- Hospitals and health systems are continuing to struggle with laptop vulnerabilities, caused primarily by endpoint data loss, excessive user permissions, and dormant accounts, according to new findings from Clearwater CyberIntelligence Institute.
In fact, 70 percent of all high and critical risk scenarios for laptop vulnerabilities were caused by those risk areas. CCI researchers analyzed data from Clearwater’s proprietary database, which is exclusively focused on cybersecurity risks to hospitals, Integrated Delivery Networks, and business associates.
Endpoint data loss was the biggest vulnerability for laptops, caused by continued deficiencies in security controls, according to researchers. To start, nearly all laptops (98.9 percent) have vulnerabilities in locked down external ports, like USB, DVD, Firewire, and the like, which prevents users from exporting data to external storage.
Further, 63 percent of laptops have flaws around users locally storing data, rather than using the organization’s programs and data with secure, virtual desktop software. And about half (52 percent) of laptops are deficient in data loss prevention tools, designed to scan all communications traffic to prevent sensitive data from being sent to an unauthorized user.
In addition to these control gaps, the researchers found that all laptops have high risk vulnerabilities in user activity review; about 98 percent have flaws in user permissions reviews; and nearly 92 percent have log aggregation and analysis gaps.
While the researchers noted that laptops are certainly not the number one risk area for hospitals and health systems, they pose a serious risk to exposure. Therefore, IT leaders should ensure they’ve performed a thorough risk analysis on the devices.
The analysis should assess whether the controls have been properly implemented. The researchers also recommended these providers ensure the risk ratings for these controls provide the right amount of attention to the risks. Lastly, IT leaders should employ a remediation plan for the risks around endpoints, user permissions, and dormant accounts.
User authentication is the most common risk for hospitals and health systems, which includes excessive permissions and endpoint leaks, according to another CCI report from December.
“It may seem like a given, but the questions that hospitals and health systems need to be constantly considering are, do we know for certain that the security measures we have adopted for these things have been properly implemented,” Clearwater Senior Vice President of Product Innovation Jon Stone, said in a statement.
“Further, do the risk ratings associated with these controls bring the right level of attention to these major risks?” he added.