Another week, another reported “cyber attack”. This time, hackers exploited vulnerable desktop computers - not necessarily the wireless devices that are brought into a healthcare facility.
It’s not so much the threat of attack on BYOD (Bring Your Own Device) tablets or smartphones, as much as the potential for lost employee productivity. Social media networks continue to gain a larger share of the total time that Americans spend online, some estimates putting the number as high as 27% - that’s where BYOD in Healthcare could be a larger concern.
In locking down both the internal user access and preventing outside or rogue devices, mobility system experts are beginning to see that the idea of having the old-school “4 Walls and a Smoke Screen” method of defense is a bit too old. Here are some ways the direction is being changed by “new school” thought leaders, and so by doing, are able to better support BYOD in Healthcare.
1. Role-Based Access Control - Instead of the previously mentioned “smoke screen”, knowledgeable administrators are now providing user access based on the role of each user. We call it “Role-based Access Control”, but simply put - your segmented users are put into groups and different rules are written with those groups in mind. Therefore, an executive role might be provided unfettered access to the core, while employees in administrative roles might only need limited access.
2. Utilizing 802.11ac Technology - By upgrading your wireless access to the 802.11ac technology that is now available, you can zap 2 kidney stones with one laser - by increasing your capacity and increasing performance thereby increasing your ability to support low-powered wireless devices in healthcare.
3. Manage Applications - With the explosion in popularity of applications on those wireless devices, specific applications can now be filtered, denied or allowed, even restricted while a wireless device is connected to your healthcare wireless network. Some of these advanced features might require a thorough evaluation of existing infrastructure. In most cases, a healthcare organization that is interested in implementing some type of BYOD initiative can do so at lower costs than previously quoted.
4. Cost - For many smaller healthcare organizations, wireless networking costs have been one of the past roadblocks to successful BYOD implementation. All the physical components necessary to mitigate security risks have in some cases been combined into one device and licensing costs have been eliminated. So, while you may notice a difference in pricing upfront, always consider the total cost of ownership.
5. Compatible Infrastructure - Some manufacturers might act like the big bully at the end of your street, they won’t play nicely with anyone. Other companies have decided the best way to bring down a giant is to focus on one aspect of the mobility system and never deviate. Along the way, they may pick up partnerships with companies that focus on another aspect of a mobility system, so make sure you’re selecting pieces of the puzzle that “play nice” with the other guys on the block.
6. Check features out of the box - Do you really need all those extra physical appliances? The products you are sourcing now might be advanced enough to scrap older appliances that still require those additional licensing costs. When costs enter the picture again, wouldn’t it be somewhat easier to update software instead of constantly buying new pieces of hardware? If the firmware can be updated to account for the constantly evolving technologies, that might be a more advantageous route to take. Then again, additional components and appliances may have to be considered based on the current infrastructure.
7. Visibility – This is not just for the ophthalmologist on the 4th floor of the building. Knowing who, what, how and with what device someone is connected to your network can now be visualized. See if your solution allows for all BYOD devices to be visualized on the network since RF is an invisible medium. If no current visualization software is in place, consider what will integrate well with your existing infrastructure.
8. Network segmentation – Recently, someone explained that they had been in IT for 35 years and weren’t gonna “hear it” from someone that’s been concentrating solely on RF design the last 10 years. Really? Turns out same person does not segment their wireless network into VLAN’s. Now, the author of this story is no engineer, but if I could live in the head of an RF engineer for a moment, I’d suggested that’s a bad idea. The engineer would have a deeper, more granular explanation, but were this type of thinking shared in a healthcare setting, sensitive data could be exposed to the outside world. Segmenting a healthcare wireless network to isolate the EHR system along with other systems requiring access to the EHR is certainly a “best practice. Why let anyone near the EHR system if they have no reason to be there?
9. Audit Credentials – If you are integrating a wireless solution with Active Directory, verifying that all the users in the database have the appropriate credentials. Verify the correct structure and policies are in effect for each user group.
10. Plan to Pivot – As mentioned above, technology changes frequently, so do your best to stay in front of the changes. Do your best to make sure what you’re implementing today can pivot as the market for supporting secure BYOD in healthcare continues to evolve.
If you’re considering BYOD implementation on your hospital wireless network, there’s a lot of planning involved, but it is worth it after it’s all said and done.