Tag Archives: network

Six Strategies for Achieving Connected Security

7838.security.png-550x0

A Holistic Approach is Critical for Securing Your Network

But a holistic approach is probably most critical when it comes to securing your network. Just when you think you have your network secured, there is always another threat — from outside or from inside. These threats have many names: spear phishing, botnets, zero-day threats, distributed denial-of-service (DDoS) attacks, insider threats and former employees. They are determined to exploit disconnected security — security tools, processes, user profiles and information that are separated in silos, leaving dangerous gaps in between.

The increasing complexity of IT environments only increases these gaps, providing attackers with many new opportunities to exploit. Consider the number of operating systems you are now slated to secure and the number of BYO devices that are a normal part of your organization’s operation, from smartphones and tablets to network-connected devices such as printers, scanners and kiosks. Yet BYOD is still in its infancy — just 24 percent of organizations say that BYOD is widely used and supported. And the Internet of Things (IoT) promises complexity on a scale that’s difficult to fathom, with analysts predicting that 6.4 billion connected things will be in use worldwide in 2016, and that the number will swell to 20.8 billion by 2020.

There’s no turning back. Your users want the mobility and flexibility BYOD provides, and your organization needs to remain agile and attractive to both current and prospective talent. But neither can you ignore the security threats that continue to grow in both number and sophistication.

6 Strategies for Achieving Connected Security

By abolishing technology tunnel vision and adopting a holistic, connected approach to security, you can embrace BYOD and new technologies while also protecting your IT network and systems from attackers. Here are the six key strategies:

  1. Discover and inventory all devices — Establish a complete and accurate inventory of all connected devices and keep it current with IT asset management software. You can’t secure what you don’t know about.
  2. Keep software up to date — Make sure that you are patching your operating systems and applications regularly. Using the latest versions of software is the starting point for eliminating vulnerabilities. Gartner, Inc., reports that nearly a third (30 percent) of system weaknesses can be resolved through patch management.
  3. Maintain antivirus software on all endpoints — Antivirus software was once considered the only line of defense against attackers. Although today you need other strategies as well, it’s still imperative that current antivirus software be in force on all of your managed systems.
  4. Deploy a modern firewall — Next-generation firewalls are no longer just for larger organizations. They offer critical new technologies that provide added protection and peace of mind, and they can be both affordable and easy to manage for organizations of any size.
  5. Conduct regular IT security audits and vulnerability assessments — With OVAL and SCAP scanning, you can get ahead of the curve in finding and remediating security holes in your IT endpoints.
  6. Encrypt your data — Security from the data level to the cloud is today’s mantra. Start with endpoint data encryption, which provides a solid defense against data loss from lost or stolen devices.

Internet of Things sparks healthcare cybersecurity concerns, HIMSS16 speaker says

As connectivity continues to expand, cybersecurity should be top of mind for CIOs, CISOs and other hospital executives, according to Eric Miller of Ascension.

medicaldevicehitn_0The Internet of Things is set to explode. Forecasters expect more than 6 billion objects connected to the Internet this year and some expect 50 billion by 2020. But with connectivity comes risk.

For healthcare providers trying to leverage what is emerging as the IoT for healthcare – that growing universe of wearable sensors, networked devices and home monitoring systems deployed to collect medical data and even treat patients – ineffective cybersecurity can have potentially dangerous consequences.

“The Internet of Things is different from the Internet of Things for healthcare in terms of risk,” said Eric Miller, senior director of IT at Ascension Information Services.

Miller pointed to a recent initiative in which white hat hackers working with the Mayo Clinic were easily able to hack into numerous connected medical devices, including an infusion pump that delivers drugs and fluids into patients.

One of the hired hackers, in fact, was able to connect an infusion pump to his computer network and manipulate the dosage remotely.

Miller and Paul Unbehagan, chief architect of Avaya, will discuss technologies that enable the security of connected devices and how providers can recognize and mitigate these cyber security risks during a HIMSS16 session on March 1, 2016.

“Our goal is to show how to reduce the risk from connected medical devices in a manageable way,” Miller added. “There’s a process side to it and a technology side, and we will discuss both,” Miller said.

The session will cover how providers can get a handle on the number and types of Internet of Things for healthcare devices connected to their network; how to apply risk models to device classifications in order to clarify the threat level; how to implement automation to manage the security of the growing number of connected devices; how to evaluate inventory management options against existing technologies; and how to create an implementation plan.

“We want attendees to leave this session with an understanding of how to improve their risk posture for the existing Internet of Things for healthcare as well as the connected devices to come,” he said.

The Internet of Healthcare Things” will be held Tuesday, March 1, from 1 – 2 p.m. PST in the Sands Expo Convention Center Human Nature Theater.