Healthcare is already behind the security 8 ball
Technology seemingly evolves at light speed, and due to its regulation-laden industry healthcare has a hard time keeping up. The rise of connected pacemakers and other medical devices has undoubtedly been a step in the right direction for patients. However, the fact remains that since these devices directly impact the health and safety of a patient, it is imperative that security is part of the core design and strong security throughout the product’s life cycle remains intact and accounted for. The lack of secure IoT devices within healthcare environments poses severe risk to patients and practitioners alike. It is critical that these devices are receiving the right data from the right source – to ensure that no mishaps occur. Patients and practitioners must be able to trust that these IoT connected devices will do what they were created and instructed to do by authorized and properly authenticated users.
Encrypt it all!
Ad Statistics
Times Displayed: 50213
Times Visited: 1424 Ampronix, a Top Master Distributor for Sony Medical, provides Sales, Service & Exchanges for Sony Surgical Displays, Printers, & More. Rely on Us for Expert Support Tailored to Your Needs. Email info@ampronix.com or Call 949-273-8000 for Premier Pricing.
The rise of malicious attacks involving ransomware and botnets has exposed the vulnerability of the network infrastructure as well as the data in-flight. If the hackers can gain access to and control the devices that own and transport the data, then the installed security solutions lose their value.
Many of the attacks and threats that expose the network infrastructure are encrypted using SSL/TLS protocols. This burdens the inbound and outbound security solutions with the task of decrypting the communications, inspecting the network traffic, and then re-encrypting the data afterwards. This is a large resource burden that can reduce the performance of these security solutions more than 80 percent.
Because of this issue, many businesses have decided to bypass the inspection of encrypted content. A viable solution to enable the security solutions to inspect encrypted traffic efficiently is necessary to protect all sensitive data, in healthcare or otherwise.
Endpoint protection as well as perimeter and network security solutions must be used to restrict the access to the PHI only to the professionals that have the proper credentials. IT organizations must implement the latest encryption standards like elliptic curve cryptography (ECC). Malware, specifically ransomware, is rampant. Security means the medical facilities need an outbound SSL inspection solution to protect their assets from malicious sites, email, and exploits.
When the business literally affects peoples’ lives, it is essential to make sure that there is no loss of service. When lives are on the line, every second counts. The digital transformation of healthcare means that the network infrastructure must be built to be robust and resilient. Any negative impact to the delivery and security of the medical information can have profound repercussions for patient privacy and ultimately their well-being.
About the author: Daniel Smith is head of threat research at Radware.Back to HCB News
