Is your Password Already Floating Around on the Internet?

By Steve McEvoy, Technology Consultant

Passwords are a pain. You need them when you turn your computer on, open your practice management software, access your email and when you access most any other Internet service like Gmail, Pandora, Dropbox, Facebook, etc. Keeping track of all of them is a hassle, and it is human nature to look for shortcuts – many people often use the same password for multiple sites.

Hackers are constantly looking for ways to steal information. Information is the new ‘gold’ on the Internet. The mention of ‘hacker’ conjures up images of a mysterious character lurking in a dark room, presumably hard at work trying to guess your username and password to gain access to your information. While this may still be the case in some situations, the hackers are smart folks, and they have moved on to where the real gold is. Rather than hacking us one person at a time, they are going after the websites where all of our collective online information lies.

Do you have an online account with any of these sites? LinkedIn, Yahoo, Dropbox, Adobe, Target, Home Depot, Comcast, Bell, Equifax or Experian? What all these sites (and many others I haven’t listed) have in common is that they were hacked, and some of the valuable information stolen included your username and passwords for their site. Ten’s of millions of usernames and passwords have been stolen. The hackers have realized that putting their efforts into breaking into a website yields much more information about you than trying to hack you directly.

How do you know if your username and password was breached?

Can you rely on the hacked website to notify you? Some sites, when they discover they have been hacked, implement a mandatory password change the next time you attempt to access the site. Has this ever happened to you? You log in to a website, and it immediately prompts you to verify your identity and change your password? It did for me a while back when I was using Dropbox. What they didn’t point out was that they had been breached, and for some period of time hackers could have accessed my data.

Can you even rely on the websites to know when they have been hacked? How would they know? It’s not like a traditional crime where you might see the broken window. Companies that aren’t making security a principal focus may be completely unaware of the breach and your user information for that site might be already out in the wild.

Troy Hunt is a security expert at Microsoft, he’s one of the white hat hackers on our side. He had the great idea to compile a list of all the available hacked accounts he could find. He scoured the ‘dark web’ to get copies of the information being sold by successful hacks (there is a thriving retail market for this fueled by BitCoin). He found nearly 5 billion accounts (that’s a B, not an M) from 265 known breaches. Then he created the website “Have I been Pwned” (www.haveibeenpwned.com). That’s not a typo, “pwned” is a slang online gaming term that roughly means “I own you” or “I conquered you” just like a hacker may have. His website is free to all. You can go to the site, enter the username that you may often use online (for example most people use their email address) and it will tell you if it knows your username was leaked in one of the breaches it knows about. I tried it with mine and found my information was leaked in the Adobe and Dropbox breaches.

You can also enter a password to see if the password is already in the known hacked password list. In the example shown here, I am testing the password that Invisalign Intraoral scanners use by default. Pwned.

A word of caution. Should we really trust that whoever is behind the website isn’t recording all the passwords tried? What if they get hacked? My advice is to be careful here and NOT test any of your CURRENT passwords you use where you have precious information kept (like your online bank account password). I know this is counter-intuitive, this is the first password you want to test to see if it’s safe.

Remember the bad habit that people have using the same username and password at multiple sites? If that’s you, and the hackers have got your username along with the password when they hacked one of these sites, I can guarantee you that these are the first things they are trying at other websites to see if they can get in (perhaps your bank). If the usernames and passwords are the same, they get immediate access without even needing to take a second guess. It happens all the time.

Consider all this carefully. Check the email you use typically for a user account at HaveIBeenPwnd.com. Perhaps check a password you use all the time. If you discover you have been pwn’d, change your passwords at all the sites that share that username immediately.

Facebook as an Education/Networking Tool

By Katie Graber, DDS, MS

Traditionally orthodontic professionals have relied upon refereed journals, scientific lectures or national/regional orthodontic meetings to garner information about the latest and best in treatment. In the last decade, many orthodontists have transitioned to attending distance-based seminars, listening to podcast recordings or following online group discussions in their area of interest. This, coupled with an increased attendance at specific vendor meetings, has changed the way information is communicated in our field to a portion of the membership.

