These days, remote healthcare monitoring systems are becoming an
increasingly reliable solution for the delivery of personalized healthcare
services that are also less intrusive and more patient-friendly. Technology based on the Internet of Things is an essential force behind the maintenance of a wide variety of capabilities possessed by these systems, one of which is the accessibility of a vast quantity of different types of health data. Because of the personal nature of these data, they are regarded as highly sensitive. As a result, there is a significant risk that security and privacy threats and attacks will target the vulnerabilities of IoT devices, network connectivity, data storage, and other areas. This provides a concise overview of the vulnerabilities that are present in the systems that have been mentioned previously, as well as a solution that is proposed to address these vulnerabilities from the beginning of the designing process. In order to accomplish this goal, a comprehensive analysis of the security and privacy flaws, fundamental requirements, and preventative measures that are distinctively associated with each level of the IoT-based architecture of the RO-Smart Ageing system has been proposed. HOW REMOTE ACCESS CAPABILITIES OCCURS DATA RISKS ON HEALTH SECTOR? 1. Misuse of technology from an Unethical or fraudulent Associate/Contractor: Theft of computer hardware and software, unauthorized access to computer networks, and improper use of computer hardware and software are all examples of inappropriate use of information and communications technology (ICT). Employees may use their lawful access to computer systems in inappropriate and unauthorized ways, which is why internal unauthorized access is recognized as being a key contributor to data breaches. This is because employees might utilize legitimate access to computer systems. As new technologies become available and governments collect and store an increasing amount of information about individuals, the potential for internal misuse of information and communications technology (ICT) in the public sector increases. Unskilled or unethical associate/contractor (subject) often uses external job support to get their job done, which requires the subject to provide full control of the endpoint remotely. Doing so they expose the critical organization’s data and information such as source code, credentials, marketing leads etc., to other individuals (external people) which not only goes unnoticed by existing endpoint data protection software but also violates the policies of the organization. PriNIST protects the data on the screen of the end user from any external source trying to connect to the endpoint – means, it is protected. Risks The personally identifiable information (PII) or confidential data that users manage on their desktops or laptops when screen sharing technologies are used. The prevention of illegal disclosure of digital intellectual property (DIP), which includes things like applications, designs, patterns, and projects, among other things. This happens when end users circumvent the existing endpoint protection features and divulge data to unauthorized individuals using a variety of unmonitored technological ways such as screensharing. In order to preserve data while simultaneously complying with ever-evolving worldwide privacy regulations. Preventing information and business-critical data from being shared on screensharing platforms and so becoming available to competitors. The amount of time and money spent investigating possible cases of data loss and fraudulent activity. 2. Certain Zero-day Malware: Accidental web exposure is a subcategory of specific types of data breaches that can occur when a server or computer that stores personally identifiable information is connected to the internet in such a way that employees, management, and even customers can access the information remotely. This type of data breach is known as "accidental web exposure." However, a significant number of these systems do not have adequate security. During any screen sharing session the data on the screen is clearly visible to all participants. Sometimes a presenter tries to juggle between applications while actively screensharing, which can lead to leak of confidential data. PriNIST protects all the selected applications/software. It prevents any chances of data exposure from your end point screen. Risks The personally identifiable information (PII) or confidential data that users manage on their desktops or laptops when screen sharing technologies are used. The prevention of illegal disclosure of digital intellectual property (DIP), which includes things like applications, designs, patterns, and projects, among other things. This happens when end users circumvent the existing endpoint protection features and divulge data to unauthorized individuals using a variety of unmonitored technological ways such as screensharing. In order to preserve data while simultaneously complying with ever-evolving worldwide privacy regulations. Preventing information and business-critical data from being shared on screensharing platforms and so becoming available to competitors. The amount of time and money spent investigating possible cases of data loss and fraudulent activity. 3. Accidental data exposure while sharing the screen: Trustwave, a security firm, found that nearly two-thirds of data breaches in the past year were caused by poor outsourcing decisions. In their haste to reap the financial benefits of outsourcing, many businesses overlook the potential security risks involved. To meet budgetary constraints, organizations opt for external support to manage their critical systems and end points. However, certain threats do arise such as exposure of critical data to support personal operating in various countries. For example, when a support person connects to a desktop or laptop (endpoint) to provide assistance, they will have access to all opened applications and can accidentally or intentionally (targeted) view critical data, the biggest threat is data being seen or captured across the world where various laws operate. There could be many controls that prevent, but when combined with effective technical control like PriNIST, the exposure of sensitive/confidential data is mitigated. PriNIST hides the protected applications from unwanted viewers. Risks The personally identifiable information (PII) or confidential data that users manage on their desktops or laptops when screen sharing technologies are used. The prevention of illegal disclosure of digital intellectual property (DIP), which includes things like applications, designs, patterns, and projects, among other things. This happens when end users circumvent the existing endpoint protection features and divulge data to unauthorized individuals using a variety of unmonitored technological ways such as screensharing. In order to preserve data while simultaneously complying with ever-evolving worldwide privacy regulations. Preventing information and business-critical data from being shared on screensharing platforms and so becoming available to competitors. The amount of time and money spent investigating possible cases of data loss and fraudulent activity. 