Do you know that in the US alone, over 76 billion situations of extremely confidential Protected Well being Info (PHI) have been reported to be uncovered in breaches previously 24 months?1
Sadly, the specter of cyberattacks in healthcare continues to develop because the trade faces the arduous activity of securing extremely useful and delicate info in Digital Well being Document (EHR) programs. Whereas an EHR system provides many advantages, it additionally presents an amazing safety problem. Specifically, EHR programs comprise delicate info, reminiscent of individually identifiable well being info that should be protected against unauthorized entry below Well being Insurance coverage Portability and Accountability Act (HIPAA) tips and the just lately up to date Well being Info Know-how for Financial and Scientific Well being Act (HITECH). 2
One method to securing EHRs is microsegmentation, a community safety method that creates smaller, remoted community segments inside a bigger community. Every section accommodates a selected set of sources or workloads, reminiscent of a selected utility or kind of information. By segmenting the community on this method, safety insurance policies will be enforced at a extra granular stage, making it harder for attackers to maneuver laterally inside the community.
So, what are the methods which you can implement a technique of microsegmentation inside your healthcare group?
Cisco Safe Workload
Cisco Safe Workload is without doubt one of the options that can be utilized to implement microsegmentation in healthcare environments. This resolution makes use of a mix of software-defined networking and policy-based safety to create and implement microsegmentation insurance policies. Workloads are robotically categorized primarily based on their traits, and insurance policies are utilized primarily based on this classification.
For instance, a healthcare group can use Cisco Safe Workload to create separate segments for EHRs, billing programs, and different functions. Every section would have its personal set of safety insurance policies, reminiscent of guidelines governing entry management and information encryption. Within the occasion of a safety breach, the impression could be restricted to the section wherein the breach occurred, reasonably than affecting your complete community.
Cisco Utility Centric Infrastructure
Cisco Utility Centric Infrastructure (ACI)is one other resolution that can be utilized to implement microsegmentation in healthcare environments. Cisco ACI is an information heart networking resolution that gives complete policy-based automation and administration of your complete infrastructure. It makes use of a declarative mannequin to outline the specified state of the community, and robotically configures the community to match that state. With Cisco ACI, microsegmentation will be simply carried out and enforced. Cisco ACI’s coverage mannequin permits for extra granular safety insurance policies to be utilized to particular person functions or workloads.
Each Cisco Safe Workload and Cisco ACI can be utilized in conjunction or as standalone programs as a part of your group’s path to securing the EHR, leveraging application-focused microsegmentation both on-premises or within the cloud.
Microsegmentation will also be used to assist compliance with regulatory frameworks such because the Well being Insurance coverage Portability and Accountability Act (HIPAA), Well being Info Know-how for Financial and Scientific Well being Act (HITECH), and HHS 405d. By implementing granular safety insurance policies, healthcare organizations can show to auditors that they’ve taken applicable steps to guard affected person information. Additionally, microsegmentation is a part of the bigger zero belief journey outlined within the Nationwide Institutes of Requirements and Know-how framework (NIST SP 800-207).
Along with bettering safety, microsegmentation may also assist healthcare organizations enhance community efficiency. By creating smaller segments, community visitors will be higher managed, decreasing the chance of congestion and bettering utility efficiency.
Safety is a steady journey, however Cisco will help you to navigate the panorama and stroll with you as you mature. When you’ve got questions on microsegmentation or on the way to take the following step in your safety journey, we encourage you to achieve out to a member of our CX healthcare apply.
- HHS OCR Reporting: Discover to the Secretary of HHS Breach of Unsecured Protected Well being Info – as of Apr 20th 2023
- HR7898 – HITECH Act – Protected Harbor