Common cybersecurity weak spots and how to tackle them
Maintaining the safety and protection of IT systems that keep important health information requires discipline. This is especially true in this era of the Internet of Things (Iot), when more and more eHealth devices and other gadgets get connected to a provider organisation's IT system or network. Thus, ensuring that these connected devices are secure is of utmost importance.
Often hackers look for easy access to poorly protected devices and clearly printers would be a good example. Because the "innocuous" printers are everywhere in an organisation, they are one of the easiest devices to become a door to ransom or steal data, according to infosec experts.
It must be noted that IoT manufacturers are focused more on the products they build rather than how secure they are, says Brian NeSmith, CEO at Artic Wolf Networks, which continuously monitors infrastructures and identifies data security threats under contract with a provider.
What makes it more challenging in today's IoT world is that the underlying technology of legacy systems often is Windows or Linux-based applications, such as medication administration systems and other medical devices that often are not well maintained.
Another weak spot can be security tools themselves. These applications often produce false positives of an attack, and over time, people get alert fatigue and don’t pay attention to alarms that suggest an incursion has occurred, and that opens the door to new dangers.
To prevent alert fatigue and further improve the safety of healthcare IT infrastructure, infosec experts suggest the following:
- A combination of machine learning technology and data security talent can go a long way toward improving the security environment. Machine learning uses predictive outcomes software that improves the more it is used, the experts explain.
- Hire a “security engineer” with advanced training and skills. NeSmith says these skills include understanding social engineering to deceive individuals into divulging sensitive data, and training employees into recognising when they are about to be fooled.
- Develop best practices for decreasing the time it takes to detect a breach. Unfortunately, NeSmith says, “the best practice often starts with a weekly look at logs, which later becomes once a month and then becomes once every six weeks or more.”
Source: Health Data Management
Image Credit: Pixabay
Published on : Wed, 1 Nov 2017
Print as PDF
WHAT YOU SEE IS WHAT YOU GET3D Advanced Visualization is at the core of TeraRecon DNA. We are extending our capability to the 3D printing world with a dedicated image processing workflow to enhance 3D printing outcomes. Printing your model is easier...
We can work across many PACS systems. No matter the size of your organization, iNtuition iReview can help you look across your imaging archives and create a unified interpretation view that’s made just for you. The configurable display protocols and user...
Our iNtuition iEMV viewer can display many types of images. It can even do some pretty amazingly advanced things. As a leader in advanced visualization, you can trust that TeraRecon can deliver impressive capabilities, but we strive to make it simple,...