A new generation of internet applications is making it easier for healthcare organisations to tap into the power of the internet to lower costs and improve productivity.
These applications provide useful tools for research, communication, and sharing information with hospitals, clinics, doctors, patients, and more.
in addition, employees themselves are also accessing internet applications for personal use – such as social networking, email, and file transfer. In contrast to the productivity applications, these personal applications can create serious security risks, and result in lower employee productivity.
One reason for these trends is the ever-increasing number of internet applications available – often at zero cost. A second reason is that more and more employees have become “internet-dependent”, and they feel unlimited Internet freedom and access to these applications is their right.
So it is not surprising that in many corporate networks today, most of the network traffic originates from the internet.
This creates three important network security challenges for healthcare organisations:
- The need for clear, enforceable policies on the use of Internet applications
- The need to prevent internet threats and attacks from entering the corporate network
- The need to prevent sensitive and confidential data from leaving the organisation
These three challenges are confronting IT departments in virtually all businesses today. And IT departments have tried to address these challenges by spending a lot of money on security equipment intended to control access to the internet and prevent unwanted traffic from entering the network.
Unfortunately, traditional security technologies were never designed to address this unprecedented dominance of internet applications, traffic, and usage by employees. As a result, IT has slowly lost control of the network, while employees have slowly gained control of the network.
To effectively solve this problem and enable IT to regain control of the network, we must first recognise the fact that all internet personal and productivity applications carry some level of risk and reward. In nearly all cases, the ideal solution is to control each application in such a way that IT can minimise the risks and maximise the rewards.
Sounds easy enough, but how can that be done? The ‘allow or deny’ approach was initially considered but this is far too draconian, not to mention ineffective, as users find ways around any denial of access.
The answer is by implementing a new generation of innovative security technologies that have been specifically designed to help IT address the three challenges mentioned above. More specifically, these technologies provide complete visibility and control over all of the specific applications, users, and content flowing across the network. This allows IT departments to create and implement security policies that balance risks and rewards, and still give employees the Internet freedom they want.
Let’s take Facebook, for example. Currently used by more than 400 million people worldwide, Facebook is also becoming very popular on corporate networks as a business productivity tool. For example, some health care organisations have a Facebook site where they can more easily communicate with their patients, and keep them informed of new services and care options.
However, many of the applications available on Facebook are also the target of threats that have the potential of creating havoc if they enter the corporate network.
So how can IT minimise the risks and maximise the rewards of Facebook in this scenario? As mentioned above, the answer starts with visibility and control. With the right security technologies in place, IT has the power to “turn off” access to the Facebook applications that carry threats (such as the Instant Messenger, or chat, function), while safely enabling the main Facebook site. Even better, IT has the ability to limit Facebook access to only those employees involved in using the application as a productivity tool.
This level of visibility and control helps IT address the first of the three challenges listed above. But what about the other two? This same visibility and control can enable IT to scan incoming internet traffic to ensure spyware, malware, and other threats are eliminated from all approved internet applications. And IT can also scan traffic leaving the network to help minimise the risk of loss of confidential data – such as credit cards numbers or patient record numbers, etc. – that may be transmitted through other internet applications.
It is vitally important for all healthcare organisations to have a security infrastructure in place that allows them to determine their own unique risk/reward tolerance, then safely enable the internet applications that are important, while also providing employees with a level of internet freedom that will not compromise the security of the business.
Palo Alto Networks