4 Key Elements to Consider When Searching for an Enterprise Data Security Solution

SecuritySecurity rightfully remains a top concern for tech-side executives and IT personnel, especially given recent trends towards cloud computing and big data. While these applications have created new types of external threats, organizations also need to be aware of the risks posed by insiders. Well-designed data security plans anticipate both scenarios and deliver purpose-built solutions.

It’s normal to be wary when dealing with sales agents who are pushing specific security solutions, as they often have their own agendas. Knowing the right features to look for is the key to breaking past the sales jargon and securing a data protection solution that’s right for the unique needs of an organization.

With that in mind, here are some indispensable tips for finding an effective enterprise data security solution that delivers good value:

Beware of Rock-Bottom Up-Front Costs

Some vendors push security solutions with price tags that seem too good to be true, which they justify by claiming that the solution is relatively light on software needs, allegedly accounting for its low cost. Such offers should be received with skepticism.

When it comes to costs, it’s essential to look beyond the up-front expenditures and into cumulative fees. How much will it cost, in total, to run this security package for a year, or for its expected lifetime? Will it require additional human or IT resources? Does it offer savings potential? If so, how much?

Account for the Risks Posed by Privileged Insiders

No business wants to consider the possibility that many serious security risks originate with its own employees, but this is, unfortunately, the case. Privileged insiders can compromise data knowingly or unknowingly, so it’s essential to find a solution that introduces critical checks and balances.

The best way to keep an eye on the activities of privileged insiders is to implement a security system that tracks local access to critical data. Here are some specific features to look for:

  • The ability to identify attempts of unauthorized users to access local networks
  • Controls that facilitate the blocking of users or activities that may compromise data
  • Dynamic masking features that prevent sensitive information from being distributed outside the network
  • Quarantine capabilities that identify and isolate privileged insiders who knowingly compromise company information

Read the Fine Print

When it comes to license agreements, some vendors will insist that a particular package is unlimited when, in reality, the package carries restrictions. One common example is a security solution with an “unlimited” license that allows IT teams to monitor any number of sources but has strict caps on the number of authorized collectors.

To be sure an unlimited solution is truly what it claims to be, read the fine print and follow up by questioning the vendor about anything that doesn’t seem clear.
Remember: It Only Takes One Attack

Businesses with incomplete security solutions in place shouldn’t delay in taking action. It only takes one attack to create serious complications, and the possibility of suffering costly losses is elevated the longer a business goes without a comprehensive data protection plan.

The professionals at ROI Networks specialize in helping enterprises of all sizes safeguard their data. To learn more about ROI’s advanced suite of enterprise security solutions, please contact us today.

The CMIO: A Profile of Security Leadership in the Healthcare Industry

december-blog-1For organizations working in the healthcare industry, security is — or should be — at or near the top of the priority list. Cyber criminals frequently target healthcare organizations because they have access to a great deal of highly valuable personal information. Public and private sector organizations that fail to implement safeguards are at risk of security breaches, and that, in turn, can lead to potentially irreversible losses in client confidence.

Thus, the role of the Chief Medical Information Officer (CMIO) has taken on added urgency in recent years, as the healthcare industry has made rapid moves towards connected technologies. The role of the CMIO is not well-understood by many lay people. For telecom agents, it’s worth taking the time to understand this role and the responsibility that comes with it in order to build packaged solutions that speak directly to the needs of healthcare organization leaders.

Healthcare Information Security: What a CMIO Does
In most organizations, the CMIO is a licensed physician with specialized training or practical experience in information management and/or technology. His or her core duties typically include:

  • Designing and choosing software technologies used by the organization
  • Ensuring organizational IT systems meet established standards
  • Analyzing and managing health data collected from patients or clients
  • Maintaining quality control standards
  • Improving operations through the judicious management and deployment of data
  • Conducting research using available data and analytics tools
  • Reporting to executives and taking a leadership role in strategic development
  • Training senior staff members in the proper use of IT resources, especially with regard to electronic health and medical records (EHRs/EMRs)

It is important to note that security is not typically part of the CMIO’s list of responsibilities. In some organizations, this can create gaps, as cyber security initiatives are left until the end of the business development cycle rather than being addressed at the outset.

