Why well connected means well protected in health and social care
By Martin McFadyen - Head of Public Sector, Virgin Media Business
The pandemic put a lot of pressure on an already strained healthcare system.
There was an urgent need for extra resources and different work practices. Covid-19 exposed and highlighted weaknesses and accelerated the need for progress.
In a sector where patient data must be protected at all costs, how do you maintain cybersecurity at a time of radical change and upheaval?
The answer is less daunting than you might think.
69% of healthcare organisations feel remote working and its security challenges were actually their biggest worry during the pandemic. 33% believe they need more help in understanding their technology needs.
With the health industry being targeted more by cyber criminals than any other , these concerns are understandable.
Outmoded legacy infrastructure is one of the key barriers to much-needed digital transformation.
Staff are using all kinds of devices from numerous different locations. Software is not being regularly upgraded and the complex exchange of sensitive data relies on multiple and disparate IT systems.
Often providers are ‘doing their own thing’, so interoperability is not as good as it could be.
Things can – and should – be very different, however.
Connectivity and security are one and the same
The vast majority of security issues are caused by simple human error and are preventable. Not with complex, costly counter measures but through basic cyber hygiene and best practices. Simply remembering to update anti-malware, for example, is a really important defence measure.
You also need to consider a zero trust approach, which is pretty much exactly as it sounds: nobody is trusted until your security platform can determine otherwise.
Whether someone is logging in from a café, their kitchen or your head office, they’re treated exactly the same way. So your devices, data and apps have the same level of protection wherever they happen to be.
When you take a zero-trust approach you are only allowing someone access to that one specific application in that particular moment.
So even if an attacker does get in, they will only have access to that one application.
It’s still not an ideal situation, but it’s far more contained and controlled than the traditional scenario where the attacker would have had access to your entire network and everything that runs on it.
The fundamental point to remember is that connectivity and protection are two sides of the same coin. Security has to be deeply rooted in your infrastructure and not seen as a separate entity.
In a world where applications can be spread all over the internet, you need a cloud-based security model that lets you control and configure all your security from a single software platform, such as SASE [Secure Access Service Edge].
With this model, you’ve got a centralised view of your network, enabling you to identify users, devices and endpoints, and you can securely connect them to the apps and data they need.
Risk aversion can be risky
Another important dimension to your security and protection is culture.
A risk-averse culture within the sector is perhaps understandable given what's at stake. But it does present a barrier to digital transformation and safe progress.
Given the widespread concerns about cybersecurity, some might feel that it would be better to leave legacy technology and current measures as they are rather than risking exposure through upheaval and the introduction of untried, unfamiliar solutions.
By supporting, training and empowering staff and by introducing intuitive, embedded security,you can replace this risk-aversion with confidence – and competence – using the latest and best methods.
You can smoothly integrate protection into clinical workflow as needed.
Make the cloud your base
To protect both your organisation and workforce you need the best possible foundations: a stable, secure and reliable cloud-based network.
This will enable everyone to communicate and collaborate wherever they are and support the tools and apps they need. It will also support the cutting edge security technology required, placing minimal demands on in-house IT expertise.
By adopting a cloud-based approach there's a much greater degree of separation between remote workers and your vital network.
The technology and apps your people need are hosted in the cloud. If there is a security issue it won’t necessarily be in the heart of your system.
The risk – and potential damage – is contained.
Want to learn more about how protection and next-generation security can be built into your connectivity from day one?