IT and Cyber Security Challenges in Healthcare Industry
By Salah Nassar, VP of Marketing at CipherCloud
The sudden influx of remote workers due to Coronavirus pandemic has put a strain on business continuity. Many organizations have adopted Virtual Private Networks (VPN) to securely connect with the enterprise data centers. But the VPNs are not designed to scale. In fact, they are not meant to scale, and this is driving many organizations to reevaluate their security architecture. The majority of existing security solutions such as VPNs and Firewalls are meant to protect on-premises data centers with three tier networks and managed endpoints.
Legacy security solutions have been put to the test this month and they have failed to deliver, primarily because the VPNs that tunnel employees back to on-premises data centers cannot scale to handle the traffic surge, rendering the on-premises network, data center, and software security layers useless. This has led to many organizations without an end-to-end security solution for the hundreds or tens of thousands of employees logging in remotely.
Why did the VPN fail?
One of the biggest problems of remote employees is maintaining a security posture by replicating the security stack design for the data center. This simple fact was the genesis of VPN solutions. But in today’s world, where we can connect directly to SaaS apps, there is no need for establishing a secure tunnel to the server in our data center to access sensitive information. SaaS apps are our new data centers. This is where VPNs fail, because they are not designed to scale and accommodate the thousands of employees working remotely. Even if they are set up in an aggregated architecture to manage the incoming traffic, VPN does not solve the number one problem healthcare organizations are struggling with - enabling deep visibility into the data and user activity of remote workers to ensure healthcare data integrity and HIPAA compliance.
The new environment and reality of today’s workforce is a cloud-mobile environment, where employees can connect remotely, using any device, from any location directly to SaaS apps. They no longer need to establish VPNs. The advent of apps has created an environment where users circumvent VPN and the entire on-premises security stack.
How to secure the cloud-mobile environment?
This is the million dollar question asked by every industry vertical in the current scenario. The most crucial combat lesson learnt from the past is that every organization needs to have a business contingency plan in place to ensure all services are up and running, and accessible regardless of the user location. The pandemic has forced many healthcare organizations to adopt new apps to maintain business continuity. In some cases, the adoption of apps such as Slack, Box, or expanding existing projects such as Office 365 migration has created other problems – Data Compliance.
Join a webinar discussion on securing the cloud-mobile environment in the context of healthcare providers. The discussion will include a case study review of a hospital that was faced with the challenge of implementing work-from-home policy for all their non-patient workers, and how using CASB they could solve their data privacy and compliance requirements.