One of the newer “remote” vehicles for information transfer is via private or closed Facebook groups. These groups can have a narrow or large focus. Some are grouped regionally, by alma mater, treatment style, etc. They can range in focus from practice design to technology to specific treatment products and/or mechanics.

Some forums that I follow include:

  • Elevate Orthodontics Podcast (1700+ members)
  • Ortho Cosmos Forum (1200+ members)
  • Jeff Nolte: Suresmile (300+members)
  • Women in Orthodontics (1200+ members)
  • AlignerInsider: Clinical Chat (1300+members)

Others include:

  • OrthoPreneurs (1600+ members)
  • The Pragmatic Orthodontist: Clinical (3000+ members)
  • The Pragmatic Orthodontist: Elite (150+ members)
  • Orthodontic Pearls (1800+ members)
  • OrthoX Elite
  • Ortho Aligner 3D Study Group
  • Ortho Voice
  • Sarver Orthodontic Study Group
  • Suresmile Synergy
  • Trios Orthodontic Study Group

These groups provide orthodontic professionals the opportunity to network online through a free source. Facebook closed groups permit the owner to determine the eligibility of the membership as well. Vetting members can take time and many of the host/owners do this on a voluntary basis. Additionally, the forum allows for easy photos, video and recording attachment and is an “in real time” communication tool for peer-peer discussions.

These orthodontic peer groups can get information to the user immediately. There is no waiting for a national or vendor meeting. While mostly anecdotal in nature, the “real life” experience of peers is a valuable source for cutting-edge advances. Sometimes the groups also use collective bargaining and/or group purchasing to earn discounts on products or services relevant to that group. Some I have seen include Mari’s list, 3D printers (Form2) and do-it-yourself aligner software. The discounts are above and beyond what a single orthodontic practice can earn or negotiate as the power comes from the sheer number of people interested/included in the discount group. This is another potential benefit to joining one of these online groups.

The Orthodontic Podcast group allows members to listen to orthodontists discuss current and relevant topics. This is reminiscent of the AAO Practical Reviews audio-cassette recordings of years past; albeit these have no continuing education credit associated nor are endorsed/reviewed/refereed by the AAO. A benefit of this type podcast (versus waiting for the practical reviews publication) is instant listening, the instant ability to download and listen across a broad spectrum of listening devices/locations. In addition, there is generally no fee (per se) to join the Facebook group nor listen in on many of the podcast recordings.

So, if you love “talking teeth” and have a specific interest; there is probably a Facebook group for you! Search your subject area under “groups” on Facebook and ask to join.

 

What Your Email Address Says About You

By Steve McEvoy, Technology Consultant

Sending business emails ending with @Netcom.com, Aol.com, Earthlink.com and soon Yahoo.com are tell-tale signs you aren’t keeping up. People notice and may ask you if you are still driving the ‘72 Ford Pinto as well.

Using personal accounts from your Internet Service Providers (ISP) also looks old school like Comcast.net, TimeWarner.com, RoadRunner.com, SBCGlobal.net.

There is no rule making us keep up, or against driving a ‘72 Pinto, but I’d argue if you are in a marketing battle for new patients, this is just one small aspect you can easily improve.

For work, you really should have an email for your practice’s domain.   DrSmith@SmithOrtho.com or DrJones@SmileDental.com, for example. People expect this, and when they see FlyingPigs65@aol.com, you send a subtle message that isn’t positive.

You might certainly have a private, personal email account as well, but even for that, you should consider using something like BobSmith@gmail.com or JaneJones@Office.com.

This should also apply to any of your staff using email on behalf of the practice.

There may be other motivating reasons as well. Companies offering email services for free (AOL and YAHOO) that aren’t thriving financially in their core business won’t be putting development resources into keeping products current, safe and secure.  The news is full of stories about hacked email accounts and ransomware which typically makes its way into your computer via email. Companies like Google, Microsoft, and Apple have reputations to maintain and will have the resources to keep up.  If you are going to use a free email service, I might suggest you look to one of the major players.