4. Outsourcing Data Leakage: Espionage is spying on a person, corporation, government, etc. to obtain secret information or uncover wrongdoing and pass it to another organization or state. Actors supported/hired by government or competitor companies pose as employees or contractors. Such internal threats try to leak information via screen sharing applications from stealthy channels (web-based screen sharing application). The current Data Loss Preventions/End Point Protection tools are unfortunately unable to prevent such scenarios. Their acts are unnoticed and usually unknown till they are not caught in the act. This results in the loss a large amount of protected and sensitive information over the time. PriNIST as an on-screen protection software, protects your data in such scenarios by hiding the data in protected applications. The data cannot be shared over screen sharing applications or captured (screen shot) by the end point. Risks The personally identifiable information (PII) or confidential data that users manage on their desktops or laptops when screen sharing technologies are used. The prevention of illegal disclosure of digital intellectual property (DIP), which includes things like applications, designs, patterns, and projects, among other things. This happens when end users circumvent the existing endpoint protection features and divulge data to unauthorized individuals using a variety of unmonitored technological ways such as screensharing. In order to preserve data while simultaneously complying with ever-evolving worldwide privacy regulations. Preventing information and business-critical data from being shared on screensharing platforms and so becoming available to competitors. The amount of time and money spent investigating possible cases of data loss and fraudulent activity. 5. Espionage Scenarios: Theft of intellectual property occurs when an individual or a business is deprived of their right to an idea, creative expression, or creation by another person. Theft of intellectual property (IP) can relate to the unlawful acquisition of patents, copyrights, trademarks, or trade secrets. This comprises a variety of things, including as names, innovations, client lists, and logos and emblems. Data streaming and screen sharing are one of the most commonly preferred means of presenting projects, models, blueprints, explanations, etc. without actually having to download or sharing the document or information to reduce the chances of data leaks. The end user screen can be recorded by the person on the other end of the network (other employees, contractors, partners, hackers) and this becomes the cause of intellectual property and sensitive data leakage. Let it be intentional or unintentional, from an employee or a contractor, the loss cannot be un- done. PriNIST protects the data present in the protected applications on the screen and enables you with tension free screen sharing. Risks The personally identifiable information (PII) or confidential data that users manage on their desktops or laptops when screen sharing technologies are used. The prevention of illegal disclosure of digital intellectual property (DIP), which includes things like applications, designs, patterns, and projects, among other things. This happens when end users circumvent the existing endpoint protection features and divulge data to unauthorized individuals using a variety of unmonitored technological ways such as screensharing. In order to preserve data while simultaneously complying with ever-evolving worldwide privacy regulations. Preventing information and business-critical data from being shared on screensharing platforms and so becoming available to competitors. The amount of time and money spent investigating possible cases of data loss and fraudulent activity. Introducing PriNIST Only PriNIST prevents on-screen data leaks and manages fraud. It safeguards an organization's IP from emerging threats. SaaS and on- premise data leakage/loss and malware protection. It blocks sophisticated threats like data leaks. PriNIST uses AI and ML to propose data storage application security. It protects and controls exceptions immediately with a simple UI. Compliance-friendly data segregation solution with thorough audit reports. On-premise and instance localization are only for data localization. GDPR, ADPR, PIPEDA, PDPA, PCI DSS, POPI, NIST, LGPD, HIPAA, CCPA, ISO 27001, ISO 27701, HITRUST, SOX, GLBA, and others are supported. How PriNIST’s solve these problems? Malware that exploits vulnerabilities that are not known about or defended against is called "zero-day malware." Because new malware like this is difficult to identify and even more challenging to defend against, zero-day attacks pose a significant risk to the cybersecurity of businesses. The world is uncertain, governments are hiring cyber criminals to develop certain zero-day malwares specifically designed to steal data from government, private, public and critical infrastructure companies. Certain zero-day malware activates when a user opens targeted applications like outlook, teams, word, excel or any other application they may contain confidential information and take screenshots, record mini videos and share to the malicious user via encrypted channels. PriNIST activates its intelligence and protects the applications from screenshots and video recording, even though if a malware or a malicious user takes a screenshot, they cannot see the protected application.