By Bob Zemke, Director of Healthcare Solutions at Extreme Networks
Healthcare networks are becoming significantly more complex, which presents a growing challenge to the IT staff supporting them. The successful implementation of wired and wireless networking technology in these kinds of environments is dependent on an architecture that can handle the unique capacity, coverage, security, and segmentation requirements of healthcare facilities while also adhering to compliance standards.
In an age where the Internet of Things dominates all industries, hospitals and healthcare organizations face unique challenges: they are expected to match the benchmarks of other industries for speed and quality while reducing the impact of breaches. To accomplish that, it is critically important hospitals ensure proper control measures are in place to maintain an effective network security posture. Below, is a list of some of the most prevalent security challenges hospitals and healthcare organizations face today, as well as what can be done to help alleviate these concerns.
Rather than thinking solely in terms of device counts and bandwidth, organizations must now reassess their approach to medical device support and how to best apply business intelligence to the network. As connected medical devices become more prevalent, IT staff at hospitals must constantly update security measures to ensure the facilities are meeting compliance.
With many healthcare organizations using and adding wireless devices such as IV pumps, blood gas analyzers, telemetry systems, mobile X-ray machines, ultrasound units, hemodialysis devices, and glucose meters on their wireless local area networks, taking a proactive approach to prevent any type of breach is serious.
To do this, it’s important to give IT teams the ability to apply policy from any network node to any individual device accessing the network, whether it is a patient device or a life critical medical device. Hospitals and healthcare facilities can get this done through network analytics. These tools equip IT with the capability to understand how well new systems or devices are being adopted, what the baseline is for each application regardless of whether it’s hosted onsite or in the cloud and even when the slowest work times are for scheduling change control windows. Network based analytics brings meaningful big data understanding to the health and usage of a hospital’s infrastructure.
In addition to bringing medical devices onto the network, healthcare providers are increasingly recognizing the cloud empowers them to reduce costs, enhance agility and improve, insights — a few of the many reasons these organizations are now investing more heavily in these initiatives. While there are numerous potential benefits with using cloud computing, healthcare organizations should also be well aware of the potential risks. The permanent, unplanned loss of data can put any organization at risk of shutting operations which interferes with patient care, employee collaboration, and record accessibility. Additionally, it can also have serious implications for an institution's ability to maintain compliance standards surrounding data protection and recoverability.
Only through providing a solid networking infrastructure that includes end-to-end application, device intelligence, and reliable connectivity can hospitals ensure adequate safety of patient data. This infrastructure will play a leading role in enhancing the institution’s ability to deliver innovative healthcare that will increase patient satisfaction and improve situational awareness in providing efficient and timely medical services. Using intelligence from network-based analytics, IT can optimize application service delivery and improve overall visibility.
Given the rise of mobile computing and BYOD in healthcare, the once straightforward process of protecting private health information has evolved into a more complex and nuanced undertaking. Understanding coverage and connectivity requirements is the first step of any clinical grade BYOD solution. The network must be capable of connecting to all Wi-Fi devices clinicians and staff bring into the facility, and prioritize traffic according to its importance. To operate smoothly, there can be no bottlenecks from the Wi-Fi access points, back through the wired switches, and all the way to the broadband Internet connection and the data center. These connections must be highly available and fault tolerant to ensure uninterrupted service.
Additionally, while the network must be capable of connecting all devices, it must also be very selective in doing so. Authorized devices should be expeditiously on boarded, while unauthorized devices must be prevented from gaining access to the network or moved to a guest access network. The best way to implement this is with a defined policy as to which devices, users and apps can access the network resources from defined locations at specified times of day. This policy needs to be implemented consistently across the wired and wireless network with policy integration from firewalls to prevent access from outside sources that can damage the network. By incorporating network integration with firewalls, hospitals and healthcare facilities are able to ensure that policy can be smoothly implemented across all resources. The network must be capable of both controlling and monitoring all devices and network activity.
According to a June 2016 survey, almost half of participants indicated their organization had suffered a ransomware attack in the past year. In that same survey, fewer than 10 percent of participating organizations said they felt confident in their current ability to fight cyberattacks. It is clear from these findings there is considerable uncertainty about how to handle these attacks and the need for more effective end-user education within hospitals across the industry is critical. Fortunately, this recent surge in ransomware attacks on hospitals is driving healthcare organizations to consider new and improved approaches to dealing with this evolving threat.
With this knowledge, hospitals must reevaluate how they are putting medical devices and other critical patient data on their networks and be proactive about security concerns related to patient information. Hospital and healthcare facility IT departments need to focus on ensuring that they are operating with a secure network by using multiple approaches. IT needs to provide efficient and centralized control of both wired and wireless network infrastructure as well as resources that simplify management, ease troubleshooting and enhance network reporting. Additionally, IT needs to deliver added visibility into application usage across the entire network to protect against suspicious or malicious use of the network and its valuable resources. Information security professionals, technology executives and administrators need to work together to identify and defend against cyber incidents of all kinds.
There are many challenges that hospitals and healthcare organizations face when it comes to ensuring patient safety and confidentiality. However, the industry is making progress by supporting proactive measures, and with an approach to evaluating network activity, these organizations are able to adequately address abnormalities as they arise. As hospitals and healthcare organizations continue to adopt new technologies to enhance patient care, their IT teams must take into account any potential breaches and develop a plan that accelerates the response and recovery process.