Did you know that 80% of healthcare facilities employ traveling nurses, and that doctors today are more like independent contractors working at multiple hospitals in their local regions? Combined with the staggering growth of connected devices (BYOD and IoT), tougher regulations, and increasing competition, healthcare IT teams are faced with some serious security problems.
The task is more challenging than ever, IT has to deal with:
- Device misuse by employees and guests
- Lost devices and passwords
- New security threats like ransomware
How can hospital IT staff protect the hospital network, while making data accessible, and adhering to HIPAA compliance regulations?
The answer is by deploying the right network access control solution.
No matter what brand of product you go with, the right network access control solution should come with specific capabilities.
Here are four different scenarios and how hospital IT teams can use network access control to make sure their hospital’s network is set-up for success.
Managing Employee Access
In the hospital environment, each user’s role needs to be clearly defined, from internal administrators to front desk receptionists and physicians, these roles need to be established to define their access to internal resources on the network.
It’s critical that hospital IT staff have the ability to control access to these resources by:
Using this information you can define access privileges to your network’s resources.
For example, doctors need to have access to patient records, but not have access to hospital admin services that deal with ordering medicine.
Odds are you’re going to have a large mix of users who want access to your network, and no matter who they are you need the ability to differentiate between them by role, device, and location.
Again, using this contextual data, you can create pre-defined policies to enforce a variety of things on your network, including:
- Who can on-board their BYOD device
- What type of access they can have
- How many devices they can on-board
- What types of devices they can on-board
- What location(s) they can access your network from
The right solution needs to have strong authentication capabilities and a very simple, easy to use user portal for the best possible experience. This means using certificates to allow your users to avoid having to remember passwords and potentially losing them as well as having easy to use guest portals.
Lastly when it comes to BYOD your NAC solution should easily integrate with your wireless network to enforce bandwidth restrictions, MAC caching and length of stay contracts.
Do you know how many connected devices there are in the average hospital room besides smartphones and other personal devices?
On average, you can find up to 15 other types of connected devices, and all of them pose a security threat if left unsecured.
Can you imagine the nightmare if you had an infusion pump breached that potentially threatened the health of one your patients?
Remember you can’t secure and mange what can’t see.
IoT devices need to be accounted for and monitored at all times, just like every other device on your network. You need to have the ability to create custom fingerprints for IoT devices, allowing you to give that IoT device priority access over other devices.
Every day hospital IT staff watch anxiously as their users, be it doctors, nurses, or patients, walk sensitive hospital information right out the front door.
I’m not trying to be dramatic, as most hacker takeovers or data security breaches in healthcare occur when unaware doctors or patients share their credentials or expose their unprotected personal mobile device to cyber security threats like malware and ransomware.
HIPAA over the last 20 years has tried to regulate patient privacy and portability and it’s been up to hospital IT staff to make sure everyone and every device is in compliance.
IT needs the ability to guarantee all devices on the hospital wireless network are HIPAA compliant by encrypting storage of patient information on every single connected device, and let’s not forget secure archiving of that data as well.
The right NAC solution should give you the ability to accomplish both locally and through a SIEM solution for more long-term storage.
Enforcing both encryption and automating patches, hotfixes, and anti-virus/spyware updates should also be included. For example, if an unencrypted device tries to access the network your NAC solution should detect this and automatically block that user from the network.
Managing both mobility and access on your hospital Wi-Fi network are critical pieces to your hospital’s overall IT strategy.
With today’s hospitals being multi-vendor IT environments, any NAC solution you deploy should integrate with all of the different parts of your infrastructure system to help strengthen your existing investments.
As modern healthcare continues to evolve and become increasingly connected, success depends more and more on the ability of IT to see, secure and manage everyone and every device on the network.
At SecurEdge, we deliver affordable, robust, secure, and easy to manage wireless platforms-it’s all we do.
If you have any questions about how to safely manage mobility and access at your healthcare facility, please contact us here, we’re always available to help.