Healthcare providers have historically taken a perimeter-focused approach to cybersecurity which is the equivalent of building a strong fence around your property to keep the cattle safe. On the ranch, a fence may develop a small hole that allows a predator in or a stampede could crash through the gate. Your network is at risk in similar ways.
Cyberattacks on healthcare providers don’t gain access through the front door. They find a hole in the perimeter through a vulnerability in the network. To protect patient privacy and data, organizations much approach cybersecurity in a way that can protect data from threats coming from all directions.
Healthcare Networks Are Under Attack
A 2016 Ponemon Institute survey reveals that healthcare providers are victimized by an average of one cyber attack per month — many severe enough to warrant the involvement of law enforcement.
The healthcare sector’s rapid move to technology-driven care and operations has left holes in the security fabric, resulting in substantially increased network attack surfaces and threat vectors. The increased risk stems from a variety of new trends, most notably:
Proliferation of medical devices — both remote and onsite — that connect to provider networks. The FDA reports that many of these devices, like insulin pumps and heart monitors, may have security flaws that, if exposed, can potentially endanger patient safety. When infected with malware, devices can serve as a gateway to hospital networks — putting patient care, data privacy and organizational performance at risk.
Cloud computing — while it improves data storage efficiencies and access to PHI, without the proper security and encryption protocols, the cloud exposes networks to risks from third-party technology vendors and data sharing mishaps.
BYOD (bring your own device) and mobile technology — BYOD enables healthcare organizations to save costs and healthcare professionals to save time; but it also puts PHI at risk when smartphone and tablet users fail to take proper security precautions; or, when the devices themselves lack adequate controls. Portability, while good for productivity, is bad for data privacy and network performance when devices are lost, stolen or used to transmit malware via spear phishing and other deceptive attack tactics.
Liberal guest access privileges — that allow patients and family members to connect to hospital and clinic networks are another potential entry point for cyberthreats.
The rise of advanced persistent threats (APT), malware, and phishing schemes have undermined the power of perimeter-based cybersecurity to protect data on flat healthcare network architectures.
Once an APT crashes through perimeter defenses, it can escalate privileges to appear as “trusted” internal traffic and gain unfettered access to the network leaving sensitive data vulnerable – unless you establish another layer of defense, or virtual “fencing”, around vital data assets.
For the healthcare organizations we support, we create these virtual “fences” by deploying internal segmentation firewalls (ISFWs) at strategic points of the network.
Designed to complement — not replace — traditional firewall technologies, ISFWs intelligently segment networks and add layers of protection to stop threats from spreading quickly, once inside. In a healthcare environment, for example, critical data like PHI can be surrounded by its own internal firewall protection.
When security products are architected to work in unison the result is a higher level of protection than with a piecemeal of point solutions. Contact us to see how our solution can help you meet the performance and security needs of your healthcare network and environment.