SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Breach Prevention
#
Cybersecurity
#
Edge Security
Does your healthcare organisation need a security health check?
Thu, 1st Jun 2017
FYI, this story is more than a year old
Author image
By Sara Barker, Copywriter and Senior News Editor
Follow us

Healthcare providers store some of the most critical data in the world, making them attractive targets for cyber criminals - especially when cloud computing is starting to transform the sector. Cloud security strategies have never been more important to prevent damaging and embarrassing data loss, according to Palo Alto Networks.

“Healthcare providers want to focus on treating patients. A cloud computing approach means they don't have to worry about data center which is much more cost effective. But as cloud computing takes off in healthcare, a carefully-architected data security strategy is imperative to ensure data stays safe," comments Ian Raper, Palo Alto Networks' regional ANZ VP.

The company says there are three reasons why healthcare providers need to prioritise cloud security:

1. Cyber adversaries are still after healthcare data

Profit-motivated cyber adversaries target healthcare data by using malware to steal data and then sell it to someone who will use it to commit identity theft and insurance fraud; or by using ransomware to encrypt healthcare data and unlock it only after a ransom is paid.

Cyber adversaries are well aware that healthcare data is moving to the cloud, and will continue to target that data in a cloud environment. 2. Security is better in the cloud if providers take the time to plan it out In the rush to move healthcare records to the cloud, there's often an assumption that security comes automatically. Security can be more straightforward to implement in the cloud but it is still only as good as you make it.

“Cloud hosting providers make it easier to manage virtual servers and network infrastructure at the platform level, but healthcare providers shouldn't make the mistake of developing a false sense of cloud security. They still need to deploy and manage advanced anti-malware to their endpoints," Raper comments. 3. A unique opportunity to remedy lingering security issues

Healthcare providers often use legacy applications, which can create significant vulnerabilities. Cloud hosting providers offer capabilities that can make it easier to manage the security of the underlying data within high-risk applications.

“As healthcare providers migrate their applications to the cloud, they can, at a moment's notice, spin up the required virtual servers, and be protected behind a new instantiation of a virtual next-generation firewall," Raper adds.

Migrating applications to the cloud can often present a unique opportunity to evaluate and improve each application's overall security. For example, healthcare providers could:

  • upgrade the application to the latest release
  • deploy the application in a tightly-controlled virtual network segment
  • introduce network-level threat prevention
  • enforce stronger controls on underlying databases
  • eliminate all existing server-level vulnerabilities prior to cutover

One of the most powerful features of the cloud is that it makes bleeding-edge security infrastructure available to healthcare organisations of all sizes.

“Even smaller clinical networks can stand up and deploy enterprise-class, application environments with a small IT team. However, they mustn't fall into the trap of thinking that all they need to do is move an application to the cloud and security will come automatically. With careful planning, they can take advantage of the cost-savings and extensibility that the cloud offers, but they also need to ensure that the right security architecture is in place to keep their patient data safe," Raper concludes.

Related stories
Illumio unveils AI enhancements for faster Zero Trust Segmentation adoption
RiverSafe teams up with Cribl to boost IT & data security services
Half of online traffic in 2024 generated by bots, report finds
Cisco launches Hypershield for AI-driven security upgrade
Axis unveils hybrid cloud platform for adaptable security solutions
Top stories
Fortinet recognised as Challenger in Gartner's 2024 Magic Quadrant for SSE
Coalition integrates cyber risk platform with top cloud services providers
Secolve & Asimily join forces to boost Australia's IoT security
Armis warns of major cyber-attack risk to 2024 global elections
i-PRO to support Genetec SaaS with new AI-enabled camera models