DOTmed Home MRI Oncology Ultrasound Molecular Imaging X-Ray Cardiology Health IT Business Affairs
News Home Parts & Service Operating Room CT Women's Health Proton Therapy Endoscopy HTMs Mobile Imaging
SEARCH
Current Location:
>
> This Story


Log in or Register to rate this News Story
Forward Printable StoryPrint Comment

 

 

Health IT Homepage

Healthix adopts Verato solution for patient matching, waives HIE connection fee Largest public health information exchange in the US

Tech giants sign on to interoperability pledge Amazon, Google, IBM, Microsoft, Oracle, and Salesforce agree to common interest

Research team uncovers 20 security flaws in widely used EHR software Left data of millions worldwide vulnerable to various cyberattacks

Bringing a higher standard to standardization at AAMI Saved Care New England over $650,000, continuing standardization there

REAL Radiology acquires Argus Radiology Consultants Aligns two 100 percent radiologist owned-and-operated organizations

Daphne Jones AMN Healthcare Board appoints new independent director

Value-based care is here: How health IT can help Identify the gaps in your data and analytics and begin to raise the bar

Varian to acquire humediQ Global Bringing IDENTIFY automated workflow solution to surface-guided radiation therapy

Brian Tyler McKesson appoints president and chief operating officer

In the ED, best-of-breed solutions preferred over enterprise EHRs Black Book research cites functionality and usability

Securing the cloud in health care is a shared responsibility

By Wayne Reynolds

The market dynamics of the health care industry are continuously evolving due to disruptive new business models, digitalization, regulatory uncertainty and increasing patient care demands. To keep up with these shifts, health care systems are leveraging the cloud, as organizations are feeling the gravitational pull toward faster go-to-market strategies, flexibility, and pricing advantages versus legacy on-premise approaches to IT.

As the cloud becomes more prominent in health care IT systems, organizations are increasingly concerned with how to best migrate security and compliance controls to the cloud alongside their data and applications. To demonstrate how easily a health care organization can be targeted by cybercriminals, security researchers from Armor teamed with a third-party firm to construct a honeypot – decoy servers designed to lure attackers to record and analyze their activity – under the guise of a small doctor’s office.

Story Continues Below Advertisement

THE (LEADER) IN MEDICAL IMAGING TECHNOLOGY SINCE 1982. SALES-SERVICE-REPAIR

Special-Pricing Available on Medical Displays, Patient Monitors, Recorders, Printers, Media, Ultrasound Machines, and Cameras.This includes Top Brands such as SONY, BARCO, NDS, NEC, LG, EDAN, EIZO, ELO, FSN, PANASONIC, MITSUBISHI, OLYMPUS, & WIDE.



The project deployed three different servers in the cloud: one insecure, one with only cloud-native security controls, and one fully secured using the Armor Anywhere managed security-as-a-service offering. The researchers created websites for the doctor’s office that ran at MetropolisPrimary.com and MetropolisMed.com, and migrated a variety of IP addresses, domains, and infrastructure to the cloud with the goal of mimicking a public cloud environment that would typically be run by a small or midsize health care system.

Unsurprisingly, vulnerable applications and the prospect of hitting a data goldmine captured the interest of hackers, and attacks began within minutes of server activation. More than 560 attempted attacks per week were launched against the server with cloud-native security, and hidden inside those numbers were hundreds of attempts to move deeper into the systems.

By the end of the project, hackers had attacked the unprotected server more than 19,000 times with roughly 2,500 attempts per week, throughout the course of roughly three months – approximately 391 percent more attacks per week than its fully secured counterpart. Overall, the server with only a native firewall experienced 11 percent more hits per week than the secured server protected by Armor Anywhere.

To better safeguard sensitive data within cloud environments, establishing additional layers of security on top of cloud providers' native security controls addresses the risks of an expanded attack surface. While the shared responsibility model allows health care organizations to offload a portion of accountability to cloud service providers, the price of failing to properly protect data is far greater than the upfront investment. According to a 2016 study by the Ponemon Institute, data breaches could be costing the U.S. health care industry billions, leaving an organization’s reputation damaged, and concerned patients in its wake.
  Pages: 1 - 2 - 3 >>

Health IT Homepage


You Must Be Logged In To Post A Comment

Advertise
Increase Your
Brand Awareness
Auctions + Private Sales
Get The
Best Price
Buy Equipment/Parts
Find The
Lowest Price
Daily News
Read The
Latest News
Directory
Browse All
DOTmed Users
Ethics on DOTmed
View Our
Ethics Program
Gold Parts Vendor Program
Receive PH
Requests
Gold Service Dealer Program
Receive RFP/PS
Requests
Healthcare Providers
See all
HCP Tools
Jobs/Training
Find/Fill
A Job
Parts Hunter +EasyPay
Get Parts
Quotes
Recently Certified
View Recently
Certified Users
Recently Rated
View Recently
Certified Users
Rental Central
Rent Equipment
For Less
Sell Equipment/Parts
Get The
Most Money
Service Technicians Forum
Find Help
And Advice
Simple RFP
Get Equipment
Quotes
Virtual Trade Show
Find Service
For Equipment
Access and use of this site is subject to the terms and conditions of our LEGAL NOTICE & PRIVACY NOTICE
Property of and Proprietary to DOTmed.com, Inc. Copyright ©2001-2018 DOTmed.com, Inc.
ALL RIGHTS RESERVED