- It goes without saying that the road to healthcare cloud security has been a bumpy one for many organizations. Understanding what to push into a cloud ecosystem, how to control these workloads, and – most of all – how to secure the cloud, have all been challenges for companies across all verticals.
But has that stopped the cloud? Has it really slowed adoption of cloud services?
Consider this, Gartner points out that, in 2014, the absolute growth of public cloud IaaS workloads surpassed the growth of on-premises workloads (of any type) for the first time. Gartner's 2015 CIO survey indicates that 83 percent of CIOs consider cloud IaaS as an infrastructure option, and 10 percent are already cloud-first with cloud IaaS as their default infrastructure choice.
We know that growth around cloud utilization will continue, and we know that healthcare cloud security remains a big concern.
Juniper Research recently pointed out that the rapid digitization of consumers’ lives and enterprise records will increase the cost of data breaches to $2.1 trillion globally by 2019, increasing to almost four times the estimated cost of breaches in 2015. With this in mind, it’s no wonder that respondents to the latest State of the Data Center Survey indicate that security is still a top concern. In fact, 32 percent indicated that security was still a barrier to cloud adoption.
So how are organizations supposed to wrap their heads around the complexities of cloud security? More so, how can healthcare organizations adapt to the cloud and still stay secure? In the healthcare world, PHI is an extremely guarded asset. Where does it all live? Are you securing all of it intelligently?
In breaking through the cloud security fear, here are some things to consider:
There is no silver bullet around security – always remember that
If anyone ever tells you that their one piece of technology can secure your entire environment, run. Advanced persistent threats take aim at physical, virtual, and even end-user access points. These threats focus on specific services, applications, and even user vulnerabilities to gain access. Your solution around security must be an end-to-end architecture. To break through that cloud layer, your data center environment will need to be locked down with intelligent policies which can scale into your cloud environment. What good is healthcare cloud security if the on premise ecosystem is still vulnerable? The good news is that network controls, next-gen firewalls, monitoring systems, and even IPS/IDS systems can come a long way. Isolate your critical data points, wrap good security policies and technologies around it, then scale into the cloud.
Automated threat responses will reduce impact and improve remediation times
It’s really not a matter of if, but when. If you retain valuable digital assets, then you are a target. Automated threat responses look for anomalous traffic and stop it at the source. They’ll block ports, alert administrators, and even isolate entire network environments to prevent further spread of an attack. The point is that these security systems are working for you. Whether on premise or in the cloud, proactive security intelligence allows you to create a multi-vector threat response mechanism which is always working for you. Although the human security element will always be critical, don’t be afraid to test new technologies which can create real security intelligence and even automation.
Start spreading security intelligence throughout data center components
How well can you see what kind of traffic specific port within a specific rack is processing? Are you able to see application health both on premise and in the cloud? Do you have good load-balancing mechanisms in place to properly assign resources and users? Security intelligence spreads to the user, the application, the network port, and even the blade that’s housing critical workloads. The amount of control you have around the flow of data is much more advanced than ever before. Next-gen IPS allows you to create real-world security policies around a contextual security engine. For example: Who is the user? How are they coming in? What device are they using? Where are they coming in from? What group do they belong to? Are they violating a policy or signature? You can also validate traffic and even signatures against massive cloud security reputation filters. This gives you access to billions of web requests, millions of lines of analyzed malware code, millions of documented network intrusion attempts – all to give you real-time information around your network, your users, and who might be trying to get in.
The reality is that the bad guys will always be out there. And, they’ll always be looking to opportunities to get in. Your role is to make it as challenging as possible and to stop attacks before they can cause real damage on your healthcare networks.
Our capabilities around isolating and stopping modern threats have certainly evolved. However, this specifically revolves around the capabilities of your integrated healthcare security architecture. This means removing complexity and fragmentation, while creating good visibility into network and data flow. A good healthcare cloud security strategy not only helps keep the bad guys out – it also creates a more efficient data center model.