Although security is never a one-size-fits-all approach, there are still trends in the healthcare industry that administrators need to be made aware of. Specifically, with recent cyberattacks making headlines across the United States, most corporate information technology (IT) groups are on heightened alert toward unmanaged equipment on their networks. Working on hardening the lines of defense around key intellectual property – such as health data and patient records – has become a main topic of conversation for healthcare facilities around the nation.
The internet of things (IoT) has brought many changes to the large quantity of IP-based physical security devices in use today. IP cameras, access control, emergency call stations and more can pose new and profound risks for many organizations. If left unmanaged, unpatched servers, default passwords, etc. can become threatening and open the door to multiple forms of cyberattacks and internet takeover. This creates a volatile mixture for healthcare facilities who pride themselves on maintaining public trust and business continuity.
IP CAMERAS, ACCESS CONTROL, EMERGENCY CALL STATIONS AND MORE CAN POSE NEW AND PROFOUND RISKS FOR MANY ORGANIZATIONS.
Healthcare facilities look for powerful solutions to protect patient and staff members. Specifically, Title II: HIPAA Administrative Simplification requires healthcare organizations to implement secure electronic access to health data and to remain in compliance with privacy regulations set by the U.S Department of Health and Human Services. Another regulation that requires compliance is Payment Card Industry Data Security Standard (PCI DSS), which was designed to reduce fraud-related costs regarding a loss of card data. These regulations ensure healthcare facilities adhere to strict rules when it comes to the management of all data. Many larger healthcare companies want to have control of their cyber environments – IoT devices and physical security devices – so there are fewer open risks.
Years ago, physical security and logical security were two separate entities and integrating both onto one secure infrastructure had plagued healthcare facilities. However, with the growth of today’s cybersecurity landscape, the IT world has focused on combining these networks at its highest level to stay steps ahead of cyberattacks that continue to plague many organizations. The disparity that exists between physical and logical security is the lack of visibility between the two infrastructures.
STANLEY IntelAssureTM, Powered by Viakoo, is an automated service assurance solution that proactively manages these security systems to help prevent cyberbreaches and provides healthcare IT organizations the bandwidth they need to handle unexpected cybersecurity issues. Specifically, IP cameras – which healthcare facilities, large and small invest in heavily – have been of considerable concern. When an incident occurs that requires video evidence, event footage is the first to be viewed. However, it is estimated that between 20 and 30 percent of total IP cameras worldwide aren’t recording because of complex security issues.
For video to transfer from the camera to the recording disk, it travels through an intricate network that involves multiple pieces, including a switch, memory card, Video Management Software (VMS), storage card and more. With such an intricate path of movement, it is common for these networks to experience system downtime unbeknownst to healthcare facilities and their IT departments.
When this happens, healthcare facilities are in the position of being reactive to system downtimes. With a lack of a system-wide analysis solution – that can detect if a video stream made it from the camera to the recorded disk – the realization comes only after a security incident happens and video evidence is missing. STANLEY IntelAssure detects and tracks issues across IP security infrastructure and presents both problems and solutions through an interactive dashboard. With these advanced analytics, organizations have instant visibility of failures, potential failures and vulnerabilities for a proactive (instead of reactive) solution.
Traditionally, integrators would be notified first to alert the IT department of any ensuing problems. In doing so, this lapse in the process would cost the company time and money: delaying the IT department’s immediacy in updating the firmware or devising a resolution. Studies show that 60 to 70 percent of all IP camera issues can be resolved remotely through remediation steps instead of having to dispatch an agent to research the problem. Automated detection solutions that alert System Administrators to issues and provide recommendations on how to resolve issues can help maximize system uptime to 99 percent, while eliminating time and labor costs associated with diagnostics.
Due to the system’s complexity and amount of IP cameras deployed in healthcare facilities, managed services has become increasingly popular. When an issue or potential matter arises, and the integrator manages the platform directly, they will instantly receive a dashboard report, open a ticket, resolve the issue and close it up. This allows for healthcare facilities to focus on other aspects of their business, while the integrators are in constant knowledge of any potential downtimes and can ensure that any recorded information from the camera makes it on to a disk and is available in the event of an investigation activity.
It is important for healthcare facilities to have continuously streaming video from their IP cameras. In most – if not all – cases of missing video, healthcare facilities are unaware that a downtime has occurred. In addition to video surveillance, these types of systems also address cyber hygiene and audit compliance needs, making it an end-to-end diagnostic software solution for physical security systems.