Blogs

Securing Applications and Data

For both traditional on-prem solutions and cloud-based solutions, how should organizations act to secure their data and applications?

When talking with IT service providers working in the healthcare space, we’ve found a few concerns repeated:

1. My organization has become heavily security conscious after the malware attacks, but we’re not sure where to focus.
2. Our leadership wants us to adopt cloud infrastructure and platform services, but our security team is preventing that as they are not sure of the security.
3. As our development teams are building products, such as SaaS offerings for clients or other solutions, we are not sure what modern tools work for managing the infrastructure and apps involved.

Collectively, these concerns all engage in the shared idea of security and operations. 

 

 

In the 2^nd quarter of 2016, 88% of all ransomware attacks targeted healthcare entities.  In one high-profile case, Hollywood Presbyterian Medical Center in Los Angeles paid $17, 000 in bitcoin to restore their files. 

So what makes healthcare organizations such an attractive target?  There are several contributing factors.

Generally speaking, companies must weigh the pros and cons of upgrading or updating any system.  It is accepted that physical assets such as machinery or equipment must be maintained at specific intervals.  

Furthermore, the projected end of life date is typically established at the time of purchase.  Equipment kept in use past its projected EOL requires additional maintenance and upkeep and often hampers productivity or increases risk and most companies would not dispute this fact. 

Software systems are no less critical. Software applications and operating systems also have a projected EOL, but often the temptation to extend the service life of these assets is greater than for a piece of equipment that you can touch and feel.