Changing your primary email account is always a major hassle, and this is likely what has kept you from making the switch.  Setting up a new email account, and merely forwarding all the email from your old account indefinitely isn’t the right solution. Your old email account can still be hacked, and the company can still go out of business.

The steps generally are:

  • Setup your new email account – and take this opportunity to make sure the password is a hard one. I’d suggest you setup two-factor authentication with it as well.
  • Link your new account to your PC, phones, tablet, etc.
  • Using your old email, notify EVERYONE in your contact list that you are changing your email to the new one effective immediately.  You can do this in one mass email, but be smart about it and put all the recipients in the BCC list so they don’t see everyone else you emailed the list to. Make yourself the only official To:
  • Configure your old email account to forward to your new one (for a while).
  • After a month, check your old account to see if anyone you know is continuing to use the old account, then contact them directly to start using the new address.
  • After another month, turn off the forwarding from your old account and delete it at the vendors. Gone forever, but no risk of hacking.

You can also always enlist some help from your IT person, they should be well familiar with the process.

Creating Videos for Your Orthodontic Practice

Humans are visual creatures. Simply put, we process visual data better. Research shows that more than 80 percent of human learning is done visually and that humans process visuals 60,000 times faster than text.1  As such, creating compelling, easily sharable videos is one of the best ways you can choose to promote and showcase your orthodontic practice. Thankfully, creating low cost, high impact videos online has never been easier. With just a small amount of effort and know-how, you can make a lasting, positive impression on potential patients and set your practice apart from competition in your area.

Videos that introduce yourself and your staff, feature patient testimonials and showcase your practice and the services you offer is a key way to build trust and let potential patients get to know you before actually ever stepping foot in your office. As a bonus, videos hosted on your practice website can also improve how your site appears in search engine results…meaning increased web traffic.

Videos can easily be created without a major investment in equipment or software.  Although they do take some planning and time, especially early on, the investment is well worth the effort. But, if you are trying to keep your costs low, a newer model iPhone or Android device you may currently have in your pocket offers outstanding video capabilities. (Just be sure you’re shooting in horizontal vs. vertical mode.)

Regardless of what equipment you use, following these basics.

  • Shooting a video can be intimidating at first. Just always try to focus on sound and picture quality.
  • Shoot your video in 720p or 1080p resolution.
  • Pre-plan your video. Have a goal in mind. Create and work from an outline so you don’t go off-track.
  • Be sure to add captions to your video. This is because up to 85 percent of videos watched and shared socially are viewed without.  Captions are added via a video editor’s text feature.
  • Make the first few seconds of your video visually impactful. Your goal is to capture your viewer’s attention quickly, within the first 3 seconds.
  • Give your video a compelling title or headline.
  • Brevity is key. Be efficient with words and visuals.

As you begin planning your videos, consider:

  • Stability is key. Invest in a small tripod, monopod or desk stand – your videos will be of much higher quality if you can prevent excess camera movement.
  • If you are producing a video for patient education, you may want to invest in a high quality consumer camcorder with an external microphone.
  • While professional lighting is always preferred for marketing and practice website videos, natural lighting is usually sufficient. Just film in a brightly lit room and make sure there is enough light on your subject’s face.
  • Make sure to have your interviewee or one of their parents sign a photo/video release form giving you permission to use the video you just shot. These forms are available at aaoinfo.org. Log on; then go to Practice Management > Forms and Releases. Scroll down to Practice Management Forms & Materials; then click on Photo Releases.
  • Think outside the box. Videos can be an extremely powerful communication tool for patient education and staff training.

Once you’ve captured your video, you’ll want to begin editing. Editing video means trimming and arranging your video. Video editing software is also how you can add transitions, music, captions and titles…as well as export the movie file that you’ll host on your website or social media channel. Thankfully, there are easy-to-use and affordable options available that will allow you to quickly transform your raw footage into a finalized video for your web page or social media channels.

For users on the Mac, iMovie is a solid choice for beginners. On the Windows side, Windows Movie Maker is an ideal tool to use. Some video users even use apps on their smart phones to edit footage. Apps like the iMovie app for the iPhone and CyberLink PowerDirector for Android are well worth considering for no-frills, simple video edits. For more advanced editing, you might consider options like Apple’s Final Cut Pro X or Adobe’s Premiere Pro CC.

