Healthcare data contains highly sensitive information, such as Social Security numbers, patient names, dates of birth, and more, making it extremely valuable to cybercriminals. Consequently, 53% of healthcare organizations say they've experienced a data breach in the past two years, according to a Ponemon Institute report. And the problem is only going to get worse. Infosecurity reported recently that data breaches in the healthcare industry are predicted to triple in volume in the coming year according to new research by Black Book Market Research.
To guard health data, healthcare organizations are constantly on the defensive when it comes to IT security. However, security needs must also be balanced with system performance. "Ensuring that systems perform optimally is critical to delivering care and high levels of patient satisfaction," noted Don Tierney, healthcare chief architect at ServiceNow.
While it can often feel that you have to sacrifice either performance or security — you don't. Here's a look at how IT operations management (ITOM) and security operations solutions can help healthcare organizations balance their systems' security and performance requirements.
Better visibility improves security
Managing IT security is much more challenging when there's little or no visibility into your systems. Ransomware and other threats to information security are also increasing — making it more necessary than ever for healthcare organizations to improve visibility into how traffic moves across their networks.
Automated service mapping, which combines a centralized configuration management database with discovery tools, allows you to quickly and easily map your entire network — giving all IT teams, including security operations and compliance, visibility across the entire network. As a result, teams can see how all services are delivered and when changes occur. Having this level of visibility enables IT to manage security and performance more effectively.
"The same visibility we provide to IT operations can be made available to security operations to manage threats, vulnerabilities, and security incidents," Tierney said. He also pointed out that having this system-wide visibility available to security and operations teams made getting to the root cause of business-service issues faster.
Balance between system performance and security
An increased security posture can often conflict with what's necessary to deliver optimal clinical and business services. Thus, achieving a balance between security and system performance often becomes a challenging juggling act for IT to manage — especially when there are organizational silos.
When new security protocols are implemented, they change the system, which can have a ripple effect and ultimately affect the clinician experience. However, with a centralized platform, both teams can instantly see the business effect of planned changes or outages.
"Ensuring that security and operations are utilizing consistent data so that they have a common view of the service landscape puts both IT operations and security on the same page," Tierney said. He noted that with everything documented and executed on the same platform, it also becomes easier for IT operations and security teams to quickly identify and resolve system-performance issues before they affect clinicians or business users.
For example, IT and security teams often lack the tools to coordinate the deployment of firewall policies. However, when IT operations and security teams share a single platform, they can have accurate visibility into the organization's state of firewalls. What's more, if the ITOM platform they use provides the tools to automate IT change requests, when an audit is required, IT can automate that as well. Thus, further improving accuracy and reducing the time IT has to spend completing the audit and remaining compliant with regulations.
Automate workflows to reduce vulnerabilities and increase performance
An additional benefit of bringing disparate IT teams, such as security and operations, together through a centralized platform is that you can automate important workflows.
For instance, having an IT operations management platform can help IT teams better manage their transport layer security (TLS). Since managing TLS certificate expiration dates is often done manually on spreadsheets, it can be easy to miss upcoming certificate expirations. But, with an ITOM platform, this process can be automated. The platform can discover all TLS certificates and create automated alerts to warn IT operations when a certificate is close to expiring. This not only keeps security protocols up to date, but it also creates a trusted, compliant environment so clinicians and patients safely interact with your website.
For IT operations, similar automated workflows can also be created to provide alerts about other software licenses close to expiring. While the expirations of other software licenses may not cause a security threat, they can affect the user experience if the software suddenly becomes unavailable. Thus, by using an ITOM platform, IT can resolve security and performance issues proactively so that clinicians can provide efficient and effective care to patients while using their EHR and other health IT systems.
Security and performance matter
Healthcare organizations cannot overlook security. In 2019 alone, ransomware attacks on healthcare providers increased 350%, according to research cited in the HIPAA Journal. Yet it's also imperative that the clinician and patient experience remain a priority.
Ultimately, having a centralized platform with complete network visibility enables the operations team to better optimize the architecture of critical business services, reduce costs, and improve reliability. It also gives security teams deeper insight into the organization's security posture and risks so they can better understand the effect changes to the system might introduce and how those may affect security and system performance.