Top 5 security threats in healthcare

The increase of mobile devices, embedded devices, virtualization software, social media and the consumerization of IT are the top five security threats for healthcare organizations today, says one expert.

Frank Andrus, chief technology officer at Bradford Networks, a security solutions provider based in Concord, N.H., shared with Healthcare IT News what he believes healthcare organizations should consider their top risks – and his recommendations for minimizing them.

[See also: Healthcare organizations at risk for more breaches]

1. So Many Mobile Devices, So Much Risk

Mobile devices are ubiquitous in today's society, and the number and types of devices used by physicians, nurses, clinicians, specialists, administrators and staff – as well as patients and visitors – is growing at healthcare organizations across the country. Providing anywhere/anytime network access is essential, particularly when instant communication is required to ensure quality patient care. But these devices are launched daily with upgraded versions of operating systems that are ripe for infection.

[See also: Kroll names top 10 data security issues for 2011]

Recommendation: Use network access control (NAC) solutions, which offer the ability to identify each type of user and connected device, scan the device for threats – including out-of-date anti-virus or anti-spyware protection – then provide access based on the device and the user's role within the network. The NAC solutions can also provide a view of network security status across all brands of equipment and devices so nothing falls through the cracks. Such a view is crucial in health care organizations, whose networks are often comprised of infrastructure from multiple vendors.

2. Embedded Devices Become the Norm

As tablets and mobile devices with wide-area network and Wi-Fi capabilities – including medication scanners, patient-monitoring systems and imaging devices – become more common, embedded connectivity makes tracking, monitoring and managing enterprise productivity easier while helping reduce errors. However, embedded connectivity also puts a strain on bandwidth and exposes the network to viruses brought in by a host of new connected devices that are different from traditional PCs.

Recommendation: Incorporate a security solution that will protect the integrity of critical (and often private) data and close any vulnerability gaps in the network.

3. Virtualization from Desktops to Servers