A Three-Pronged Approach to Thwarting Healthcare Data Breaches
Aging software, shared access, and the growing popularity of mobile devices has made the healthcare industry an easy target for hackers.
According to Healthcare Informatics, data breaches at health institutions represent 21 percent of global cyberattacks in the first half of 2015, exposing the personal information of millions of customers. Hackers are selling that data for hundreds of thousands of dollars.
To enhance security significantly, healthcare organizations can and should harness two strategies. One is comprehensive operating system and software application patching. The other is securing access to personal health information, personally identifiable information, and other business-critical information, for fixed-location and mobile users, devices, and applications. Both are relatively simple to implement and unlikely to generate user resistance.
Patch Management
Most breaches start with malware infection and most malware infections exploit vulnerabilities in unpatched software. Comprehensive patching of operating systems and software applications is, therefore, essential for maximum security and for compliance with relevant laws, regulations, and business requirements. This is especially important in environments that include old and shared systems running many different types and versions of operating systems and software.
Many organizations have spent years perfecting their server operating system and Microsoft software patching strategy, using essential tools such as Microsoft System Center Configuration Manager (SCCM). However, hackers seeking softer targets now focus their efforts on vulnerabilities in common, less-widely protected, third-party applications and browser add-ins, such as Adobe Acrobat Reader and Flash Player, Google Chrome, Mozilla Firefox, and Oracle Java.
According to the Center for Strategic and International Studies, 75 percent of attacks use publicly known vulnerabilities in commercial software. The 2016 Verizon Data Breach Investigations Report says that the top 10 vulnerabilities are responsible for 85 percent of all successful breaches and that eight of those are 13 or more years old. Attacks aimed at these and other vulnerabilities can be easily and consistently thwarted by regular patching.
Tools such as Microsoft SCCM excel at automated operating system patching. However, their abilities to patch third-party applications are insufficient.
Secure Information Access
Healthcare organizations looking to support mobile device use among doctors and other healthcare staff should start with a strategy that focuses on comprehensive, consistent protection of information. To be of maximum effectiveness and value, such a strategy must provide protection from threats whether users’ devices are “at rest” or “in motion.”
By far, the most widely used application is email. An effective data protection strategy must therefore be equally effective at guarding against malware hidden in email attachments and in other file types, whether those are being accessed by users of mobile or fixed-location devices. That strategy must also provide effective protection against threats from rogue applications.
The Shavlik Solution
Shavlik offers three essential tools for implementing a comprehensive software patching and information protection strategy:
- Shavlik Patch for Microsoft System Center integrates tightly with Microsoft SCCM to extend its patch vulnerability detection and deployment to third-party applications. Using SCCM’s own patch delivery mechanism, Shavlik Patch monitors and patches hundreds of popular, third-party applications, including those of Adobe, Apple, Google, Java, and Firefox. The intuitive Shavlik Patch SCCM console plug-in eliminates the manual steps required to define and load patch information into SCCM.
- For organizations that aren’t using SCCM or that lack an existing tool for server patching, Shavlik Protect is an effective, easy-to-use solution for automating the patching of everything from data center servers to client workstations and virtual environments.
- Advanced Endpoint Protection from BUFFERZONE, a Shavlik partner, provides effective, transparent protection of authorized applications and critical information from a wide variety of threats. This solution uses virtual containers to isolate entire application environments, including memory, files, registries, and network access. Malware, whether known or new, is restricted to the boundaries of the virtual container, never actually reaching the user’s system or the rest of the network. The BUFFERZONE solution can even defeat infections by ransomware or removable storage devices. Its protections provide a strong complement to Shavlik’s patch management offerings
Where hackers are concerned, the worldwide healthcare industry is a prime target, but healthcare organizations can take steps today to ensure that they are protected. A security strategy that encompasses automated, comprehensive application and operating system security patching and secure information and application access can be implemented quickly and cost-effectively. Such a strategy can provide comprehensive protection from both known and emerging threats and attacks.