Creation of videos goes quickly and the learning curve is shallow. Make it a goal to begin producing videos today. Fight the urge to think it’s too difficult and just get started.

REFERENCE
1. Gutierrez, Karla. “Studies Confirm the Power of Visuals in eLearning.”

Shift eLearning (8 July 2014). Retrieved from shiftelearning.com/blog/.
* For advice or encouragement on how you can easily begin shooting videos for your practice, or for any video related questions you have, please contact Burt Bollinger, AAO Multimedia Production Manager at bbollinger@aaortho.org.

Reevaluating Your Password Management

By Dr. Matthew Larson

We live in an amazing age where the world is at our fingertips… if only we could remember our password.

It’s no surprise that passwords can be a frustrating part of our digital lives. Websites can have different requirements for passwords and then have to be changed at different intervals. In theory, there are clearly good reasons to have high standards for strong passwords. However, in real life this often means the same password is used for multiple websites and are frequently saved in other locations to remember them.

Here are a few questions to ask yourself about how you handle passwords in your office:

  1. Do you use strong passwords when needed?
  2. Do you have UNIQUE passwords for different sites?
  3. Do you change passwords when you have changes in staff?
  4. Do you keep important passwords private? (This means not posted in plain sight! In many practices the private WiFi password or Invisalign login can be easily found by opening the drawer or cabinet near the computer.)

If you answered no to most of the questions above you may want to consider a password manager app. (If you answered yes to all the questions and do NOT use some form of password manager, I would love to have your memory.) There are many good password manager programs – some are built into web browsers (Internet Explorer, Google Chrome, and Safari all have password managers) while some are 3rd party programs (some of the more popular ones are LastPass, Dashlane, 1Password, and Password Safe). These programs and apps can help manage your existing passwords and help create strong new passwords.

Here are my personal thoughts when selecting a password manager program:

  • Select a program that requires a strong master password to open the app. This rules out most default password managers within web browsers, although there are browser extensions available for many of the 3rd party programs which do require a separate logon. This master password unlocks all your other passwords, so carefully create a unique and very strong.
  • Select a company that has a strong history with good reviews. You want a company with a strong reputation that will continue to maintain high security.
  • Expect to pay a small fee for a high quality company. These programs are inexpensive overall (most range from free to about $5 for the app), so don’t get too caught up trying to find a bargain. A bargain price typically means they are either trying to grow (and then will likely increase fees later) or they are making money through other venues (and the priority may not be the password management program).
  • Use a program that works on mobile devices, Windows computers, and Macs so you can utilize it on all your devices. Additionally, make sure you can sync your database files easily in the cloud between devices.

Related to the database files, ensure the program you choose maintains an encrypted database file. This requires that you have the program and the master password to open the database. All the 3rd party programs mentioned about are encrypted with AES-256 encryption (which is much better than a word document on dropbox).

Currently, I personally use 1Password (https://1password.com/ ), mainly because I like the “Teams” option that allows you to share passwords between team members. You do this using shared “Vaults” as shown below. They charge per user so currently I only have one account for my personal use and one account that the staff uses for ordering and insurance. The program also allows you to save credit card information and profiles, so entering information on a new website goes much quicker. It is also a great way to organize NPI and license numbers for you and your team.

Another nice benefit of these managers is that you can actually load the sites and passwords very quickly and efficiently. I found myself actually saving time going through and paying bills after switching to a password manager because loading every site basically just takes a couple clicks of the mouse. A couple screenshots of how this looks on a mobile device are shown below. (I use this as quick access to my office Facebook account, since the app on my phone has my personal account saved.)

Some may have security concerns by having all your passwords stored in one spot. However, keep in mind that this is the focus of the company and they likely can manage it better than most people can with the little time they realistically devote to it. The first step to deciding if this type of program is right for you and your practice is an honest look at the security and efficiency of your current systems. If managing these passwords is stressful or they are not being stored securely, take a look into what current password manager programs can add to your practice.

