Tomorrow's Care October/November 2017

orderForm.title

orderForm.productCode

orderForm.description

orderForm.quantity

orderForm.itemPrice

orderForm.price

orderForm.totalPrice

orderForm.deliveryDetails.name

orderForm.deliveryDetails.accountNumber

orderForm.deliveryDetails.phone

orderForm.deliveryDetails.poNumber

orderForm.deliveryDetails.email

orderForm.deliveryDetails.companyName

orderForm.deliveryDetails.billingAddress

orderForm.deliveryDetails.deliveryAddress

orderForm.deliveryDetails.deliveryDetailsDeliveryAddressSameAsBillingAddress

orderForm.deliveryDetails.address1

orderForm.deliveryDetails.address2

orderForm.deliveryDetails.city

orderForm.deliveryDetails.state

orderForm.deliveryDetails.postCode

orderForm.deliveryDetails.country

orderForm.deliveryDetails.additionalInformation

orderForm.noItems

SECURITY

Is Healthcare Security Up in the Clouds?

Michael Fimin, CEO and Co-Founder of IT security soſtware specialist Netwrix,

discusses the online cloud-based services and whether they are strong and secure enough for the healthcare sector.

As the National Health Service (NHS) comes under increasing pressure to optimise services’ delivery in the face of reduced funding, there will inevitably be a move to leverage the flexibility and cost savings afforded by cloud services.

From a pure security point of view, cloud technology is pretty mature. In its Hype Cycle for Cloud Security 2017, Gartner describes how public cloud service providers like Amazon, Microsoſt and Google have, for the most part, proved resistant to cyber attacks. Instead, the security weaknesses to emerge thus far have been largely self-inflicted.

In other countries, most notably the U.S., the introduction of cloud services into healthcare has thrown up some cautionary tales. For example, the cloud-based electronic health record (EHR) system in the U.S. is accessible via smartphone and provides patients with faster and more efficient care. But major healthcare breaches (such as those at Anthem Inc. and Premera Blue Cross) have intensified discussions about security in the cloud and the potential impact on data privacy.

These examples, along with other incidents of unauthorised access by employees and third parties, point to a general lack of visibility into what’s going on across critical hybrid infrastructures and this has undermined confidence.

- 36 -

A 2017 study of more than 700 IT professionals around the world revealed that most healthcare organisations recognise the benefits of cloud technology, such as greater flexibility (80%), scalability (60%) and availability of systems and applications (60%).

Yet, without exception (100%) they are not yet ready to entrust everything to the cloud.

Healthcare providers’ key areas of concern include security of data and systems (64%), loss of physical control over data (57%), and regulatory compliance (50%).

The vast majority of respondents (61%) name insider misuse as one of the key security risks related to cloud technology and believe that malicious activities of their own employees pose more danger to sensitive data than anything else.

Other reasons why many healthcare professionals are sceptical about cloud security are the perceived risk of unauthorised access and account hijacking (64%) and the inability to monitor critical assets when they reside in the cloud (57%).

The old adage that you cannot manage what you can’t see is holding back cloud adoption in the health services. It is simply not a risk they can afford to take.

Healthcare providers also collect and store large volumes of highly valuable personal health information (PHI) and other personally identifiable information (PII).

As General Data Protection Regulation (GDPR) draws closer, stricter compliance obligations and larger fines for breaches are on the way. It means they will be even less inclined to experiment with technology advances that do not have clear security benefits.

In summary, the need to comply with industry regulations, limited budgets and pressures to optimise resources makes data protection particularly challenging for the NHS.

To take advantage of the many benefits that cloud technology can offer, healthcare IT professionals need tools that give them detailed visibility into critical file or document changes.

Such tools would enable them to reduce the exposure of sensitive data to advanced cyber threats and move forward with cloud services with greater confidence.

The ability to spot signs of suspicious activity early and take preventative action is critical for encouraging healthcare IT professionals to make use of cloud services more widely.

www.netwrix.com www.tomorrowscare.co.uk

Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | Page 6 | Page 7 | Page 8 | Page 9 | Page 10 | Page 11 | Page 12 | Page 13 | Page 14 | Page 15 | Page 16 | Page 17 | Page 18 | Page 19 | Page 20 | Page 21 | Page 22 | Page 23 | Page 24 | Page 25 | Page 26 | Page 27 | Page 28 | Page 29 | Page 30 | Page 31 | Page 32 | Page 33 | Page 34 | Page 35 | Page 36 | Page 37 | Page 38 | Page 39 | Page 40 | Page 41 | Page 42 | Page 43 | Page 44 | Page 45 | Page 46 | Page 47 | Page 48