Healthcare Information Security: How the CMIO Role Is Evolving
For a long time, it was standard practice for CMIOs to report to either the Chief Marketing Officer (CMO) or directly to the Chief Executive Officer (CEO). However, a growing number of healthcare organizations are electing to have their CMIOs liaise with their Chief Information Officer (CIO). This reflects the changing nature of the CMIO’s responsibilities, as digital technology is playing an increasing role in healthcare data collection and applications.

As mentioned, security normally does not fall under the CMIO’s portfolio of responsibilities. However, the CMIO is increasingly being expected to partner with the healthcare Chief Information Security Officer (CISO) to build the most effective and robust safeguards possible.

The telecom professionals at ROI Networks offer advanced security solutions for the healthcare industry. To learn more about how ROI Networks can help both public and private sector organizations in the healthcare field improve their cyber security, contact a client services representative today.

The Ongoing Security Crisis in Healthcare

SecurityThe list of healthcare companies that have experienced a breach is growing at an alarming rate, with more continuing to be discovered. Despite the spotlight finally beginning to shine on healthcare security, news stories every week seem to report yet another incident. Here’s a look into why these breaches continue to occur, and what might be done to stop them.

Common Problems

A frequent cause of a breach or data theft is simple error. A patient file is accidentally left out in a public area, a worker steps away from an unsecured computer with patient data left on the screen, or a company laptop in plain sight is stolen from a worker’s vehicle. Applications may not be password protected, or the passwords used by doctors or admin assistants may fail complexity rules and be easily guessed for unbridled access to sensitive data.

Other points of vulnerability are vendor connections to the systems that house healthcare data. In both big box retail and healthcare, breaches have occurred when vendors are linked in but fail to properly protect their own systems or that connectivity.

Other causes are more complex or political. For example, healthcare workers are charged with filling out extensive amounts of paperwork for each patient interaction and test. While the intention is to provide better patient care through communication of all possible details, the result is overburdened nurses who are outnumbered by patients and forms.

Lastly, archaic software systems or components are not up to today’s security standards. Many hospitals do not use modern software due to the expense and effort of implementing changes to systems. This can leave doors open to cybercriminals seeking payment and identity data easily found in patient records.

Solutions

Unfortunately, many workers in the healthcare industry place the entire burden of security on their IT departments. While IT is responsible for ensuring that best practices for application and data protection are implemented, overall security is not a task that can be performed without support from all levels of the company. There must be a partnership between IT and the rest of the organization.

Here are a few easy ways to improve security in healthcare:

  • Security training – Basic principles for physical and technological protection should be covered in annual and new-hire training sessions. Topics should include password strength, ways to easily secure a system or device, and avoiding common hacking or phishing methods.
  • Streamlining processes – So much paperwork is required in patient care. Providing easy, intuitive methods of completing these responsibilities can cut down the time required. Analytics can then be produced from the data collected to further identify how processes for both administration and care may be improved.
  • Control risk – Fully assess vendors who will be connecting to systems, prohibit or limit non-company devices from storing or accessing patient data, and educate the workers who access the systems.

Medical data is incredibly valuable. From the records held by providers, a thief can potentially gain access to credit card information and extensive personal records that facilitate identity theft. Healthcare organizations must do more to protect patients from this growing area of crime. To continue the discussion on healthcare security, contact ROI Networks.

How the Ransomware Crisis Is Impacting Healthcare Data Security

August Blog # 4 (1)A recent string of high-profile cyberattacks is renewing fears of the increasingly coordinated and sophisticated attacks that can be used against healthcare organizations. According to a recent report from IBM’s worldwide security services operations, the healthcare industry broke back into the top five of the most frequently targeted industries in 2015.

