If saving lives and caring for the sick aren’t already steep enough responsibilities, today, the sophisticated world of cybercrime has thrust the healthcare industry, and the medical professionals that work within it, into its crosshairs.
Healthcare & The Digital Workspace
That means on-the-go nurses — with laptops and tablets in hand that often contain sensitive, HIPAA-regulated data — are subject to all the cyber risks that apply to those devices. Healthcare organizations, like all businesses that are adapting to the modern digital workplace, need to see and understand the risks to endpoint devices and the data on them.
In recognition of National Nurses Week and to support all that is asked of these hard-working, caring professionals, here are a 5 tips for how healthcare organizations can apply a cybersecurity-centric mentality to the job.
1. Educate All Staff
To mitigate the risk of employee mishap and misuse, train staff on the importance of data security. Implement a well-communicated policy on how and when to report missing devices, suspicious email trends and device irregularities and maintain enforceable repercussions for intentional infractions. Read: Healthcare Cybersecurity and Data Security in 2019 for insight into this year’s top threats.
2. Help the C-suite Understand
Appoint a CISO or Data Protection Officer to be responsible for your organization’s data security. This person should oversee HIPAA compliance initiatives and ensure data security is a regular topic at Board meetings.
3. Take Back Control of Your Endpoints
When endpoints go rogue or become invisible due to faulty security agents, you need to act fast. Absolute’s proprietary Persistence® technology is embedded in the firmware of more than 70 percent of the world’s endpoint devices. Because it’s the only embedded security solution, it is the only cloud-based platform that maintains a persistent connection to devices, regardless of user behaviour or device performance.
4. Add Resiliency to Your Security Solutions
The 2019 Endpoint Security Trends Report found that more security does not equate to more secure devices. In fact, much of organizational endpoint security spend is wasted on solutions that simply don’t work due to missing or broken agents or disabled controls. Rather than throwing good money after bad, IT and security teams should instead strive to reduce complexity on the endpoint and focus on ensuring that existing security tools are fortified, more resilient, and less inclined to fail.
5. Get Real About Real-Time Evaluation and Response
Your organization should be able to evaluate its security posture in real time to ensure all devices are patched for known vulnerabilities, whether on or off the network. When new vulnerabilities crop up (and they will), your IT team should be in a position to proactively address these emerging threats with data controls and/or patch distribution. According to a Ponemon study, 425 hours are wasted each week by IT teams chasing false negatives and false positives.