http://healthitsecurity.com/2014/05/27/how-it-security-experts-handle-healthcare-network-access/
By Patrick Ouellette
Health IT Security
May 27, 2014
Healthcare network security has become more complicated over the years
because of the explosion of mobile device connectivity. And because it’s
so difficult for healthcare organizations to have a firm grasp on where
their perimeters begin and end, they must look for new ways to ensure
networks are secure both internally and externally.
Panelists who took part in a talk titled “Data Security in the Cloud:
Leveraging the Low-Cost Advantages while Managing Risk” at the recent iHT2
conference in Boston discussed how they perceive healthcare network
security and access controls. John Meyers, PhD, Assistant Professor of
Medicine and Director of Technology, Department of Medicine, Boston
University Medical Center, sparked the talk by explaining how there’s
occasionally there’s going to be some protected health (PHI) out there
that shouldn’t be. But if an organization limits the number of users who
have access to the data, it can help mitigate those risks.
David Reis, PhD, CISO, VP of IT Governance, PMO and Security at Lahey
Health explained how Lahey essentially stopped trusting its inside network
two years ago in the same way it doesn’t trust everyone externally. When
asked what this change in trust measures meant, Reis said there were a few
different considerations involved, starting with no longer trusting
internal users.
[...]
--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/
