Endpoint vulnerability threatens healthcare security

survey conducted by Ponemon Institutes has found that the risk of healthcare network leaks and cyber-attacks is rising as a result of endpoint vulnerabilities.

The digital communication age has brought plenty of new challenges to healthcare organizations, who have seen an increase in network access and information with an array of new devices in recent years. The devices used to access an organization's network are often in the hands of those who may be carless with security practices, therefore raising the number of ways that a network hack can take place.

Analyzing information system security across many industries, the Ponemon study found that protection of endpoint devices is lacking and not able to protect from the risks that confront them. Including devices such as servers, desktop and laptop computers, smartphones, printers, point-of-service devices, endpoint devices send information to an organization’s information network. It serves as the gateway to the information network and hackers are able to enter the network though the connected device.

With the value of the data that healthcare providers and payers provide, the healthcare industry has become a major target for hackers. With the increased use of mobile devices, the organizations have not paid enough attention to assessing whether a device is safe. “While there are lots of tools and devices to make endpoint security better, the reality is that many organizations remain in a status quo environment and are not being proactive,” writes Ponemon.

The survey found that 81 percent of respondents said the biggest challenge is minimizing the threat of negligent or careless employees who do not follow security policies. The threat caused by the growing number of insecure mobile devices in the workplace increased to 50 percent from 33 percent in 2013, respondents said.

A total of 60 percent said that it has become more difficult to manage endpoint risk, and 80 percent of respondents believe their mobile endpoints have been the target of malware over the last 12 months, up from 68 percent only two years ago. They estimated that an average of one-third of all endpoints connected to their organizations' network are not secured.

Many healthcare organizations have stuck with building strong perimeter defense, but not every piece of malware is detectable even by the best firewalls. Organizations often don’t have the resources to challenge these attacks or believe that hackers were targeting sectors such as banking and finance. While other sectors have fortified their network defenses, the healthcare’s security remains venerable. Ponemon suggests “taking a good look at cloud computing vendors, as they have stepped up with very secure environments, making it possible for even the smallest providers to have adequate protection.”

""
Cara Livernois, News Writer

Cara joined TriMed Media in 2016 and is currently a Senior Writer for Clinical Innovation & Technology. Originating from Detroit, Michigan, she holds a Bachelors in Health Communications from Grand Valley State University.

Around the web

The American College of Cardiology has shared its perspective on new CMS payment policies, highlighting revenue concerns while providing key details for cardiologists and other cardiology professionals. 

As debate simmers over how best to regulate AI, experts continue to offer guidance on where to start, how to proceed and what to emphasize. A new resource models its recommendations on what its authors call the “SETO Loop.”

FDA Commissioner Robert Califf, MD, said the clinical community needs to combat health misinformation at a grassroots level. He warned that patients are immersed in a "sea of misinformation without a compass."

Trimed Popup
Trimed Popup