2017 Winter Conference – Technology: Balancing Profit, Lifestyle & Patient Care

By Dr. Doug Depew

The 2017 AAO Winter Conference is quickly approaching. Our theme of this year’s meeting Technology: Balancing Profit, Lifestyle and Patient Care.  It promises to be a meeting filled with information for both newer and established practices to help make those tough decisions on what technology is important to use in our practices and when we may wish to invest in it.

The meeting will begin with keynote speaker Jack Shaw.   Mr. Shaw is a world- renowned technology futurist who will be discussing how cutting edge and disrupting technologies will change the way we do business and run our practices in the coming years.

IT guru Steve McEvoy will be answering some of those pesky questions we all have about computer hardware, effective and cost-efficient data backup, and security.   In the ever changing world of computers, what you hear at this meeting will certainly be different than what Mr. McEvoy would have talked about even a couple of years ago.

On Friday afternoon we’ll have a lively discussion by Drs. Greg Jorgensen and Neil Kravitz regarding building our practices through social media, websites, and Internet marketing. Their success in these areas has been paramount in growing their thriving practices.

Saturday morning will begin with Dr. Aaron Molen sharing his experience and thoughts on bringing emerging technology into our practices to help create more efficient and more comfortable patient care.

We’re excited to have Drs. Ed Lin and Christian Groth discussing how to integrate some of the latest technology hardware into our orthodontic practices. This includes workflows for using CBCT, Scanners and 3D Printing.

The conference will conclude with Chris Bentson and Charles Loretto with a discussion on how technology can affect the value and profitability in our practices. This should help answer the question about at what stage of practice a doctor might consider investing in advanced technology.

The location for the meeting is at the gorgeous Marriott Harbor Beach Resort and Spa in Ft. Lauderdale, Florida. The dates are February 10-11, 2017. The schedule is organized in a way to allow some time for afternoon recreation.

There will be plenty of time allotted for attendees to ask questions of the speakers to be sure all bases are covered.   To learn more and to register, visit https://www.aaoinfo.org/meetings/2017-winter-conference-technology-balancing-profit-lifestyle-patient-care

Pokemon Go or Pokemon No?

By Dr. Aaron Molen, DDS, MS

English_Pokémon_logo.svgAugmented reality is the integration of digital information with our physical senses, (e.g., touch, smell, sight). This technology is far from new and has multiple uses in the commercial market but has struggled to find a foothold in the consumer market – that is until recently. On July 6th, 2016 Niantic released the Pokemon Go game app and within 20 days it had already been downloaded 75 million times while producing $10 million in revenue a day for Niantic. The popularity of this augmented reality game is not relegated to kids, as you may find adults as well as young patients playing Pokemon Go in your waiting room or clinic. It’s still to be determined if it will simply be a fad or a long-term success, but regardless, there are several things we as orthodontists can be doing to leverage this augmented reality app for the benefit of us and our patients.

The basic premise of this game, and other location based games, is that certain tasks can only be performed at specific physical locations. In Pokemon Go the goal is to capture as many Pokemon, (small exotic looking creatures with magical properties), as possible so that they can be trained up to compete against other players’ Pokemon. A casual walk down the street with your Pokemon Go app will reveal Pokemon randomly hopping across your path. In addition as you walk around you’ll discover the location of PokeStops and Pokemon Gyms. Pokemon Gyms host the battles between players and their Pokemon but PokeStops serve as one-stop-shops to purchase items to improve your gameplay

Lissterine13PokeStops present a unique opportunity to orthodontists and other savvy marketers. One of the items available for purchase at a PokeStop is a lure. Lures can be purchased and activated at a PokeStop to attract Pokemon. The lure lasts for 30 minutes and attracts Pokemon to gather at that particular PokeStop for easy capture. For example, I once stumbled upon a crowd of 60 people sitting in an amphitheater by the Willamette River in downtown Portland. I assumed they were awaiting the start of a performance and asked a nearby vendor what show it was. He explained there was no scheduled show and there were simply two PokeStops located side-by-side which both had active lures. The crowd had congregated to take advantage of the lures to easily capture Pokemon.