A growing number of these attacks have come in the form of ransomware, where malware programs are unknowingly introduced through e-mails and e-mail attachments are used to hold critical data systems hostage.

Businesses Under Siege

Clinical information systems at hospitals, clinics, and treatment centers handle a wealth of personal and confidential data found in electronic health records (EHR), including Social Security numbers, credit card data, and medical history — making them prime targets for a variety of cyberattacks, including ransomware attacks.

One hospital had its clinical information systems shut down for over a week due to a ransomware attack. The cybercriminals behind it held these systems hostage for $3.6 million before settling on $17,000 paid in Bitcoins and restoring access to the hospital’s data. Another health system had its clinical information system shut down due to a virus-based hacking attack, complete with a digital ransom note. It took weeks for officials to restore access to its data.

New Threats, But Little Preparation

The drastic surge in cyber security threats has left healthcare IT leaders throughout the U.S. struggling to keep pace. Unfortunately, the healthcare industry has seemed ill-prepared to combat ransomware and other cyber security threats. Current challenges facing patient care organizations and the healthcare industry in general include:

  • Little to no awareness of the magnitude and intensity of the ransomware problem in U.S. healthcare
  • Minimal investment in data security when compared to other industries
  • Little to no data security strategic planning and an inability to execute strategic plans
  • Insufficient training, expertise, and preparedness among those tasked with data security
  • Insufficient staffing within information security departments
  • Reluctance among C-level executives and boards of directors to directly address ransomware and other cyber security threats

What Can Be Done

In an effort to protect themselves against cyberattacks, a growing number of patient care organizations in the U.S. are hiring chief information security officers (CISOs) to lead anti-cyberattack efforts. However, the effectiveness of the CISO relies on sufficient funding, support personnel, and support at the C-suite and board levels. A lack of buy-in and support from C-level executives and board members can stymie efforts to develop an effective force against ransomware and other cyberattacks.

In addition to guaranteeing funding, staffing, and top-level support, healthcare IT leaders should focus on developing a comprehensive strategic cyber security plan. Such plans should include common-sense security measures, including:

  • Daily backup of core information systems
  • Use of security operations centers (SOCs) and other external services
  • Implementation of role-based access systems
  • Enterprise-wide training of all IS end-users on a regular basis

These efforts to implement a successful data security/cyber security apparatus can help the healthcare sector overcome its vulnerability to ransomware and other malicious attacks.

If your company is dealing with its own cybersecurity issues, ROI Networks can help it move in the right direction. Contact us today for a no-obligation security session.

Healthcare Security Needs a Remedy

August Blog # 2 (1)Nearly every industry has seen a breach occur in the last decade, and healthcare is no exception. Sadly, the frequency of healthcare-related identity theft and fraud has increased exponentially in just the past few years. Security is a critical issue at this point — and one that does not yet have a clear solution.

 

Threats

The tricks used by cybercriminals to hack into retail and financial businesses are the same used to target healthcare companies. Theft of computer equipment, social engineering and phishing attempts to obtain login credentials, and virus and malware exposure are just a few of the ways that hackers gain access to healthcare data. Ransomware is the newest tool, where a piece of software shuts down access to the system or PC and demands a fee to unlock it again.

The methods may vary but the goal is the same: Obtain sensitive information that can be used for financial gain. Social security numbers and private health information are easily used in identity theft attempts to acquire loans, credit cards, or other assets in the name of the patient. The victims suffer severely from this crime, and it can take months or years to recover from the financial devastation.

Lack of Focus

Security has not been enough of a topic of discussion in healthcare to date. Well known organizations that recognize healthcare providers and facilities for excellence do not extend that to healthcare security companies at this time. Great importance is placed on stability and uptime rather than on locking down data and reducing risk exposure.

The Industry Problem

Managed service providers that specialize in security encounter major complexity when trying to extend their offerings to the healthcare realm. Many of the systems involved in healthcare are antiquated legacy systems that should have expired long ago, yet are still up and running due to the cost of updating the technology.

