- More healthcare organizations are implementing mobile devices and opting for BYOD strategies to help strengthen communication capabilities. However, the increase in endpoint devices has also opened entities up to more security issues, such as ransomware threats.
Failing to account for all devices in an overall security strategy could be devastating to a healthcare organization. It just takes one inadvertent click in an email, or one mistaken download onto a smartphone for a healthcare organization’s network to become compromised.
While there are new threats on the horizon every day for healthcare, ransomware continues to be a top threat for healthcare, according to Dan Trott, Healthcare Strategist for the Healthcare & Life Sciences division of Dell EMC.
“Ransomware has become such a big topic because the intrusion from ransomware is so hidden typically, and it’s well done and articulated in most cases,” Trott said at HIMSS17. “Ransomware creates such panic because you can lose access to your data until you’ve paid the money.”
Trott added that ransomware can hit any organization, including healthcare.
“The key from our perspective is continuing to help our healthcare friends and customers understand what they can do about that,” he said.
Intrusion protection software is one example that can be particularly beneficial to healthcare entities, Trott explained. These tools can be designed specifically to identify ransomware attacks, prevent them, and block them at the time. Perhaps even more important, organizations can be notified that they are being attacked in the first place.
“It’s so much more than just firewalls,” Trott stressed. “There really has to be much more aggressive, proactive protection. Particularly as we start moving data out of the core, where you can build a lot of walls around it and protect it a lot more, and as we start moving it up and it goes peripheral into end user devices, more has to be done.”
A 2016 Ponemon Institute and CounterTack survey further underlined the importance of endpoint security for healthcare organizations. Half of the respondents, which included healthcare entities, stated that their companies were not equipped to manage malware threats, especially with endpoint devices.
Eighty percent of those surveyed said that their mobile endpoints were the target of malware in the past year, while 60 percent stated that it has become more challenging to manage endpoint security in the past 24 months.
The survey also found that the majority of respondents felt that endpoint devices were the biggest threat to business cybersecurity. Forty-three percent of organizations said that laptops are the greatest endpoint threat, followed by smartphones at 30 percent, tablets at 19 percent, and USB sticks at 6 percent.
Healthcare organizations are still suffering from instances where endpoint devices, such as a laptop, are left unattended, Trott pointed out. The device is then taken from an unauthorized user and the data, oftentimes PHI, can fall into the wrong hands.
EMC specifically now has an intelligent identity management tool, Trott noted. It provides much better capabilities for creating particular parameters, which someone has to go through to be able to access data kept on devices.
“We’re also working with partners that are using our tools to be able to help them understand how to protect themselves by having that data flow out of that endpoint device as quickly as possible so it doesn’t sit there available on the hard drive for someone to easily access,” he said.
Covered entities should also consider various types of identity protection options, such as biometrics, Trott added.
“It’s never going to go away,” Trott said in terms of healthcare data security threats. “It’s always going to be something new every day.”
Endpoint security threats require healthcare organizations to take a comprehensive approach to data security.
As HealthITSecurity.com contributor Bill Kleyman noted in 2016, security must be a multi-layered, contextual process.
It will also be necessary for organizations to create intelligence around data and user contexts.
“Diving deeper, modern security systems dive into the user and their experience,” Kleyman wrote. “Not only can you create QoS policies to optimize data delivery, you can also granularly secure that traffic. You ensure that the user’s device is not compromised and that PHI always stays on premise. The same control mechanisms are also the ones that shift resources based on user location. This also creates a lot of infrastructure intelligence.”
Utilizing next-generation security technologies and services will also help supplement an organization’s security architecture.
“These solutions run as virtual as well as physical appliances scanning deep within your data and network layers,” Kleyman explained. “Next-generation IPS/IDS engines integrate with cloud security systems that scan billions of web requests and emails, millions of malware samples, millions of network intrusions attempts, and even open source data sets.”
Healthcare security must be looked at as an ever-evolving, continuous process, Kleyman concluded. Vulnerability tests should be ongoing, and entities need to adapt to new types of devices coming into the network.