PokeStops have been preassigned by Niantic at locations of local significance. These can be popular stores, parks, art installations, schools, museums, etc. In a few cases I have heard of orthodontists who have been lucky enough to have their offices marked as a PokeStop. Unfortunately as of right now Niantic is not accepting requests to have specific locations deemed PokeStops so there is no way to influence their location.

The marketing opportunity exists for orthodontists who are willing to leverage nearby PokeStops to attract players. Since most orthodontists won’t be lucky enough to have their offices marked as PokeStops you’ll need to download the app or ask a patient where the nearest PokeStop is to your office. Then, on a Saturday, for example, you could set up a marketing table at the PokeStop and activate a lure to attract players. Of course if the PokeStop is on private land you’ll need permission from the landowner or if it’s on public land you may need a permit from the city or county first. If you’re willing to drop multiple lures throughout a specific time period it could be worth the effort. To support your efforts I suggest you post flyers around your office and post on social media the exact times and location you will be activating lures at that specific PokeStop. Word will spread among local players and you may be surprised by the response.

If you are unable to coordinate a marketing presence at a nearby PokeStop there are other ways you can leverage Pokemon Go. Simply placing signs in your windows notifying patients and non-patient passerbys that Pokemon have been spotted in your lobby may encourage more people to open your door. Asking patients if they’re playing Pokemon Go and engaging them in conversation about it may also help you continue to build rapport with them. Keeping up to date with the latest advances in virtual entertainment is not only good for your patients but may also be good for you.

Google+ vs Google My Business

3872b46By Dr. Greg Jorgensen
Rio Rancho, NM

There is no question that the Google search engine is THE search engine of choice in today’s online world. When you want to find something on the web, you “Google” it. The most current statistics estimate that 90% of all online searchers used Google in 2014. Yahoo and Bing each attracted about 3% and the remaining 4% was divided up between several less widely accepted search engines. Google is king and if you want your orthodontic practice to be found, you must focus your SEO efforts on being optimized for Google.

Google has two other services that bear the Google name but may be less understood by orthodontists. Those two are Google+ and Google My Business. One is VERY important to every business and the other may not be around a year from now. Let’s take a look.

Google+ is Google’s version of Facebook. Like Facebook, you can post photos, statuses, and videos. Acquaintances are grouped into Circles which represent groups of people with something in common. Their version of the Timeline is “The Stream.” Google+ has a useful communication feature called Hangouts which allows group texts and video chats. Over 500 million users are registered on Google+ (compared to Facebook’s 1.3 billion), but the average interaction is only about 7 minutes per month. Its biggest strength is its tight integration with Gmail and YouTube which are very popular online services. Because it is so similar to Facebook without offering any real advantage, many on the “inside” feel that like several other Google attempts at a social network, Google+ is on its way out.

Google My Business is Google’s version of a Facebook business page. (It has formerly been named Google Places and Google+ Local.) Like a Facebook business page, there are pictures, a description of the business, hours, form of payment, a map, and reviews. A Google My Business listing is like a full page ad in the yellow pages in years past, and it is completely free. The one big advantage that Google My Business has over a Facebook page is that this listing is presented as the primary search result whenever someone performs a local search for an orthodontic practice in your area. The types of keywords that make a search local include business names, zip codes, addresses, phone numbers, and neighborhood names. Although patients may be able to search for your business within Facebook, most will just Google your name and find your Google My Business page.

In the interest of time and return on investment (ROI), which if either of these platforms is important for orthodontists? First and foremost, you MUST have a listing on Google My Business. When someone searches for an orthodontist in your community, Google will look first for your Google My Business presence. It must be complete, accurate, and attractive. Next, you should concentrate your social network efforts primarily on your Facebook business page. Zig Ziglar said, “Fish where the fish are.” The fish are on Facebook. There are conflicting opinions on the value of Google+ for an orthodontic office. The service is owned by Google and we all want to “stay in their good graces.” As for ROI, however, I personally haven’t seen any at all.