Protecting Confidential Data for Healthcare Providers

5thColumn and Cisco have collaborated to create a security ecosystem to help the healthcare industry address all key security objectives. An architectural approach is required for preventing the loss of employee and patient data, all IOT equipment, and ensuring compliance.

 

Even before the second quarter (of 2015) had started, the Washington Post named 2015 the “year of the health-care hack.” As a result of the 15 largest healthcare data breaches that year, the medical records of 110 million Americans were compromised. Putting that into perspective, that’s almost half the adult population of the U.S (TechRepublic).

 

POTENTIAL THREATS

 

DATA LOSS: Data loss is applicable on data both at rest and when in motion (transmitted over the network). Data loss can occur for various reasons, including:

 

  • Data Corruption
  • Data being intentionally or accidentally deleted or overwritten by a user or an attacker
  • Data stolen over the network by network penetration or any network intervention attack
  • Data storage device physically damaged or stolen
  • Virus infection deleting one or more files

 

Data loss is usually prevented by implementing data backup solutions and adding strong data access controls and security mechanisms on data storage assets.

 

 

DATA EXFILTRATION: Data Exfiltration is the unauthorized transfer of data from a computer. These types of attacks may be carried out by someone with physical access to a computer or automated via malicious software over a network. Protection from these types of threats is an important consideration for any entertainment organization.

 

Generally, data exfiltration is a targeted attack where the hacker’s/cracker’s primary intent is to find and copy specific data from the target machine. The hackers/crackers gain access to the target machine through a remote application or by directly installing a portable media device. Statistically, these breaches mainly occurred on systems with a vendor-set default password or very common/easy passwords.

 

SOLUTIONS

 

DATA LOSS PREVENTION: Cisco’s Data Loss Prevention (DLP) solution delivers high-performance, comprehensive data loss prevention – helping organizations of all sizes prevent leaks, enforce compliance, and protect their brand and reputation.

 

STEALTHWATCH: Stealthwatch (SW) gives you advanced network visibility, analytics, and protection. You see everything happening across your network and data center. And you can uncover attacks that bypass the perimeter and infiltrate your internal environment.

 

INTRUSION PREVENTION SYSTEM:  Cisco IOS Intrusion Prevention System (IPS) is an inline, deep-packet inspection feature that effectively mitigates a wide range of network

attacks.

 

MANAGED SERVICES: 5thColumn’s managed services are offered as a ‘Software as a Service’ (SaaS) suite. The SaaS suite is entirely focused around our proprietary platform, BOSS™. Our managed services focus on simplifying day-to-day security operations while also providing expert security services.

Customers receive the expertise of our experienced and business-oriented staff, expert systems, and standards-based consistency.

These services provide for an infrastructure that is scalable, customizable, and cost effective.

 

BOSS™: BOSS™ is a next-generation security events correlation engine that simplifies security infrastructure operations and maximizes customer ROI. BOSS™ consumes and normalizes large volumes of data without introducing substantial delays while integrating up-to-date security intelligence in threat detection. In addition, BOSS™ also:

  • Accurately and reliably isolates potential threats through analysis, enrichment and tagging of collected information
  • Validates and substantiates potential threats
  • Calculates the most effective mitigation tactic based on available technologies
  • Reports on validated and substantiated threats via dashboard/alerts

 

For more information on our solutions for healthcare providers, please get in touch with us here or email Alison Gleisner at alison@5thcolumn.net.