It’s not just about se­cur­ing credit card data

Elec­tronic pro­tected health in­for­ma­tion (ePHI) is 10 times more valu­able than credit card data : Fortinet

Voice&Data - - CONTENT -

Re­cent high- pro­file at­tacks glob­ally on health­care or­ga­ni­za­tions rang­ing from large hos­pi­tals to ma­jor in­sur­ance providers have high­lighted the need for se­cu­rity that goes far be­yond merely com­pli­ance with relevant reg­u­la­tions. Un­for­tu­nately, too many health­care or­ga­ni­za­tions have chron­i­cally un­der­in­vested in IT se­cu­rity mea­sures to pro­tect crit­i­cal sys­tems and data, leav­ing them far more vul­ner­a­ble than their peers in other in­dus­tries such as fi­nan­cial ser­vice where se­cu­rity has been a top busi­ness and reg­u­la­tory pri­or­ity for years. Ac­cord­ing to an IDC re­port re­leased in 2015, 50 per­cent of health­care or­gan­i­sa­tions have ex­pe­ri­enced 1 to 5 cy­ber­at­tacks in the past 12 months.

“When it comes to se­cu­rity, health­care is in the mid­dle of a per­fect storm. On the one hand, ac­cess to data dis­trib­uted across de­vices and lo­ca­tions is para­mount – di­verse providers and con­nected or­gan­i­sa­tions need that data to flow freely in or­der to do their jobs. While on the other hand, se­cur­ing sen­si­tive pa­tient records has never been more im­por­tant or dif­fi­cult, since elec­tronic pro­tected health in­for­ma­tion (ePHI) is ex­tremely valu­able to hack­ers and scam­mers – 10 times more valu­able than credit card data,” said Ra­jesh Mau­rya, Re­gional Di­rec­tor, SAARC at Fortinet.

Pa­tient health records have much higher value on the black mar­ket than credit cards and other fi­nan­cial data, mak­ing health providers a prime tar­get for cy­ber­crim­i­nals. The so­lu­tion is for health­care providers to adopt end-to-end se­cu­rity mea­sures that al­low them to embrace new tech­nolo­gies and ways of work­ing while also pro­tect­ing their most valu­able as­set: in­for­ma­tion.

Mau­rya ad­vo­cates holis­tic se­cu­rity ap­proaches that can en­sure se­cu­rity across di­verse IT en­vi­ron­ments that in­clude:

Main hos­pi­tal and data cen­tre

The cen­tral data stor­age fa­cil­ity should be for­ti­fied with hard­ened data pro­tec­tion to en­sure the safety and use­ful­ness of pa­tient data. En­hance con­trol and vis­i­bil­ity of net­work traf­fic for cen­tral­ized staff and providers so that the most im­por­tant hubs of care can op­er­ate at their full ca­pa­bil­ity.

Next-gen­er­a­tion fire­wall man­age­ment

CIOs need to pro­tect dis­trib­uted mul­ti­ple health­care lo­ca­tions by de­ploy­ing a se­cu­rity in­fra­struc­ture which can pro­vide co­her­ent man­age­ment of frag­mented net­works and data streams, com­plete with log­ging, anal­y­sis, and re­port­ing func­tion­al­i­ties. With such ad­vance in­fra­struc­ture, a com­plex data pic­ture is sim­pli­fied, vis­i­bil­ity is en­hanced, and all of its mov­ing parts are pro­tected.

Dis­trib­uted med­i­cal of­fices and home work­ers

En­sure se­cu­rity across dis­tinct of­fices and home lo­ca­tions with flex­i­ble se­cu­rity prac­tices and tech­nolo­gies.

BYOD mo­bile users

The unique chal­lenge of em­brac­ing BYOD is that it in­vites an es­sen­tially in­fi­nite range of de­vice types, user habits, and lo­cales into the IT en­vi­ron­ment. These de­vices may con­nect to the net­work from ei­ther out­side the main fire­wall or from within the net­work perime­ters, re­quires tech­nolo­gies that al­low for rapid scaling, pol­icy en­force­ment, and sim­pli­fi­ca­tion.

Ad­vanced threat pro­tec­tion

Re­duc­ing the avail­able at­tack sur­face of a health­care or­gan­i­sa­tion can pre­vent many at­tack­ers from ob­tain­ing in­for­ma­tion. En­sure that ad­vanced threat pro­tec­tion tools cover user au­then­ti­ca­tion, VPN, SSL in­spec­tion, ap­pli­ca­tion con­trols, an­tivirus, and other fac­tors. CIOs need sand­box­ing tech­nol­ogy that can ex­pose pre­vi­ously un­known ma­li­cious threats and ex­am­ine them within a se­cured en­vi­ron­ment, hence pro­vide the in­tel­li­gence and pro­tec­tion nec­es­sary to se­cure the health­care en­vi­ron­ment from es­ca­lat­ing cy­ber threats.

“Fortinet is well po­si­tioned to meet the var­ied and crit­i­cal se­cu­rity needs of health­care or­ga­ni­za­tions world­wide. With so­lu­tions that of­fer in­dus­try-lead­ing se­cu­rity ef­fec­tive­ness, scale to any size and de­liver third-party val­i­dated, un­matched per­for­mance, Fortinet net­work se­cu­rity ap­pli­ances en­sure that health­care in­sti­tu­tions never have to choose be­tween per­for­mance and se­cu­rity,” says Mau­rya.

Newspapers in English

Newspapers from India

© PressReader. All rights reserved.