OneShare Health is a Christian healthcare sharing ministry dedicated to offering Christians across the US access to healthcare. OneShare Health operates similarly to a standard health insurance provider, but treatment costs are shared among members of the Christian community, helping the larger church support each other affordably and flexibly. Founded four years ago, OneShare Health is still establishing its place in the market and its own internal working practices, having recently shifted permanently to remote working. Although navigating various business shifts, OneShare Health’s primary focus is on its overarching goal: helping others.
Around 90% of cyberattacks begin with a phishing email, making email one of the largest attack vectors in businesses today. Around 82% of insurance companies were found to be susceptible to phishing, with malicious actors drawn to the high-value customer information they collect, including medical records, payment details, and social security numbers. And attacks targeting insurance or healthcare organizations can result in violations of HIPAA or GDPR compliance, risking costly lawsuits for businesses and downtime that endangers customer wellbeing.
OneShare Health was navigating a series of business changes, including updating its business’ network, reallocating employees, and moving to a permanent remote working structure. The IT team had little control over securing employees’ devices with staff working from their own homes and were particularly concerned about their non-technical employees. Many OneShare Health employees are also called center-based and therefore not as familiar with email as other departments.
The IT team had been using a separate, dedicated user education platform but felt that it wasn’t fulfilling their training needs. To streamline cybersecurity tools, OneShare Health wanted a tool that combined multiple offerings into one solution. The team also needed a platform that was easy to use, taking some of the email security burdens away from their busy IT staff.
After searching the market for cloud-based email security education solutions, OneShare Health came across IRONSCALES and was impressed by the platform’s realistic, personalized phishing simulations. After a swift and straightforward implementation process, OneShare Health rolled out IRONSCALES’ awareness and training solution to its network of roughly 120 employees.
After installing the phishing awareness solution, OneShare Health immediately began to run regular simulations using real-time data from IRONSCALES’ global community of security analysts. The IT team at OneShare Health has seen an improvement in user awareness and education since running these, with even non-technical staff showing an improvement in phishing knowledge. The Spring 2022 phishing simulation saw 33% of staff reporting the email as phishing, and 5% clicking the ‘malicious’ link. This demonstrates a steady improvement in awareness; the simulation from December 2021 saw 23% report the email and 7% click the link.
The OneShare Health IT staff are pleased to see that employees working from home are better able to spot the tell-tale signs of phishing and show an improvement in awareness of the general principles of email security. With fewer people clicking on malicious links, the IT team can spend less time on remediation and more time on other important business activities. IRONSCALES’ unified phishing simulation solution has helped OneShare Health have a better sense of their cyber posture as the business shifts, unifying their education efforts across their dispersed remote teams.
In their continued effort to streamline cybersecurity tools, the OneShare Health team also plans to replace their existing email security solution with IRONSCALES’ full platform. The IT team finds their existing solution to be cumbersome, time-consuming to manage, and poor value for money. As IRONSCALES has grown, OneShare Health feels that its modern platform, AI-driven remediation, and simplified API integration is a better and more cost-effective solution for their evolving business. Along with upgrading to the full IRONSCALES solution, OneShare Health is planning to incorporate phishing education and simulations into their onboarding and training processes, as well as working with their training team to develop a standardized email security curriculum for all employees.