When it comes to patient safety and care, quick and easy access to patient information -- where and when it's needed -- is critical. At the same time, maintaining the security and integrity of that data is paramount.
With more than 80 percent of medical records now digitized, healthcare is working to be able to quickly serve up and share the right information, where and when it's needed, to improve care, increase quality, reduce costs, and deliver a better patient experience.
Next-generation advances in sensors, mobility, integrated workflow, data analytics, decision support, and machine learning are rapidly expanding healthcare ecosystems and redefining what's possible in digital care.
But the very digital connectedness that enables more effective and efficient care also expands risk. Unavailable or blocked access to a patient's medical data has forced providers to postpone time-sensitive procedures. The consequences of a data breach in healthcare go beyond identity theft--compromised data can put a patient at risk.
How can healthcare IT, with limited budget and staff, hope to be able to protect against growing threats across a rapidly changing and expanding digital ecosystem of devices, data, applications, and connections?
Zero Trust Model
One answer lies in a Zero Trust approach to IT security, first introduced by Forester in 2009.
In contrast to traditional IT security, in which a 'trusted internal network' is protected from the 'untrusted external network' by perimeter defenses, Zero Trust recognizes that in a connected world, the perimeter will--and must--be porous, making such an approach ineffective. Instead, Zero Trust advocates that no entity be trusted and that security be built into data center architecture, to protect from the inside out.
With the advent of software-defined data centers, the implementation of Zero Trust security has become practical. Virtual networks make it possible to build software-defined firewalling, routing, switching, and load balancing directly into the hypervisor--and thereby distribute policy-driven security into and across the entire environment.
Complementing the physical network segmentation traditionally used to comply with regulations such as HIPAA and PCI-DSS, virtual networks enable 'micro-segmentation' at the individual virtual machine level, to precisely control the lateral movement of threats across the data center (Figure 1). Even if an attacker makes it past perimeter security and into the network, they will be unable to move to other servers, dramatically shrinking attack vectors.
Source: Health IT Outcomes (View full article)
Posted by Dan Corcoran on December 1, 2017 07:16 AM
Post a comment