Endpoint vulnerability threatens healthcare security

survey conducted by Ponemon Institutes has found that the risk of healthcare network leaks and cyber-attacks is rising as a result of endpoint vulnerabilities.

The digital communication age has brought plenty of new challenges to healthcare organizations, who have seen an increase in network access and information with an array of new devices in recent years. The devices used to access an organization's network are often in the hands of those who may be carless with security practices, therefore raising the number of ways that a network hack can take place.

Analyzing information system security across many industries, the Ponemon study found that protection of endpoint devices is lacking and not able to protect from the risks that confront them. Including devices such as servers, desktop and laptop computers, smartphones, printers, point-of-service devices, endpoint devices send information to an organization’s information network. It serves as the gateway to the information network and hackers are able to enter the network though the connected device.

With the value of the data that healthcare providers and payers provide, the healthcare industry has become a major target for hackers. With the increased use of mobile devices, the organizations have not paid enough attention to assessing whether a device is safe. “While there are lots of tools and devices to make endpoint security better, the reality is that many organizations remain in a status quo environment and are not being proactive,” writes Ponemon.

The survey found that 81 percent of respondents said the biggest challenge is minimizing the threat of negligent or careless employees who do not follow security policies. The threat caused by the growing number of insecure mobile devices in the workplace increased to 50 percent from 33 percent in 2013, respondents said.

A total of 60 percent said that it has become more difficult to manage endpoint risk, and 80 percent of respondents believe their mobile endpoints have been the target of malware over the last 12 months, up from 68 percent only two years ago. They estimated that an average of one-third of all endpoints connected to their organizations' network are not secured.

Many healthcare organizations have stuck with building strong perimeter defense, but not every piece of malware is detectable even by the best firewalls. Organizations often don’t have the resources to challenge these attacks or believe that hackers were targeting sectors such as banking and finance. While other sectors have fortified their network defenses, the healthcare’s security remains venerable. Ponemon suggests “taking a good look at cloud computing vendors, as they have stepped up with very secure environments, making it possible for even the smallest providers to have adequate protection.”

""
Cara Livernois, News Writer

Cara joined TriMed Media in 2016 and is currently a Senior Writer for Clinical Innovation & Technology. Originating from Detroit, Michigan, she holds a Bachelors in Health Communications from Grand Valley State University.

Around the web

The tirzepatide shortage that first began in 2022 has been resolved. Drug companies distributing compounded versions of the popular drug now have two to three more months to distribute their remaining supply.

The 24 members of the House Task Force on AI—12 reps from each party—have posted a 253-page report detailing their bipartisan vision for encouraging innovation while minimizing risks. 

Merck sent Hansoh Pharma, a Chinese biopharmaceutical company, an upfront payment of $112 million to license a new investigational GLP-1 receptor agonist. There could be many more payments to come if certain milestones are met.