The 3 Steps to Achieve Proactive and Resilient Healthcare Data Security

Cool Photos from Depositphotos

By Harish Akali

The healthcare industry faces growing cybersecurity risks, especially as modern organizations migrate from legacy systems to cloud infrastructures. Last year, The Wall Street Journal reported that Great Plains Health, a major hospital located in Nebraska, blocks about 10,000 attempts to access its servers each day. The HIPAA Journal reports that more than 45.7 million healthcare records were breached in 2021, which was up almost 11% from 2020. Cyberattacks will continue to be a significant threat for all companies, especially those in the healthcare space. 

For this reason, healthcare leaders and their security teams must be knowledgeable about the various shortcomings, business complexities, and HIPAA compliance risks in the existing healthcare cybersecurity practices. Leaders must also consider the impact of cybersecurity practices on electronic health record security, cloud migrations, and IoT.

Cybersecurity Shortcomings in Healthcare

Some of the most pressing vulnerabilities in healthcare data security include legacy systems (possibly still running on Windows XP) and the general complexity of operations in terms of physical and networking layout. Add to this the disparate hardware and software tools (from diagnostic machines for data acquisition to analytics software) coupled with the hundreds of hospital employees accessing these systems, and the complexity of the cybersecurity problem is clear. Effective cybersecurity for complicated systems and organizations like hospitals is not an easy challenge to solve for, and it represents an overwhelming responsibility for those in charge.

Additional factors such as cloud hosting, HIPAA compliance, patient data security and privacy, electronic medical record systems, and other digital elements of healthcare have historically made the industry one of the most difficult — and one of the most important — to protect from cyber threats. If these cybersecurity problems are not tackled with the right solutions, the consequences could be disastrous.

3 Ways to Achieve Cyber Resiliency in Healthcare

The good news is that a Zero Trust approach, mandated by the White House for federal agencies and highly recommended for the private sector, is quickly being adopted by healthcare organizations and security professionals. Mitigating a healthcare organization’s security risks and ensuring cyber resiliency with proactive cybersecurity measures can be done efficiently with the right steps:

1. Start with a visualizer.

A visualizer is essentially a view of the entire network to get a bird’s-eye look at the organization’s communications, traffic, access, electronic medical record systems, and more. This high-level perspective enables tracking users and access to define exactly who needs what access and when. 

The right multi-layer visualization tactics can also reveal whether any devices are trying to talk to systems they shouldn’t, which is a telltale sign of compromised devices. With a comprehensive view and having tagged any pressing concerns, the organization will have a clearer understanding of how to move forward with security controls. 

2. Use micro-segmentation.

Rather than leaving applications, systems, and tools exposed to the network, lock them down and appropriately control access by implementing the Zero Trust principles of micro-segmentation.

For example, a research center might be using IoT devices such as mass spectrometers connected to a Windows computer and collecting data from a tissue sampling machine. The vendor could offer many of the security features to more easily and quickly access the data, leaving the computer unsecured from a firewall perspective. This small act could result in possible internal cybersecurity breaches that would be devastating for that research center, its data, its clients, and its users.

Micro-segmentation, one of the first steps toward a Zero Trust approach, is a process that provides granular access controls and eliminates overprivileged access to applications by unauthorized users. In the research center scenario above, micro-segmentation involves identifying and locking down the machine-to-machine communication processes and allowing the computer to talk only to authorized systems (e.g., electronic medical record systems for uploading information). With the system entirely micro-segmented from the network and only able to communicate with its hardware and appropriate systems, the system is walled off from the rest of the hospital so that cyberattacks can’t spread to or from it

3. Use Zero Trust endpoint protection.

Unknown applications should never run on an organizationally owned system, and with Zero Trust endpoint protection, healthcare organizations can make sure they never do. These unknowns often get introduced with HIPAA controls and introduce breaches.

With endpoint protection, the only processes that can run are those that are explicitly allowed; the rest are blocked. Endpoint protection can also go further to ensure those approved processes can only carry out approved activities.

For example, endpoint protection would prevent a hospital worker from downloading a random game from the internet onto their work computer during their break because the game could be compromised and could introduce malware to the system. By removing access to the install, the endpoint protection eliminates every chance for such a scenario to occur.

These steps might seem complicated at first glance, and indeed they are if carried out individually without an overarching platform to manage and control cybersecurity functions. However, this type of holistic cybersecurity approach is especially important for any organization that plans to migrate its networking infrastructure to the cloud either now or in the near future. Fortunately for the healthcare industry, advanced modern micro-segmentation Zero Trust cybersecurity platforms are increasingly available today.

Harish Akali is the Chief Technology Officer at ColorTokens Inc., a leading innovator in SaaS-based Zero Trust cybersecurity solutions. As a member of the ColorTokens leadership team, he uses his extensive knowledge of cloud and enterprise software across multiple industries to drive innovation.