P. 1
Healthcare Mobility Secuirty

Healthcare Mobility Secuirty

|Views: 9|Likes:
Published by David Anteliz

More info:

Published by: David Anteliz on Mar 30, 2012
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PPTX, PDF, TXT or read online from Scribd
See more
See less

01/13/2015

pdf

text

original

Healthcare Mobile Security

March 29th 2012
Presented by: David Anteliz, Network Services Director

Mobility Boom In Healthcare

The healthcare industry is going through a transformational period. Mobility, bring your own device (BYOD), and the explosion of medicalspecific devices and applications are driving the way patient data and clinical systems are accessed, transmitted, and delivered. Electronic Medical Records (EMRs) and Electronic Health Records (EHRs) are further driving the volume of data as patient files, x-rays, lab results, and other sensitive medical records are transmitted across the network. Today, nearly one-third of healthcare providers use mobile devices to access EMRs or EHRs. Driving this demand are sophisticated and robust applications. The digitalizing of sensitive patient data is well underway, and this is making new care models possible—as collaboration, telemedicine, and electronic health initiatives transform healthcare delivery and outcomes

Healthcare Mobility Security

January 29th2012

Welcome to Smart Technology.

13 Individually identifiable health information includes many common identifiers (e. whether electronic.HIPAA Privacy Rule What Information is Protected Protected Health Information. the provision of health care to the individual. including demographic data. or future payment for the provision of health care to the individual. Healthcare Mobility Security January 29th2012 Welcome to Smart Technology. . birth date. The Privacy Rule calls this information "protected health information (PHI). The Privacy Rule protects all "individually identifiable health information" held or transmitted by a covered entity or its business associate. or the past. present or future physical or mental health or condition..g. and that identifies the individual or for which there is a reasonable basis to believe it can be used to identify the individual. or oral. address. in any form or media. present. Social Security Number). name. that relates to: the individual’s past."12 “Individually identifiable health information” is information. paper.

etc. (clinicians. nurses.thought to be adequate and scalable using current techniques and methods Healthcare Mobility Security January 29th2012 Welcome to Smart Technology. who has access to what? And When? Security..Healthcare Industry Challenges • Data Access anytime anywhere by practitioners.who has an idea of how many unauthorized and authorized devices are on the network • Content security.) • Access to sensitive data (patient records) across public services • Applications galore using myriad of devices to access sensitive data • BYOD Bring your own device is now becoming acceptable in the industry • Provisioning Management. physicians. .

. how do you maintain policy in a cohesive state when multiple parties are involved.? Healthcare Mobility Security January 29th2012 Welcome to Smart Technology. to much to manage.Cloud Use In Healthcare • • • • • SAAS for application access Virtualized environments Hosted or Self Service What security model should cloud usage follow Similar to Datacenter but still different Multiple security mechanisms.

.Align Security goals across your organization Mobility in the cloud? Common goals include: 1. Flexible Bursting – How fast do we need to be able to access additional capacity? Healthcare Mobility Security January 29th2012 Welcome to Smart Technology. Improved End-User Experience – What performance goals are we trying to deliver against? 3. Additional Capacity How much capacity do we need during normal and peak times? 2. Greater Elasticity – How quickly can the provider we select ramp up to meet our needs? 4.

unfettered access to all applications should be discouraged and monitored 4.Healthcare Mobility Security What Should it be 1. Easy to use. . Application Control. Access control. controlling access at the edge establishing access control to remote data points Healthcare Mobility Security January 29th2012 Welcome to Smart Technology.provide SSO and access from any device 3. Device Agnostic providing security at the user profile level 2.

software. services. • Client Security gateway for profile management and client termination.Healthcare Mobility Security Hardware. • SSL VPN for remote user access and provisioning of access to remote nets. • Firewall for policy enforcement and security zone segregation. • UAC. . based on roles. what is required? • Device agnostic client for access and profile management.unified access control for security policy enforcement Healthcare Mobility Security January 29th2012 Welcome to Smart Technology.

