Responding to IT Security Issues in a Post-COVID-19 World
To address this issue, healthcare providers are exploring access management tools such as multi-factor authentication or requiring two pieces of evidence to log in. This mechanism can help better protect people who access data through patient portals.
However, the right knowledge is essential for its proper implementation, as patients may see it as a barrier to their care experience. For this reason, security teams must be prepared to take extra steps to properly educate their healthcare providers about cybersecurity and the threats often associated with telehealth. Clinical staff can then share this information with patients so they feel more comfortable with the new process and confident that their data is secure.
Access management helps protect a newly remote workforce
In addition to increased interest in telehealth services, the pandemic has also enabled a remote workforce, meaning more and more people are now managing traditional work online in person.
This change may be significant from a patient perspective, allowing individuals to access and receive care on their own time, but for providers faced with the novelty of remote care operations, cybersecurity best practices can sometimes be overlooked.
This is concerning, given that in April Google blocked 18 million daily malware and phishing emails related to COVID-19 in a single week. The sheer volume of this type of attack is why healthcare security teams need to focus their efforts on securing patient data in all its forms.
LEARN MORE: Discover five ways to protect devices and data for remote healthcare.
This is yet another way access management can help teams improve their security posture, ensuring that only the right people have access to the right data at the right time. This approach to data security helps IT teams limit unwanted exposure of patient data while remaining alert to anyone who might gain access to the network for the wrong reasons.
Build a defense that can manage the adoption of IoT technology
Finally, as healthcare systems create temporary facilities, an increasing number of Internet of Things devices are placed on their networks in order to administer care. This poses a major risk to the security of patient data, given that anyone nearby could now be able to access these networks through such devices.
Data from Palo Alto Networks tells us that IoT devices are truly the low-hanging fruit for attackers, with 57% of IoT devices vulnerable to attacks of medium or high severity. To make matters worse, 98% of all IoT traffic is unencrypted, which can easily lead to unwanted exposure of personal and confidential data on the network.
To prevent known and unknown IoT-focused cyberattacks, healthcare IT managers need to recognize and manage the risks associated with these devices. This involves having better visibility into their organization’s networks to list all currently connected IoT devices. From there, security teams can more properly segment networks to account for these devices.
But the work does not stop there. Real-time analytics can also enable active monitoring, helping these teams better spot network anomalies such as the use of untrusted devices. Formulating a baseline of what is considered normal can help organizations address key IoT threats and take actionable steps to reduce risk.
This article is part of HealthTechMonitor blog series. Please join the discussion on Twitter using #WellnessIT.