The healthcare industry is adopting up-to-date technology that offers the best possible patient experience, but with each new software solution or device, the management of cyber security becomes more complex. There are a variety of challenges creating ways for attacks to affect healthcare records and systems:
Cloud technology: Across every industry, cloud solutions are changing the approach to cyber security. In areas like finance or healthcare, the need to adapt security strategies is complicated by the need to meet federal privacy regulations. In some cases, migration to the cloud may be cost-prohibitive because the need for enhanced cyber security makes a move unfeasible.
Internet of Things (IoT): Healthcare is on the front end of the sweeping launch of IoT, using sensors in devices to gather data. The flow of data to and from devices and passing through a number of possible connection points and interacting with cloud software provides a broad plane for a potential attack. Network operators often find that using a software-defined wide area networking (SD-WAN) makes it possible to segment IoT traffic for easier monitoring and isolation in the case of a problem.
Electronic Health Records (EHR): A major area involved with IoT is the use of EHR, which has become quite widespread. The EHR contains the entire recorded health history of a patient and is often shared across a variety of healthcare settings. The challenge for IT teams is protecting that information as it travels from a clinic to an urgent care clinic or a specialist’s office.
Bring Your Own Device (BYOD) programs: BYOD programs are becoming more popular as healthcare organizations recognize the benefits of such initiatives, such as lowering maintenance costs and removing the need to buy devices. Employees handle updates and tend to be self-trained on the devices, so it removes many of the responsibilities that are associated with company-owned devices.
The challenge is that employees tend to set a long dormancy timer on their personal smartphones, allowing an onlooker to potentially view a patient’s confidential records. They may also simply leave a device behind, allowing access to patient records.
For this and many other cyber security threats, much of the solution lies in training initiatives. Teaching employees about the risks of the IoT and BYOD are effective ways to ensure that passwords are up to date, smartphones are not left unattended and that there are policies to protect against shadow IT.
Contact SimpleWAN to learn the best strategies for handling cyber security in a healthcare setting. We leverage automation and analytics to create a sound approach to cyber security that also reduces security costs.