Layered defense is key to a successful Cybersecurity Strategy in Healthcare which starts with endpoint management. The number of internet connected (IoT) devices is exploding. In a healthcare setting, these “endpoint” devices not only provide significant new opportunities for improving patient care, but also present serious risks for increased attack surfaces for hackers. In the same way that a patient’s injured skin surface can be a pathway into the body for a serious infection, an unprotected endpoint device presents a highly potential point of entry for a cyberattack.
In the same way that a patient might be protected by multiple layers of preventive care (good hygiene, antiseptics, sterile bandages, and immune system support), any device connected to a healthcare network should be protected by multiple layers of IT security (good process design, access control/logging, antivirus, application whitelisting, version control, and intelligent threat analysis).
Endpoint Management is therefore a key component of a successful cybersecurity strategy in healthcare. The same practices and technologies that apply to the health care system’s core networks must also be applied to endpoints. These include application whitelisting, user access control, patch management, virus protection, encryption, digital signatures, firewalling, etc. All are critical in protecting your networks from being compromised by attackers.
The challenge with so many endpoints and countless types of devices is keeping track of everything going on in your network. The human layer also adds complexity. Users may require different access data controls to do their job. If the security systems prevent efficient working, users may be tempted to disengage security systems to get the job done. Intelligent security system design allows for efficient working without compromising security at any layer. Endpoint devices can include medical devices, multiple types of operating systems, mobile devices, and devices that can be off-network. An endpoint security suite must be able to protect all device types, operating systems and applications.
Failures in patch management and version control can be the Achilles’ heel of any IT system. This is particularly important in healthcare systems that are mission critical and require 24/365 high availability. Most vulnerabilities out there today that cause ransomware attacks are directly related to a system not being up to date on patches, and hackers are looking for those visible vulnerabilities to strike and penetrate the entire network. Patch management is a key component of a solid cybersecurity strategy.
Another area of concern for endpoint management is keeping a good inventory of devices on your network and understanding each device’s access controls and life cycle. You cannot protect what you don’t know, this includes hardware and software. Endpoints are proliferating in healthcare, with many employees having many different types of devices. In security, we must ensure that all these endpoints follow the rules and policies that the Information Security Department has designed. If your network has unprotected endpoints, your network is already at risk – It only takes one compromised endpoint to ruin your defenses.
So, after you protect your endpoints, patch them, and understand the life cycle of each device, the question becomes how to manage all these components of your cyber defenses with limited resources. This is where a strategic and trusted partner is critical in providing all the above techniques with an easy to use technology and management interface. If your current endpoint management system requires many security engineers to manage computing resources, how much effort and financial impact will that have to the bottom line. Most healthcare systems have limited resources of cybersecurity skills, and the endpoint management system must help in relieving security experts to allow them to become more proactive and less reactive to new threats.
