From the Blogosphere
Enabling Trust for Healthcare IT Security | @CloudExpo #API #Cloud #Security
Why TCP/IP works for connectivity but is problematic for keeping health networks safe?
By: Mark Hoover
Dec. 22, 2016 01:00 PM
Enabling patient-doctor trust goes a long way in a provider's ability to provide care. Trust is also critical for enabling network connections that are safe, to help secure health networks.
The healthcare industry is scrambling to shore up defenses as cyberattacks and breaches increase. The rapid adoption of electronic health records/electronic medical records (EHR/EMR) has created an attractive opportunity for cyber criminals. Ponemon Research recently reported that breach costs are $363 for each stolen healthcare record, and that is the highest across all vertical markets.
Health organizations are tasked with the difficult job of protecting both the core HIS network and departmental systems. This is particularly true in multidisciplinary practices which are comprised of clinics and multi-location healthcare facilities. Typically, cyber security in healthcare built walls around the perimeter to keep the bad guys out, with critical connections enabled by TCP/IP.
TCP/IP connectivity starts with a DNS look-up so that Endpoint A can determine Endpoint B's IP address to establish a connection. Endpoint B must respond to the connection request to establish a TCP connection, despite knowing nothing about the requestor Endpoint A. Only then can Endpoint B seek more information from Endpoint A to try to establish its identity, authorization and trust.
This basic architecture has fueled scalable TCP/IP networking in healthcare. The problem is, it requires:
This is the perfect formula for any health organization that wants to be susceptible to network-based attacks, and to be fooled by anyone who has stolen credentials from an authorized user.
Server enforced authorization leave servers vulnerable
A lot of bad things can happen in that time frame, including SQL injection, OS or server vulnerability exploitation, connection hijacking.
In less complex times, most applications were run from within the health network and accessed by users who were either local or backhauled over the corporate WAN to access the applications. Today, many apps have moved to SaaS or to Cloud Service Providers. Health IT is challenged with protecting networks and patient data, while providing secure connectivity for those authorized to access this private information.
Software Defined Perimeters (SDP): secure, simple
In SDP, applications, services, and servers are isolated from users, creating a zero-trust network, by an SDP Gateway, which is a dynamically configured TCP Gateway. The Gateway rejects all traffic sent to protected servers unless users and endpoints are "pre-approved" as trusted by a third-party arbitrator, performed by the SDP Controller. Endpoints desiring connectivity to a destination protected by an SDP Gateway don't bother to send a connection request to that destination. Instead they "apply" for connectivity to the SDP Controller, which determines if they are trusted or not.
Trust verification involves device authentication, user authentication, and context-based information that will continue to expand over time - including location, BYOD vs. managed device, software posture, and software integrity. The goal is to evaluate overall trust as much as possible before allowing connectivity. If satisfied, the SDP Gateway dynamically configures the TCP Gateways to allow connectivity. The systems isolated and protected by the SDP gateways in this zero-trust scenario are then never exposed to:
SDP Controllers and Gateways are software entities and can be deployed with no topological restriction. As a result, SDP provides a powerful tool for health organizations to completely control access based on trust, no matter where the application is (internal or cloud), who the user is (employee or non-employee), or what the device is (managed or BYOD).
Reader Feedback: Page 1 of 1
Latest Cloud Developer Stories
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
SYS-CON Featured Whitepapers
Most Read This Week