Healthcare Mobility Security Healthcare Mobility Security January 29th2012 Welcome to Smart Technology. .

Things to consider: Recommendations: • Strong policies on quality and rotation • Employee education is key • Never re-use credentials • Anti-Phishing techniques • Use off-site SSO if available • Consider additional restrictions using VPN • Map to what protections you had • Use alternative credential schema(token. cert) • Completely control password policies • Implement internal password reset • Perform anomaly detection on login attempts • Place the portal behind VPN • Access control • Endpoint management Securing the Cloud January 24th 2012 Welcome to Smart Technology. .Healthcare Mobility Security.

Healthcare Mobility Security Not ready ? You will likely run into the following problems: Healthcare Mobility Security January 28th2012 Welcome to Smart Technology. .

manual configuration and management of your remote user and mobile devices and security infrastructure will probably not scale with demand. 1) Static.Healthcare Mobility Security. . Healthcare Mobility Security January 29th2012 Welcome to Smart Technology.

poor performance will lead to scraping security initiatives and possibly table future ones Healthcare Mobility Security January 29th2012 Welcome to Smart Technology. . 2) Frustrated user base.Healthcare Mobility Security.

creating an atmosphere of workarounds and poor adoption rates will only serve to reduce the effectiveness of the newly installed solution and reduce its ROI Big reason for failed security projects Healthcare Mobility Security January 29th2012 Welcome to Smart Technology. .Healthcare Mobility Security. 3) Security compromises.

What about Back end Security in the cloud or datacenter. . and otherwise maintain governance. Virtualized environments to provide in house cloud services. Archiving (versioned) VMs. Securing the Cloud January 24th 2012 Welcome to Smart Technology. ensure VMs have specific attributes.Healthcare Mobility Security.

.But you will also need a way to maintain the “self-service” factor. or risk torpedoing a significant part of the value proposition of your VM and Cloud implementation. Healthcare Mobility Security. This is a big dilemma if you face governance yet have to outsource your cloud especially in healthcare Healthcare Mobility Security January 28th2012 Welcome to Smart Technology.

Healthcare Mobility Security. . Who's guarding the kernel? Securing the Cloud January 24th 2012 Welcome to Smart Technology. You have now secured your edge what about your delivery mechanism? VMs and Virtualized environments can be targets for both malicious and financial gain.

Yesterdays solutions will struggle to keep up with the demand Healthcare Mobility Security January 29th2012 Welcome to Smart Technology. Again. .Healthcare Mobility Security. there are tools available and emerging that can address some of these needs… How do you recognize these Needs?! If your subject to Governance you have a need.

unified platform to deal with both build.and run-time aspects.You are likely to find that you want a coherent. This includes access and control of application delivery Healthcare Mobility Security January 29th2012 Welcome to Smart Technology. .

.Healthcare Mobility Security January 29th2012 Welcome to Smart Technology.

retrieve. and hospital authorized applications are enabling access to clinical services Healthcare Mobility Security January 29th2012 Welcome to Smart Technology. The healthcare industry is faced with a new reality . According to a recent study.000 mobile healthcare (mHealth) applications are in use today. with millions of downloads collectively. healthcare practitioners are relying more and more on mobile devices. professional applications for caregivers are driving BYOD. as four out of five physicians say that they rely on their smartphones and tablets to access. and submit sensitive patient medical data with over 80 percent of doctors using mobile apps every day . more than 25. Further.healthcare applications are impacting mobility. .Healthcare Mobility Security.

. Healthcare Mobility Security January 29th2012 Welcome to Smart Technology.Healthcare Mobility Security.

youtube.twitter.com www.j-solve.com/MaronStructure Welcome to Smart Technology.youtube.com/network4front www.twitter. Connect with us! www.Q&A Thank You for Your Time.com/MaronStructure www.com www.com/network4front Healthcare Mobility Security January 29th2012 www.structure-tech. .

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->