Healthcare entities run with such tight budgets, so it’s a challenge at best to provide adequate protection against the threat of ransomware, external attacks, malware, and data breaches. And because those tiny budgets mean IT can only focus its efforts on what’s going to have the greatest impact, it’s important to understand where healthcare IT is missing the mark.
Below are seven areas Healthcare IT may be doing their security stance a disservice. With the goal being to keep the bad guys out (and your patient data in), each of the following seven improvements create the “defense in depth” approach necessary to properly secure a healthcare technology environment.
1. Purchasing vendor support for firmware, patching and anti-virus
These technologies are a staple in any security strategy. The bad guys attempt to leverage known vulnerabilities in endpoints, servers, and even sensory devices to gain access. And, while you believe you’re completely patched, you may not be – for example, only 26% of enterprise-owned PCs are patched. Likewise, antivirus (AV) needs to be constantly updated to remain effective. Purchasing support to ensure your systems are updated is critical to establish a proper foundational defense.
2. Ensuring you have updated firewall technology
Today’s network strategies around firewalls are more advanced than just allowing certain types of traffic in and out at the perimeter. Modern firewall tech includes application and virtualization-layer firewalls, deep packet inspection, packet filtering, and stateful inspection of network traffic to ensure every last bit of data flowing through your network should be there. This type of technology is rapidly revolving so using the latest and greatest here makes a difference.
3. Deploying network monitoring and intrusion detection
Firewalls exist to stop intrusion from occurring. But should an attacker get past your firewall, you need visibility into the devices on your network and an ability to watch for malicious activity on said devices. Network monitoring allows IT to see any changes in network devices, such as the addition of a rogue device. Intrusion detection can watch systems and network traffic, looking for irregular behavior and activity, alerting IT to the potential infraction.
4. Placing devices on the same network as your guest access
Any device not under your control – whether it be a visitor’s mobile device, or a doctor’s tablet (as part of a BYOD initiative) – should never reside on the same network as your EHR, your clinical devices, or your endpoints with patient data. An uncontrolled device is a potentially compromised device seeking to laterally move within your network. Using either a physically separate network or VLANs to isolate guest access is a MUST.
5. Inserting encryption and authentication on both ends of communications
Many organizations still rely on legacy file transfer protocol (FTP) solutions that don’t provide a minimally acceptable level of authentication or encryption. Data that needs to be transmitted – such as credit card data to a clearinghouse – should be encrypted at rest, in transit and, if possible, sent in a way that ensures only the intended recipient receives the data.
6. Taking cybersecurity into account
Security shouldn’t exist for the sake of just being in place; it needs to be based on a strategy that seeks to address the potential threats facing Healthcare. External attackers are now cyber-criminal businesses, making the need for cybersecurity and resilience even more critical. Think about it – you are up against organizations who’s only goal is to figure out new ways to gain access to your network and steal patient records. They study the systems and devices you use, looking for ways to exploit them. You need to be vigilant – understanding the methods and tactics used, formulating an appropriate response security strategy.
7. Tackling security issues head-on
Like any other IT organization, healthcare IT has their heads down focused on the projects that demand their time. Security, while important, tends to fall on the wayside, with IT relying on the basic solutions in place to keep the bad guys out. But, a proper layered security strategy revolves around assuming each previous layer will eventually fail, requiring additional layers to ultimately stop an attack. So, if you a) don’t have a layered security strategy and, therefore, b) aren’t really focusing any efforts on any of the previous security issues, you will likely find your organization the victim of a successful malware or ransomware attack, or worse – a data breach.
These Improvements shouldn’t be a tall order
The good news is none of these security failings is irreparable. It’s a matter of time and focus (and, perhaps a bit of budget too). These 7 improvements should be addressed to keep your healthcare IT in top shape. Don’t forget that one really good phishing attack or ransomware infection can impact operations and affect the organization’s reputation and revenue for years. By focusing on rectifying your security deficiencies, you can strengthen your organization’s security stance and avoid becoming a victim, a statistic, and a headline. Reach out to Comport to get a comprehensive healthcare security strategy in place.