There will be benefits and challenges with any technological innovation. This holds especially true for anything related cloud computing. We now have a multitude of different cloud model types where healthcare organizations can best use the available technology. Regardless of whether healthcare organizations are using a public, hybrid, private or another type of cloud platform – one of the first questions in deploying the technology undoubtedly revolves around health cloud security.
Cloud computing can be a very powerful platform for healthcare organizations when deployed and utilized properly – but as this type of environment gains popularity, security will continue to be a top priority. In utilizing cloud computing, there are some core security considerations that must be analyzed.
Data protection and integrity: This is, of course, a no-brainer for the healthcare industry at the moment. There are numerous points where a potential health data breach can happen, such as in the form of a middleman attack, at the endpoint or even at the data center level. Regardless of where the potential strike may happen – healthcare administrators must protect one of their most valuable data sets: patient information. This means deploying end-point interrogation engines to see what types of devices are trying to connect and setting robust security policies to protect against compromised devices.
From there, Intrusion prevention systems (IPS) and integrated delivery systems (IDS) can help prevent unwanted entry. Next-generation security technologies can further help secure an environment by provided virtual security appliances. These can be set up internally, externally, or even in a perimeter network or demilitarized zone (DMZ) to serve a specific function. New, powerful, data-loss prevention (DLP) platforms further help prevent data leakage. By scanning data algorithms, DLP can stop sensitive information from leaking.
Large cloud deployments equal large targets: As more healthcare organizations work with cloud providers – they need to understand what that type of data center influx can mean. The more a cloud provider is used, the more it becomes a target. Attacks against cloud providers have not only increased, they’ve become much more sophisticated. One big threat has been the recent influx of distributed denial-of-service (DDoS) attacks. In fact, a recent annual Arbor Networks survey showed that 77 percent of respondents experienced application-layer attack, and such attacks represented 27 percent of all attack vectors. Plus, the ferocity of these attacks is truly staggering where a 100Gbps spike was seen in 2010.
Organizations will have to arm their administrators with the latest, cloud-ready, security tools to help mitigate and prevent these types of attacks.
Assume that the cloud can, and will go down: One big misconception around the cloud is that the data is continuously distributed. Well, this isn’t entire true. If an organization’s entire cloud infrastructure is hosted by one single data center – than there is clearly a single-point of failure. Regardless of the types of internal cloud redundancies that may be deployed, if a cloud data center is hit; it will go down – and so will your environment. This can be an act of nature, some other type of emergency, or a security breach. Recently, the IT world saw a major cloud outage. The cause was determined to revolve around a simple SSL certificate which was allowed to expire. This then created a global, cascading failure taking down numerous vital public cloud components. Who was the provider? Microsoft with its Azure product. This goes to show that no major cloud provider is safe from an outage. For healthcare organizations, having a business continuity or disaster recovery plan is absolutely vital. Should a core infrastructure component go down, there must be a plan to safely migrate users and data to a secondary site.
Cloud intrusions can be extremely costly: If a cloud security breach happens, healthcare organizations must make a very public – and oftentimes embarrassing – announcement. For example, a Wisconsin-based hospital had to deal with this very issue. The hospital recently announced that it encountered one massive security hack infected the system of a staff member. In a revelation, representatives of the healthcare organization indicated that the infected system contained 43,000 patients’ records consisting of names, birth dates, residential addresses, diagnoses, medical record numbers, and within a few instances – Social Security Numbers. Infrastructure security has to be very seriously considered. This doesn’t mean just securing various cloud components. Administrators must secure the internal environment as well. End-points, kiosks, PCs, and even personal devices must all be managed when they are on the network. Good security practices as all levels can help prevent these types of breaches and instances of data loss.
Always plan, sandbox, test and then deploy. Cloud computing deployments don’t have to be difficult. In that sense, there are certain best practices that healthcare organizations should follow when moving towards some type of cloud environment. The planning and testing phases are always important. However, create a cloud sandbox environment has actually helped many healthcare data center stay ahead of the bad guys. How? By creating a sandbox environment mimicking the existing infrastructure – administrators can test vulnerabilities, spike usage, and verify certain types of applications. Although not all encompassing, a sandbox environment can be used to test various security features and even to simulate latency or a DDoS attack. The final cloud deployment should come after thorough testing and documentation has happened. From there, constant vigilance and a good cloud management practice will help keep the environment up and running more smoothly.
In some cases, using cloud computing can mean relinquishing control over certain parts of your environment. However, this doesn’t mean that data and information that traverses the WAN can’t be monitored and in some way tracked. There are really two major concerns for any healthcare organizations: an infrastructure breach and data loss.
In both cases the results can be very messy. Negative publicity and the resulting investigations cost even more time and money. One of the best ways to help secure the cloud is to be aware of the existing threats and how they continue to change. For example, DDoS attacks have changed greatly from simply volumetric strikes into much more advanced, HTTP and application-layer attacks. In creating truly agile cloud environment – the focus will have to revolve around data integrity and infrastructure security. For a healthcare organization, the upfront security costs can greatly outweigh the price for a potential breach.
Bill Kleyman, MBA, MISM, has heavy experience in network infrastructure management. He has served as a technology consultant and taken part in large virtualization deployments while be involved in business network design and implementation. He is currently the Virtualization Architect at MTM Technologies Inc. and his prior work includes Director of Technology at World Wide Fittings Inc.