Another cost you should probably budget for is external independent reviews / audits of your setup and security as a way to confirm that you haven’t left gaping holes anywhere.
Adding all this up feels like it has taken a medium size NAS project and turned it into a major infrastructure programme.
Unfortunately, what I am really saying is that even though this is a small business, the data privacy issues mean that you need to treat the requirement and solution as if you are an enterprise IT department.
In other regulated fields (like financial services or currency exchange) it is quite normal now for small businesses to use a specialist platform that holds all their data and provides all the apps needed (so except for the browser traffic over a VPN) no data ever leaves the secure remote environment). I have no idea whether such a platform exists for small medical businesses, but if it does you might find it easier and maybe even cheaper to use such as platform.
Snapshots with a good long retention date take care of the ransomware.
Sounds like you will need a backup system too.
That can be any PC with a mirrored disk running TrueNAS as a replication target.
Encryption with manual password entry (not sure how this works these days) should take care of the theft.
Make sure the keys are triply safe.
I would use mirrored boot drives. The downtime from having to re-image, reset, reconfigure the networking and then re-upload the config, and reset all the root home directory stuff is just not
worth it.
Haven’t had time to read through all the posts, but reading keys here and there makes me glad someone pointed it out.
When using keys for encryption, they are stored unencrypted on the boot pool as far as I know so a passphrase is the only way to protect against physical theft.
Just click on the keys entry in the drop down when creating a an encrypted dataset and choose passphrase.
They do exist, and we will use them for long term (10year) mandatory archiving, billing, patient history etc. But they all dont allow the creation of documents. Just the uploading. So everything needs to be created locally. So I want a second copy of these documents on site.
Just because that’s true doesn’t mean you couldn’t be liable for civil charges in the event of a breach. Unfortunately, lawyers are really good at beating up the little guys who can’t defend themselves.
This sounds like the worst of both worlds - all the costs of a properly architected and managed local environment (x2 if you want to store backups at home) plus the costs of an industry cloud service that also does all the same stuff.
My advice is to think about whether / how you could simplify this.
snapshots are only useful if your backup system is entirely separate from the systems it is backing up. Backups 101 so many fail at, their backup system is on the same domain or uses the same admin accounts as other elevated systems in the env.
