From PII to financial information to the threat of device takeovers, healthcare breaches are on the rise and organizations are working hard to keep up. The U.S. Department of Health and Human Services tracks breaches in healthcare in real-time, and the stories are both staggering and sobering for those working hard to keep threats at bay.
The largest contributing factor leading cyber criminals to healthcare is the value of the data stored within the IT infrastructure. And ironically while breaches and attempted breaches within healthcare are generally higher than other industry segments, overall IT budgets and dedicated digital security funding are smaller.
So how does a healthcare delivery organization (HDO) get ahead of the threats? Here are three ways we recommend:
1. Network Hygiene
While we often hear about data cleansing and hygiene — the practice of cleaning up, optimizing, and incorporating high-value, accurate data for various uses across businesses — there’s another type of hygiene that we recommend to optimize digital security within your healthcare organization.
Good network hygiene optimizes the security measures you’ve invested in — ensuring that what you’ve put into place is working. This practice involves continuous monitoring of what is connected to your network, what security protocols are in place, which users have access to the various parts of the network, and what programs and applications are running. This process doesn’t only help the HDO stay proactive, it serves your patients who are counting on you for a safe and secure experience.
2. Ongoing Audits & Continued Monitoring
While good hygiene lays the foundation, it’s equally as important to maintain the best practice of ongoing audits and continued monitoring.
Despite our best intentions, constrained or limited IT resources can lead to lapses. An example of this can be taken from the Equifax breach a few years ago. The IT team had not noticed that the digital certificates used to authenticate their network monitoring service had expired. The monitoring service was actually detecting the exfiltration of data, but could not notify any other services or personnel because of the expired certificates. How frustrating is it to know you’re working hard and spending time on the right things, only to find out that security can be undermined by something as simple as renewing a certificate? Now if your organization has a few certs, that’s one thing. But it’s incredibly challenging for small, often stretched teams, to manage hundreds if not hundreds of thousands of certificates at any one time.
There are many other examples of where good digital certificate management can reduce the risk of outages and breaches. User certificates, especially ones tied to auto-enrollment or mobile data management, can be overlooked because there are so many of them. These certificates can be used for escalation attacks and need to be monitored.
3. Code-Signed Certificates
Organizations such as Electronic Health Record (EHR) providers that are active in development of applications need to sign software before it is deployed to their organizations. Code-signing certificates are some of the most valuable to cybercriminals. Someone that possesses a signing certificate can use that certificate to sign malware and easily distribute it on large hospital networks. It is essential to securely manage these signing certificates before they are turned against you.
The sheer number of certificates in use in even a medium sized healthcare organization is well beyond what can be managed manually, and that’s assuming there is budget to have the right personnel to manage them.
Investing in automation technology makes good sense. It drives high-assurance, allows IT staff to redeploy onto other important initiatives, and helps maintain good hygiene while staying mindful of limited budget. Automation can allow for simplified renewals of critical digital certificates and notification that those renewals have taken place. Automation can also report on abnormalities in issuance patterns, all while seamlessly working in conjunction with workflow management tools already in place.
Perhaps the most important result automation delivers is the ability to get ahead of issues or problems that can result in a significant financial impact to the organization. Metrics and reporting provide the playbook to ensure certificates are replaced before expiration. Taking proactive measures through automation can reduce the risk of financial loss due to unhappy patients, lawsuits, regulatory fines, and general crisis management.
Looking for more guidance? Download a copy of our new e-book, “Your Playbook for Driving Digital Security in Healthcare:”