Internet links to wide area networks (WANs) are often a primary target for cyber-crime in every industry. The healthcare industry deals with particularly sensitive consumer data. Security breaches pose many risks for healthcare providers, including legal liability, revenue loss and erosion of patient trust. To minimize the threat of security incidents and breaches, IT teams are looking for preventive measures to ensure that security is an integrated part of the WAN.
The preservation and safekeeping of healthcare data for doctors, clinics and hospitals, and their patients are essential elements to contemporary security posture. Patient health record protection has a direct bearing on compliance with the HIPPA law that protects personally identifiable health information through standards for confidentiality, security and transmissibility.
The 2018 Data Breach Investigations Report (DBIR) published by Verizon examined incidents and breaches within 20 industries. While healthcare wasn’t the most targeted industry for security incidents, it was the industry with the most security breaches. The proliferation of cloud and SaaS, and mobile devices and wireless technologies offer many advantages for healthcare providers and patients, but they also create many vulnerabilities for sensitive data traversing WANs.
According to the DBIR, ransomware accounts for 85 percent of all malware in healthcare. The Department of Health and Human Services regulations treats ransomware outbreaks as breaches, rather than data at risk, for reporting purposes. The DBIR goes on to identify social attacks consisting mostly of phishing that appear in approximately 14 percent of incidents in healthcare and pretexting at around 20 percent. Pretexting is a form of social engineering in which an individual deceives someone on the inside to gain access to privileged access data.
When healthcare providers move to the cloud, traffic that once traveled across private networks now also runs over the Internet or in some cases, across multiple clouds. This change provides agility, lower bandwidth costs and faster deployments. However, because of the nature of the Internet, it presents significant application availability and bandwidth challenges.
The transition to cloud is being driven by the need to lower costs and improve the quality of patient care. The flexibility and efficiency that cloud provides are ideal goals for processing large data-sets used in research and for many other healthcare applications. However, cloud services introduce security and privacy risks from outsourcing the administration and physical maintenance of sensitive data to third-party providers.
The use of Internet circuits for access to cloud and SaaS is rapidly changing the way IT staffs conduct operations. IT has adapted from an internal operations team managing private WANs that connected healthcare facilities to central data centers, to distributed organizations that rely on trust relationships with managed service providers.
WANs used by healthcare providers have a wide attack surface for social tactics, from relatives and friends checking on patients, to third-party equipment and services providers. Each of these surfaces provides cyber-criminals with many exploit opportunities. Business functions, from customer support and accounting, to human resources and patient records are outsourced.
Often IT administrators bring in security and technology consultants, give them access to corporate networks, and ask them to find vulnerabilities. While these services help lower costs, simplify IT infrastructure and achieve greater agility, the downside is these legitimate access-points make it easier for hackers to probe and access healthcare data. Periodically, outsourced contacts open up opportunities for cyber-criminals to compromise an organization’s weak spots.
Breaches can come from a clinic’s infected computers logging into the hospital network, or HVAC company employees with infected computers servicing equipment on-site. Anyone granted access through an account on the network, or given credentials to log-in to a cloud or web portal, can be a potential access point for a hacker. If a user device gets breached and patient data get exposed, the healthcare provider can be held liable.
With distributed healthcare, security teams need the same visibility and policy context for all WAN-edge functions because there are a host of other users accessing the networks and systems, ranging from doctors and staff members, to patients and family members.
Security incidents and breaches, and WAN performance and reliability challenges, can be prevented with proper planning and the deployment of SD-WAN with integrated security and network functions. Choosing the right SD-WAN will deliver the security that healthcare needs, while providing the flexibility and reliability in delivering applications to providers and patients.
Using Internet broadband circuits, the SD-WAN overlay allows healthcare providers to add more bandwidth at a lower cost, while consolidating legacy devices drives down TCO. Other links, such as wireless/LTE, can also be deployed for additional network resiliency.
Through deploying a secure SD-WAN that includes universal controls to defend against malicious attacks, healthcare providers can prevent and minimize the impact they have on their networks. A secure SD-WAN must integrate cloud, security and network functions that support and enforce policies and security measures centrally with breach detection systems, like deep packet inspection, next-generation firewall, UTM, IPS, secure web gateway, antivirus and access control.