February 16, 2021

Small Security Solutions, Big Security Impact

I have a passion for helping healthcare organizations deliver their services to patients. My job is to design solutions to ensure data is secure, available, and deliverable to caregivers in a timely manner.  With the ever-growing threat of cyberattacks, I’m also here to help educate my customers and advise on putting the proper security protocols in place for healthcare organizations.

Gone are the days of just having a good perimeter defense and calling it “good enough”. Here are several strategies that are affordable and easy to deploy that will have a big security impact on your network.

Multifactor Authentication (MFA) has become a baseline feature that everyone should implement.   It is one of the best and most effective ways to guarantee that the proper person is logging into the network. As a result, CloudWave has made having an MFA solution in place mandatory for our OpSus cloud service customers.  Cybersecurity insurance has even started to charge higher premiums for those organizations that do not have MFA in place to protect PHI and other important data.

Carbon Black is a very sophisticated tool that can harden each endpoint on your network and it also gathers statistics and behaviors on each endpoint.  It then looks for abnormalities and for known behaviors that are used by attackers.  Smart or AI driven security will be commonplace and necessary to keep up with the growing security challenges.  This is one of those products that not only can wrap around your perimeter, it also wraps around nearly every layer of your network in some capacity.  It can proactively process vulnerabilities as they occur, stop some attacks before they start and even shut them down before they get a chance to execute.  Carbon Black’s real-time data driven security can act on attacks and alert security staff of issues which will have a huge impact on securing your network.

Auditing and tracking what your end users are doing is a requirement that we’re all familiar with when it comes to HIPAA audits.  OpSus Sentry logs and analyzes end users’ activities.  It can detect suspicious activity and replay the user’s actions for post event analysis.  This is really a unique tool that promotes accountability across all end users, even network and database administrators.

A variety of a la carte security services can fill many security holes.  With OpSus Defend, HIPAA risk assessments, SIEM log monitoring, connected medical device protection and Vulnerability Threat Management are available as separate services, and are completely designed to protect hospitals.  Choosing individual services can be a cost-effective way to get immediate benefits.

Protecting your systems, data, and users can seem overwhelming, but implementing small solutions over time can have a big impact on your security posture and bring value to your organization.

David Tilley is a Solutions Architect at CloudWave.  He can be reached at dtilley@gocloudwave.com.