Oryx Dental Practice Management Software

Rickard Nilsson is a DevOps engineer focused on functional programming and declarative deployments. Rickard is an active member of the open source community with numerous contributions in security and operations. He lectures internationally on these subjects and is the author of Scala check, a must have programming book. https://www.amazon.com/ScalaCheck-Definitive-Guide-Rickard-Nilsson/dp/0981531695 Rickard's answer on the ransomware and security issues: "The ransom scenario is highly unlikely with our Oryx setup. An attacker can gain access to realm data by finding out a user password and could of course reset passwords or delete data within that realm. But there is no obvious attack vector from that to our backups, so we are able to restore data quickly. The ransom scenario is more likely when an attacker gains server-level access to the actual file storage (most commonly happens with on-premises Windows servers that might lack security patches etc). These are some concrete security-related things that we do: • Two-leveled firewalls (configured both at Google's end, where the traffic first enters, and at each server that receives the traffic in the end. • Configure firewalls as restrictively as possible • Continually deploy system software updates (operating system patches etc). All deployments are automated, so that updates can be rolled out quickly with minimal manual effort (no server is forgotten) • Run security scans as part of our application build process, to catch certain kinds of mistakes before new application versions are even deployed • Isolate the practices as much as possible from each other (separate encryption keys, databases and file storage areas used for each client practice) • Keep production, testing and development environments completely isolated from each other