating system.
How long do business computers normally last?
Every single piece of hardware inside a PC will have its own average lifetime, but in general a PC will last anywhere from 5-7 years. As computers age, components will start to wear out and could leave you with unexpected down-time. Components can be replaced but keep in mind that as your computer ages, the more difficult it can become to find an available or compatible replacement part. We recommend practices begin planning for computer replacement when systems start to approach the 5-year mark. Some of our practices choose to stagger computer replacements to minimize the impact on their budget.
New computers are not in the budget this year, do I have any options?
Depending on your hardware compatibility, you may be able to upgrade Windows 8.1 to Windows 10. Keep in mind that some hardware is not compatible with Windows 10 and is unlikely to be compatible with Windows 11 (released October 2021). If your computer was manufactured in the last decade, it may be able to be upgraded to Windows 10. It is recommended, though, to check the manufacturers’ website(s) to verify the models of your system’s motherboard, CPU, and GPU are compatible with and supported on Windows 10.
I am interested in upgrading to Windows 11, is there anything I should know?
XLDent practice management software is compatible with Windows 11. However, there are some manufacturers, x-ray manufacturers in particular, that are still testing compatibility with Windows 11 and at the time of this post have not guaranteed full functionality of their devices with this operating system. We recommend purchasing computers based on Windows 11 specifications https://www.microsoft.com/en-us/windows/windows-11-specifications and installing Windows 10 on computers running software or hardware that is not yet cleared for use with Windows 11. Computers running Windows 10 can be upgraded to Windows 11 once connected devices are compatible with Windows 11. There is currently no charge to upgrade from Windows 10 to Windows 11.
All my computers are using Windows 10, is there anything I need to know?
I would like to start planning for a future upgrade, what are my next steps?
XLDent’s hardware team has over 50 combined years of experience and is happy to help provide you with a free assessment of your systems and make recommendations for future changes. Contact us today to get started.
New dental practices are often hit with a range of decisions to make all at once. As a new dental practice owner, finding the right software for your practice right away can make a significant difference in your business’s success down the road. Similarly, there are substantial advantages to implementing a new software suite like XLDent as early on as possible in your practice’s launch to take advantage of our proven workflows and customizable features for newly established dental practices.
Dentists and their staff should not need to be technology experts to run a successful dental practice. Certain software systems are often much better for new practices because of their usability design. More experienced software users might be more proficient with any given software product in your dental practice. Still, the good news is that even staff who are new to using software tools as part of their dental practice workflow improve at similar rates to experts when the software systems themselves are designed with new users in mind. Thus, good usability is a crucial metric to the success of all dental software implementations. Usability is also directly related to your entire practice’s overall user satisfaction with the software product.
At XLDent, we’ve taken a particular interest in the experiences and needs of new dental practices. Starting a new practice is a huge undertaking, and probably one of your professional life’s most significant decisions. The content, integrity, and continuity of your electronic dental records will play a key role in your ability to grow efficiently and profitably, as well as maintain valuable patient relationships and patient engagement mechanisms. XLDent’s All-Inclusive Suite of products and services includes all the tools you will need to make this journey. XLDent is your long-term solution for equipping your dental office with a customizable, scalable, and robust Practice and Clinical Management software system.
When it comes to selecting the software your dental practice will use for practice management, charting, or otherwise, dentists are often looking for just the right product to increase their practice’s efficiency, productivity, and revenue. This is no small task given the vast array of vendor options and features to select. We propose four key variables that can help you find out if a software is right for your practice: support, innovation, scalability, and integration.
Some software vendors offer little customer support or onboarding process for their products. Especially with your first software, a lot of time, money, and effort will go to setting up, installing, and learning to use the software. Your practice will need support to adapt quickly and realize the software’s productivity benefits as soon as possible.
You’ll also need professional technical support on hand to make the most of your investment and avoid downtime.
Whether you have an existing practice or are starting a new practice, XLDent is here to guide you in managing or establishing a successful dental practice with our software. We not only understand the importance of the software selection process, but we also take pride in the experience and knowledge our XLDent Certified professionals will offer you during the process and long after you decide to move forward with the XLDent Suite of products.
The XLDent Software Assurance and Business Care Plan protects your investment. We are here to help long after your initial training is complete. Our knowledgeable and friendly Implementation Specialists genuinely care about your happiness and success with the XLDent Suite. We will consistently go the extra mile to answer your questions and help you reach your software implementation goals.
A software product that does not evolve cannot grow with your practice. Not only does your vendor need to be able to invest in the growth of their company to keep up with regulations, but they also need to keep up with the challenges and opportunities created by new dental technologies.
The needs of dental practices are continually evolving. So is technology. A software product that gets you started today may not serve your practice in the long run as you continue to grow. Before you adopt any technology, make sure that you understand how technology can adapt and scale to align with your future goals as a business.
XLDent Cloud offers a scalable cloud solution that can meet your practice where you are now and scale with you as you grow. With XLDent, all of your clinical documents, charts, patient contact information, and other practice management data can be accessed at any time by any authorized user. XLDent Cloud allows you to work in a secure environment without complicated network connections to retrieve your data.
The right software for your dental practice will integrate with as many of the tools and services you need for success as possible. Always look for software solutions that offer a complete suite, or at least integrate Real-Time Insurance Eligibility, Electronic Remittance Advice, Patient and Doctor Portals, Encrypted Email, and more.