As major trends in corporate computing such as the Internet of Things, enterprise mobility, big data and telecommuting continue to intensify, security professionals have increasingly urged leaders to understand the importance of enhanced access control. Up until this point, simple passwords have been the most common means of authenticating users and allowing individuals to use and share sensitive corporate information through a range of platforms, websites and devices.
However, the effectiveness of passwords has been constantly called into question - and for good reason, as they are inefficient, easy to break and rarely managed properly by businesses or their staff members. Password dumps have taken place with some regularity, in which hackers break into databases that store the access-related information and sell it to the highest bidder on the black market, allowing this bidder to intrude on corporate systems shortly thereafter.
The IT security conversation is no doubt complex, transcending just one topic such as passwords, but the most transformative trends have indeed forced the issue on business leaders. In health care, more advanced and progressive approaches to access management and control need to be released soon, as telemedicine, mobility, electronic health record systems and other common initiatives will present immense complexities when antiquated authentication procedures are still in place.
Access the right way
Healthcare IT News recently reported that the mass digitization of patient information has directly provoked a more ominous security situation among medical firms, and one that has not appeared to be handled properly quite yet. EHR systems, as well as the advanced technologies that are interacting with these databases, are still commonly protected by passwords and very little else, leading to a wealth of problems in practice for those staff members tasked with maintaining adequate protection.
According to the news provider, hospitals and other health care organizations do not need to necessary throw out their password programs and standards, but do have to come up with additional fortifications that will provide more consistent and sustainable protection against breach. Authentication tools, including those that leverage biometrics to manage access, can be highly effective, and often present more efficient alternatives to traditional controls, for example.
The source pointed out that federal regulators and law enforcement officials have started to up the ante when it comes to patient data protection, which means that a failure to better protect systems can quickly yield fines and other penalties for health care firms. Healthcare IT News argued that multi-factor authentication might represent the best path forward for this industry, as this approach tends to be far more effective than simple passwords, and can be used in a supplementary fashion alongside current controls.
Other fortifications of note
The very same trends and challenges that have placed the onus on access management and identity control have direct implications for general IT security as well. For example, the spread of the IoT and enterprise mobility is making it clear that companies need agile, modernized infrastructure to make information accessible for a wider range of users without defying the standards of regulatory compliance.
In this situation, a secure cloud might be the best option for a medical firm to have its cake and eat it too, as the technology will yield more fluid access capabilities to stored information while being managed by a team of experienced professionals. Similarly, leveragingemail encryption tools can work to ensure that the data contained within this popular communication medium can only be seen by validated and authenticated users.
At the end of the day, health care providers and businesses ought to be focused on comprehensively modernizing their approaches to security as soon as possible.
Comments (0)