- The modern healthcare IT environment has quickly become the home of next-generation technologies. Still, the proliferation of cloud computing and the data-on-demand generation has created new types of challenges for today’s healthcare IT environments. Not only do administrators have to focus on creating robust, multi-tenant platforms, they must always take end-user performance, resource utilization, and (of course) data center security into consideration.
A recent Ponemon study analyzed the cost of data breaches, and found that the average cost of breaches at organizations have jumped past $4 million per incident, a 29 percent increase since 2013 and 5 percent increase since last year. The study found that average dwell time for breaches stands at 201 days, with organizations requiring another 70 days to contain breaches once they'd been identified.
Furthermore, the report pointed out that the average cost per record equaled about $158. However, being prepared for a cybersecurity incident can diminish that cost. For example, having an incident response plan and team in place can reduce that figure by $16 per record.
There was a great IDC study of US businesses which reveals a wide spectrum of attitudes and approaches to the growing challenge of keeping corporate data safe. While the minority of cybersecurity "best practitioners" set an admirable example, the study findings indicate that most US companies today are underprepared to deal effectively with potential security breaches from outside or inside their firewalls.
"The study findings imply that the US private sector is more exposed to cybersecurity threats than it needs to be, given the best practices that are available today," said Steve Conway, IDC research vice president, High Performance Data Analysis. "IDC believes that this situation will improve substantially only in response to more pervasive, serious breaches — and breaches will become more frequent and damaging during the next 10 years."
"The benefits of analytics, coupled with 3rd Platform delivery channels, will cause the rapid maturation of analytics platforms and further development of hybrid solution/managed security services (MSS)," said Sean Pike, IDC program director, eDiscovery and Information Governance. "As use cases for analytics platforms mature and competition creates price pressure, organizations will likely continue to turn toward these solutions in order to round out existing security resources."
With all of this in mind, let’s pause and look at healthcare. We know that there will be greater levels of digitization for healthcare organizations. We also know that more users (and healthcare professionals) will be using digital tools to consume and deliver healthcare services. Throughout all of this, security will be a critical component and consideration. This is why many healthcare organizations are deploying powerful security technologies around automation, orchestration, and healthcare security systems.
Next-gen end-point detection and response (EDR) systems
New end-point security systems are becoming powerful, machine-learning, engines which dive deep into data, network, and even packet analytics. This goes beyond your traditional end-point security platforms. Now, healthcare organizations are working with security managed services offerings which deeply understand network components, server configurations, and how users interact with key data points.
Integrating orchestration systems into healthcare security
Today’s healthcare environments are distributed, and growing in IT complexity. Security orchestration allows healthcare security professionals to use a single pane of glass to control very critical security engines. This includes IPS/IDS systems, various firewalls (even different manufactures), web application firewalls, and much more. These systems help create a visual architecture around security and give you the chance to respond faster to security incident.
Utilize monitoring, analysis and management tools
There’s no effective way to secure data that you can’t see or manage. Get used to the fact that there will be more digital assets bringing greater capabilities, while still introducing new levels of risk. Monitoring and analytics systems look into data repositories, servers, virtual applications, databases, and much more. You can set granular policies to control the flow of data and see which systems internally are being impacted.
Creating healthcare data center-to-cloud security policies
The reality here is that there will be more healthcare systems being delivered via cloud services. Security orchestration gives you the ability to visual information flow between on premise and cloud systems. Compliance-ready cloud providers create secure connection into on premise environment. From there, it’s up to healthcare security IT professionals to ensure their policies can scale into the cloud. Deploying security monitoring and orchestration platforms help create a much more transparent healthcare environment, making it easier to manage.
Being able to automate various healthcare security services not only optimizes your overall infrastructure, it allows security administrators to focus on more proactive tasks. Because we have so many new types of devices connecting into the modern data center, it’s critical to have solid security controls in place. In the age of the cloud, more organizations are utilizing this type of distributed computing architecture. Regardless of the vertical you’re in, you can still deploy powerful, compliance-ready, security solutions which effectively span your data center and the cloud.