Apr 19

2017

3 Major Benefits of Micro Segmentation in Healthcare

By Great Bay Software

Virtualization has driven a wave of micro segmentation deployment in the data center. This security technology helps break the data center into logical elements, isolating access and limiting lateral movement of malicious activities in case of a breach.

Segmenting enterprise networks via VLANs, VPNs, NAC and other tools has long been used for performance improvement and user access policy enforcement. Especially in the healthcare segment, the combined upsurge of cybercrime and use of high-risk IoMT devices means that micro segmentation is becoming a critical network security component. Read more in our blog: Why the Healthcare Industry is a Top Target.

 “Hackers, once on a network, often go undetected as they freely move from system to system looking for valuable information to steal. Credentials, intellectual property, and personal information are all at risk…. A secure network design that focuses on micro segmentation can slow the speed with which an attacker moves through a network and offer more opportunities for detection of that movement.” SANS Institute “Secure Network Design: Micro Segmentation”

Beneficial Reasons for Micro Segmentation

  1. Safeguard Biomedical Devices

Patient monitors, infusion pumps and mHealth wearables are a just a few examples of high-risk IoMT devices. They can create a backdoor into hospital networks, making them a top target for cyberattack. Isolating these vulnerable devices based on department, application, location or endpoint type significantly limits a hacker’s ability to gain access to valuable hospital data such as patient records.

  1. Streamline Regulatory Compliance

The effort of implementing a micro segmentation strategy can lead to a big ROI. It enables IT security teams to reduce the scope of PCI DSS, HIPAA, HITECH and other expensive regulatory compliance requirements. For example, PCI systems can be virtually isolated, limiting their interaction with non-PCI applications. Also, an effective micro segmentation implementation, in and of itself, may satisfy many compliance requirements without additional work.

  1. Limit Impact to Business Operations

While micro segmentation alone will not stop an attack, it can slow things down before the attack moves across the network. This reduces the effort and resources required for incident response, eradication and recovery. An attack or breach is easier to detect and isolate so that responders can safely begin to eliminate the threat. Fewer systems in the segment means that the compromised segment or system can be cleaned and brought back on line more quickly.

The Role of Device Discovery and Visibility 

Micro segmentation can be accomplished through the use of a variety of commonplace tools. However, a multi-system approach creates complexity and cost. Discovery and visibility can reduce this complexity by providing in-depth profiles of every endpoint regardless of the type and number of devices. For example, having real-time data on location, expected behavior, permissions and ownership can streamline segmentation rules and processes. Learn more about mitigating the risks of connected healthcare here.

 

Micro segmentation enables rapid incident response, simplified compliance, and greater visibility through continuous monitoring. Realtime device visibility and control is a key to making this a cost-effective reality.

Report | Minimizing Network Security Risks Created By Medical Devices

How do we secure IoMT Devices?

Download Gartner Market Guide for IoT Security

Webinar | How Do We Secure the Internet of Medical Things?

Minimizing Network Security Risks Created by Medical Devices Whitepaper

Comments

Related Posts

Aug 17

2017

It’s Always Sunny in Philadelphia

It’s Always Sunny in Philadelphia Healthcare Informatics, an-online publication, hosts a series of Health IT Summits across the country. We just returned from the Philadelphia Conference. We had...

Aug 10

2017

Is Your IoMT Security Keeping up with Regulatory Mandates?

Securing healthcare networks and devices is not just critical to operational continuity but to regulatory compliance as well. Compliance can be a veritable alphabet soup of mandates: HIPAA mandates...

Aug 02

2017

How’s the Health of Your Security Budget?

A recent Harvard Business Review article1 reminds us that the healthcare sector is the most heavily-targeted vertical industry. Read more in our earlier “Top Target” post. In 2016, more than 25% of...

Subscribe to Blog Updates