The COVID-19 pandemic has seen a significant shift in business reliance and dependency on technology. This shift is most evident in the Healthcare industry. From supply chain to patient care to telemedicine; the healthcare industry has experienced a seismic shift in the use of technology as part of everyday activities.
This business dependency has come with increased risk. Last year, healthcare organizations became prime targets for all types of cyberattacks including Ransomware, Distributed Denial of Service (DDOS), remote code execution, identity and data theft, and intellectual property theft. According to a survey conducted by the cybersecurity firm Emsisoft at least 560 healthcare providers have been hit with Ransomware attacks in 2020. The perpetrators of these attacks range from cyber criminals to state sponsored organizations seeking intellectual property to hacktivists that are using the criticality of healthcare organizations to further their agenda. The criticality of health care in response to the pandemic made the industry a prime target for a wide variety of bad actors.
Security Solutions Needed by Healthcare Leaders
Healthcare IT leaders are being overwhelmed with recommended solutions that can address the outbreak of cybercrime that have been attacking their organizations. Everything from firewalls to SIEMs to vulnerability management solutions are being recommended as solutions to healthcare’s cybersecurity challenges. Each of these solutions have benefits and weaknesses when added to a healthcare provider’s security ecosystem. However, healthcare leaders are looking for solutions that focus on fingerprinting and securing devices as they come on the network, as well as assessing user behavior and profiling users through the use of machine learning. Being able to combine the capabilities of device level security with user level security is the type of solution that will significantly reduce the IT risk and simplify security operations – two challenges that are currently prevalent inside the healthcare industry.
Aruba Networks Solutions – ClearPass and IntroSpect
Thankfully, Aruba Networks has two offerings that will provide healthcare leaders with the necessary solutions to combat the threats faced by their organizations. Combining the award-winning network level security control that ClearPass provides with the machine learning capabilities of IntroSpect delivers 360-degree visibility into the threats that challenge them.
Aruba Networks ClearPass
Aruba ClearPass is the leading security solution for ensuring that healthcare providers avoid today’s cyber threats. ClearPass enables policy control and automated response across the entire ecosystem. Furthermore, ClearPass can provide consistent protection across a wide variety of IT infrastructure including medical devices that fall under the new IOMT (Internet of Medical Things) label. IOMT is part of a larger medical device security challenges that healthcare organizations face regarding securing IOT. ClearPass provides the same level of security no matter if the endpoint is considered part of IT, IOT or IOMT. Lastly, ClearPass can provide secure access to guest and BYOD devices that are found throughout most healthcare facilities. All of this security capability can be performed without the need to install an agent and with little to no administrative overhead. Enabling a hospital IT leader to solve so many security challenges without having to task an already overworked team member is a win-win situation.
Securing medical devices on a healthcare network is one of the chief challenges facing most leaders. Segmenting IT infrastructure, such as laptops and phones, from medical devices (IOMT) has been a daunting task for many years. Typically, healthcare networks supporting IT devices are completely separate infrastructures from those that support the medical devices. This additional network infrastructure comes at a significant cost in support and maintenance. ClearPass allows for those same medical devices to be logically segmented by policy and the same policy can apply to a device that is physically connected or connected via a wireless network. This allows for the same switch or access point that is used to support the IT infrastructure to also be used to provide connectivity for medical or IOT devices. By logically applying a policy to the device based on specific data, or a fingerprint, a healthcare network can safely have IT, IOT and IOMT devices share the same infrastructure but be completely segmented from one another. And this segmentation and control can be enacted via a central policy controller without the need for an agent. ClearPass is a truly powerful tool that should be part of any healthcare organizations toolkit.
Aruba Networks IntroSpect
Coupling the network controls of ClearPass with the user analytics and machine learning capabilities of IntroSpect is a powerful combination. The IntroSpect solution focuses on the “who” and “what” questions of the security problem. Simply put, IntroSpect looks at “who the user is” and “what they are doing” on the network, using machine learning to look for anomalies in a user’s behavior. Let’s look at another common security problem in healthcare. A user has their account compromised and a malicious actor wants to utilize the access to steal information about some of the patients in the hospital.
In addition to a patient’s health, a hospital has a vast amount of data regarding their personal information, including their insurance information. IntroSpect uses UEBA (User and Entity Behavior Analytics) to identify those breadcrumbs of information that might go unnoticed by an administrator. Examples of anomalies are a user accessing information that they typically do not access as part of their regular workday or a user logging into their account from a London location one minute after they logged in from Sydney. IntroSpect is constantly looking for those events that individually might not raise suspicion but put in the context of time might be the precursor to an attack.
Today’s healthcare networks are under constant attack – attack from a wide variety of threat actors. Utilizing solutions like Hewlett Packard Enterprise/Aruba ClearPass and IntroSpect give today’s healthcare IT leaders a fighting chance to thwart off data theft or a Ransomware attack.
Get on a secure footing.
Mainline Information Systems has the security skills to help companies develop the security solutions to protect your organization. As a Hewlett Packard Enterprise (HPE)/Aruba Platinum partner, Mainline has a deep rooted, long term relationship with Hewlett Packard Enterprise and specifically Aruba Networks. Hewlett Packard Enterprise has solutions that can address a wide variety of security challenges from the data center to the cloud.
Together we help our customers solve today’s as well as tomorrow’s security challenges. From security assessments and analyzing the current architecture to designing and implementing a new solution, Mainline has the proficiencies necessary to put your company on a secure footing.
For more information about Aruba ClearPass and Introspect, or any HPE/Aruba solution, contact your Mainline Account Executive directly, or reach us here.
You may be interested in:
BLOG: Cybersecurity Across OT/ICS Environments