By: Chrystal Taylor, Head Geek™ at SolarWinds
It’s no secret healthcare is becoming overwhelmed on all fronts—and not from the pandemic alone. Ransomware and cyberattacks on the healthcare sector grew a jaw-dropping 45% in the last few years, a trend likely pushing IT and cybersecurity teams into crisis management mode. And the reason for this onslaught? The soaring price of medical data, which alone holds more personal identifiable information than any other data set.
Bolstering cyber defences at the edge and endpoint might be the first obvious move for IT, but it only does so much. Though these measures are great at deflecting attacks from outside, they do little to mitigate those from within. As it stands, healthcare’s biggest threat comes from the inside, so the question remains: how can IT teams keep sensitive data and mission-critical systems safe from the security and breach risks posed by their blissfully unaware colleagues?
Take Stock of Your New (Normal) Surroundings
Under normal circumstances, the access rights management (ARM) systems most healthcare organisations use can be relied upon to allow individuals timely and trackable access to specific data or systems. But last year has been anything but normal. Some employees have resigned, and others have transferred to new departments or roles. New digital services have been urgently developed to meet sudden patient demands, and new regulations have come into the fold, changing the paradigm for compliance.
This means IT teams must take stock of which systems and data are mission-critical today and adapt their ARM coverage and policies accordingly. The first challenge will be to figure out access policies for new roles and hierarchies that are changing faster than ever before. The second will be to determine access rights for new data sets and systems—created from emerging in-demand services like telehealth—and the evolving requirements for existing systems powering mission-critical EMR, pharmacy, lab, and finance functions.
Only when healthcare IT teams have a better idea of what their ARM requirements are today—and what else they need to retain security for sensitive data and systems—can they implement the right solution and make the right future moves.
Obtain Visibility Needed for Reviews and Audits
The rise in ransomware and cyberattacks is unfortunate, but it presents healthcare IT with the opportunity to mandate more frequent access reviews and audits over all systems, databases, and the users who access them. After identifying which areas of the network are critical to healthcare operations today, IT teams can then review and repair their audit capabilities in those areas, enforce more regular audits, and introduce solutions to help.
Take password audits, for example. Along with two-factor authentication, mandating complex passwords helps minimise the risk of insider-induced security breaches. But these mandates should be introduced with supporting solutions, like a password management tool to enforce or incentivise adoption. This approach also gives you visibility into the employees who aren’t following mandated security protocols, which helps improve the accuracy of your audits and allows you to get employees back into compliance and mitigate data security risks before they occur.
The importance of your audits on mission-critical systems and data security policies is only overshadowed by the importance of reporting those efforts. It’s essential for stakeholders and decision makers to know every precaution is being taken to keep vital systems and sensitive medical information safe. The right access rights management solution with automated and compliant reporting makes this level of accountability easier.
Educate, Educate, and Move Forward
When presented in terms of financial cost and reputational risk, these audit and review reports give upper management—who may not be IT-savvy—a better grasp on the need for enhanced data security measures. It’s a critical strategy to combat apathy within the upper ranks, drum up support for these initiatives, and improve the data security capabilities of your healthcare organisation.
More importantly, these audits will also reveal (or confirm) the problems that have been there all along and multiplied during the chaos of the pandemic. Inappropriate access levels, duplicate user IDs, an excessive number of users with access to a database, unretired credentials of terminated users, shadow IT, and decentralised identity and access management (IAM) functions are all common vulnerabilities in a typical modern healthcare environment.
Now, healthcare organisations have an incentive to iron them out. Change won’t happen overnight, but it must happen nonetheless if healthcare organisations want to avoid falling victim to future attacks capable of shuttering their operations once and for all. This is a tragic and undesirable outcome—not just for healthcare IT professionals and the organisations they represent but for the public, who needs stable and reliable healthcare services now more than ever before.