By Tawnya Lancaster, Lead Product Marketing Manager, AT&T Cybersecurity
In 2020, there were more than 40 million patient records breached and a 42% increase in health-related hacking incidents. This increase in cyber threats has become the “new normal,” as healthcare organizations continue to adjust to the evolving threat landscape and a hybrid workforce amid the current COVID-19 pandemic. As a result, healthcare IT and security professionals are looking for new approaches that are better suited to a distributed computing environment where employees, customers, and suppliers can have secure access to applications, data, and services anywhere, anytime. Such initiatives may involve upgrades to legacy IT systems and in some cases, a complete overhaul of networks, cloud migration, and edge design/deployment while factoring in additional security imperatives.
It is important to not only increase network performance and security, but also to simplify management. In response, one new category that is gaining a lot of attention brings together multiple network and security technologies – Secure Access Service Edge (SASE). Gartner has coined the term, while other firms have created their own frameworks: IDC (Software-Defined Secure Access and Pervasive Application Edge Defense), ESG (Elastic Cloud Gateway), and Forrester (Zero Trust Edge). While many variations currently exist, a predominant and generally accepted form of SASE combines software-defined wide-area networking (WAN) with multiple security functions in order to support the dynamic nature of today’s modern workforce. This convergence of networking and security, which has traditionally been under the responsibility of separate, siloed teams, is a radical shift in how IT operations are run and funded. SASE helps to establish such a convergence in this time of transition. While SASE can effectively secure future edge environments, which can allow for faster data transfer than what is possible from centralized data centers, there is still much confusion about its purpose and benefits.
With applications migrating from data centers to the cloud, and many employees still working remotely, data is being accessed from a wide variety of company-owned devices. This makes it difficult for network and security administrators to identify which applications and data are being accessed by individuals and their resulting usage. To identify these applications and data so that they can be managed and secured properly, it’s important to understand the following key SASE principles:
- The traditional “hub and spoke” network model is quickly disappearing.
- Access to data should be based on identity.
- Technologies offering a global point of presence and a peering relationship are important considerations.
- Consolidating the number of vendors can help simplify management.
While there are many variations of what combinations of technologies must be included to be called SASE, SD-WAN is an ideal way to manage data flows since it provides centralized visibility of all circuits across locations. Utilizing SD-WAN can result in greater network performance, resiliency, and a way to prioritize bandwidth for business-critical applications with potential cost savings. Firewall-as-a-services (Fwaas) can be deployed to protect against a wide range of threats and can be hosted at a data center or branch office, in a virtual appliance (onsite or in a public cloud), or in a vendor’s cloud. ZTNA gives administrators the ability to grant access to specific applications, by role or user, without having to connect to a network. The secure web gateway (SWG) follows users virtually wherever they are located to ensure that websites employees visit are both safe and appropriate for work. Lastly, cloud access security broker (CASB) gives more visibility as well as security to SaaS or cloud-based applications that users access – some may even offer vulnerability analysis on particular applications.
While it may not be feasible for organizations to jump directly into all that SASE can offer, including centralized policy management and improved network performance and security, understanding what it means to implement this framework is the first step in identifying where it makes sense to implement.
SASE and the Healthcare Industry
Digital transformation initiatives are complex, and when an organization cannot innovate securely, it can drive away customers and strategic partners. While digital transformation technologies are already being utilized by healthcare companies, many businesses are looking to simplify management when approaching security and networking initiatives. With healthcare providers often tasked with protecting highly sensitive patient data from an increasing number and variety of threats, these companies must take a holistic approach when adopting digital transformation initiatives to protect valuable assets from cybercriminals which have become even more challenging in a time of remote work.
While the pandemic has increased the use of virtual telehealth visits, a recent survey found that 34% of consumers are willing to receive initial care virtually and this number is expected to increase over time. When the pandemic first started, many healthcare organizations dealt with latency issues with the traffic going to their data centers exacerbated by the influx of remote workers. For example, if a healthcare provider needed to significantly increase the number of remote clinics to minimize patient impact at the hospital or transition a 1,000 person global call center from in-person to remote, these business model shifts require changes to both the company’s network and security approach. One way to address these security and networking issues with the remote clinics and call centers is to deploy SD-WAN which can help improve both application and network performance.
By adopting a SASE framework, healthcare organizations can increase their business agility by modernizing their network and security infrastructure for quick adaptation in times of change. Employees can experience increased remote productivity and protection when accessing the network. Network and security virtualization also allow for quicker implementation for any changes made and can support business continuity and resiliency. A consulting group can help teams create a SASE transition plan, including a step-by-step implementation process. With the cybersecurity and IT skills gap growing, organizations can also outsource their cybersecurity monitoring, provisioning, and security policy to a managed security service provider (MSSP), allowing IT and security teams to focus on other mission-critical initiatives.
As healthcare companies and organizations continue their cybersecurity journey, there is no one size fits all solution that will work for every company. However, as organizations migrate to new networks and utilize different security models, leveraging a SASE framework can provide more opportunities to make more consistent, faster changes as well as enable better protection for employees while maintaining business continuity and resiliency. The transition to a SASE framework may take time to fully implement, however organizations that adopt this approach sooner rather than later have the potential to benefit and maintain a competitive advantage over other companies in the market.