- The modern healthcare data center has truly evolved.
We’re now seeing the emergence of a truly interconnected healthcare technology ecosystem spanning numerous heterogeneous IT platforms. Throughout all of this, security continues to play a major role, which is why organizations need to be mindful of their healthcare security solutions.
In a recent IDC FutureScape Healthcare Predictions report, it was noted that the drivers influencing investment in healthcare IT are global in nature.
As IDC pointed out, major themes include the critical nature of security and the impact of breaches in healthcare, the availability of 3rd Platform technology and innovation accelerators to enable digital transformation, and the ubiquitous access to mobile technology, the movement toward personalized medicine, and the need for new data sources and advanced analytics including cognitive computing.
Their report also pointed out that increased availability of resources for IT security is allowing providers to begin to implement strategies to secure data and networks.
Finally, in the new IDC Health Insights Survey, we saw that providers are taking advantage of more cloud implementations and leveraging mobile and analytics capabilities in the cloud.
While 50 percent of software spending growth is still directed toward on-premise investments, survey respondents reported that 18 percent of new software spend is going into software as a service (SaaS) and 24 percent is going into projects that leverage managed hosting by a third party.
So as we look ahead into the evolution of the healthcare provider, the healthcare cloud, and major security implications, let’s examine five security tools that you should consider for your next-gen, digitized, healthcare environment.
Utilizing virtual security appliances (and containers)
I’m so happy to include containerization into this topic. I have no doubt that security micro-services can potentially revolutionize point-security challenges and requirements. Already, we can deliver some advanced security and even load-balancing capabilities via containerized means. Beyond this new type of virtualization platform, it’s also very important to look at virtual security appliances. These software security tools allow you to segment your network, control and secure specific data repositories, and even provide very specific services like DLP, IPS/IDS, and device interrogation. You don’t have to deploy yet another physical device to secure a part of your network. Look for these logical tools to help.
Look for next-gen security features and services
Let’s face it, your traditional firewall or UTM appliance just won’t cut it any more. New types of security services allow you to secure internal data center traffic and even cloud-to-cloud data security. If you’re extending your data center into the cloud, maybe a VPN isn’t enough anymore. Deeper security technologies will allow you to look at file anomalies, application access based on very specific services, and even create micro-segmentation of entire user/device groups. Because there is no silver bullet when it comes to security, taking the holistic approach always helps. This might mean that you should look at new security vendors which align with your business and healthcare strategies.
Deploying security automation and orchestration
This is a big technology trend that a lot of healthcare organizations are actively pursuing. Consider this – within healthcare, there are always new healthcare associates, doctors, nurses, contractors, and so on. New types of automation and orchestration technologies allow you to control everyone who enters and leaves your environment. Most of all, these workflow automation systems integrate with IT, HR, and business platforms for maximum efficiency. And they can help you control software licensing with greater visibility into who is accessing applications, various workloads, and healthcare resources. Finally, you’ll be able to remove rogue, or lost, accounts, completely control access to internal resources, and manage healthcare user workspace experiences.
Integrate policies and compliance into healthcare
Just because you’re in the cloud doesn’t mean you can’t be compliant. New policies are now allowing traditionally locked down organizations to move into a cloud model. Modifications in HIPAA and PCI/DSS have already allowed some data points to be stored in the cloud. Data security and cloud hosting can absolutely live hand-in-hand. Make sure to look for new solutions and cloud providers who are able to meet your regulatory demands. For those healthcare organizations aiming to leverage cloud, know that there are new offerings aimed at healthcare workloads and even applications. Not only does this allow for more agility, it helps reduce on premise data center requirements and helps create new types of business economics.
Using next-generation monitoring and controls
It goes without saying that you must keep an eye on all of your critical data points. New types of monitoring solutions integrate with physical devices, virtual environments, and even your cloud ecosystem. New types of security information and event management solutions help healthcare organizations see security and data access in real-time. Most of all, these engines help correlate critical events spanning applications, physical devices, and much more. Now, these types of systems integrate with cloud workloads as well. In working with new types of healthcare requirements, always keep an eye on your data. I know that sounds general, but conducting internal data analysis and even penetration testing will help you identify your key data points, and where there are vulnerabilities.
There’s no question that we’re seeing a true evolution of the modern healthcare data center.
Moving forward, we’re going to have more devices connecting into the cloud and the Internet of Things is sure to make an even greater impact on your healthcare data security requirements. Administrators will be constantly challenged with deploying powerful security solutions while still ensuring an optimal end-user experience.
As you build your cloud-ready infrastructure, always look for tools and feature sets that allow you to stay agile, scalable, and most of all, secure.