In addition, so many layers exist that securing every end point is a serious effort:

  • Payers – Insurance companies, Medicare, etc.
  • Providers – Doctors, hospitals, surgeons
  • Billing service providers – All healthcare services are billed to an individual or an insurance company/government entity for payment
  • Software – EHR systems, supply chain software, patient registration systems, and more
  • Personnel – Not all computer users are experienced or properly trained on how to handle security issues

While diagnosis and treatment tools have leapt light years in the past decade, the applications used for patient management have not followed this trend. Many practices are resistant to change, and as a result will use unsecured applications or fail to prevent less technical breach attempts.

Immediate Solutions

IT departments must work hard to educate ALL personnel about privacy laws and the methods that criminals use to gain intel. Employees should be granted only the minimum level of system access needed for their job responsibilities. Network access points must be secure. Typical best practices for remote access, encryption, and storage should be followed.

Healthcare security is a problem that is growing quickly, and treatment is desperately needed. For more discussion on securing patient data in smart, effective ways, contact ROI Networks today.

VoIP Security: The Layered Approach

ROI June blog 4Security is a top concern for Voice over Internet Protocol (VoIP) users, and given the rapid rate of change in the technology industry, it’s essential to constantly revisit and update best practices. One strategy that has proven to be effective is the “layered” approach to VoIP security, in which systems are safeguarded at multiple levels.

In this approach, VoIP security is structured much like an onion. Each security layer functions like a “ring,” and a combination of approaches are used to significantly reduce security hazards.

Elements of Layered VoIP Security 

Most layered approaches to VoIP security incorporate multiple types of protection, including firewalls, data encryption, and user authentication. These are supplemented with physical and virtual tools, including:

  • The separation of virtual local area networks (VLANs)
  • Traffic analysis and real-time monitoring tools
  • Physical security built into the system’s infrastructure

These safeguards are implemented across three primary security layers, spanning networks, transport, and applications.

Network Layer Security

The outermost layer in the “onion” model is the network layer, where inbound and outbound traffic travels. Attacks that target the network layer can result in significant quality of service losses, or even outright denials of service.

At the network level, VLANs and firewalls are effective at preventing cyber attacks. Keeping firewall protections enabled at all times and regularly installing system updates are the keys to protecting the network layer.

Transport Layer Security 

Most VoIP models use a technique known as Session Initiation Protocol (SIP) trunking to relay incoming voice data to specific end users via the transport layer. If the transport layer is attacked, the number of available user connections may be significantly decreased, or denial of service can result.

Data encryption and traffic monitoring both protect the transport layer. Encryption shields the incoming and outgoing voice packets that are carried across the transport layer, and traffic analysis can quickly detect unauthorized or malignant activity and alert the IT team to the problem.

Application Layer Security 

All VoIP services are supported by software that requires its own unique set of protections. This innermost layer of security can prevent problems like:

  • Unauthorized calls
  • Call interruption and interception
  • Eavesdropping
  • Quality of service losses

User authentication is essential when it comes to protecting the application layer, and like the transport layer, it can also be safeguarded through traffic analysis monitoring. Require users to create strong alphanumeric passwords and to regularly change their passwords to help keep intruders at bay.

To learn more about VoIP security or to arrange a no-obligation consultation, contact the telecommunications professionals at ROI Networks.

Locking Down WLAN

blog 1Security is the key word when it comes to company networks. Wireless networks are often at higher risk of breach than their wired counterparts, so added measures are typically required to defend them properly. Following are some best practices for defending the organization’s Wireless Local Area Network (WLAN) that go above and beyond data encryption and multi-factor authentication.

Separate Networking

Creating a guest network that doesn’t intermingle with business applications is a smart, easy way to protect assets. There are few reasons that a visitor would require access to the core network, and those can be addressed on an as-needed basis. For all others, simple access to the Internet is completely adequate.

Router Security

When choosing configuration settings for the WLAN, the IT team should use WiFi Protected Access (WPA2) Personal or Enterprise versions for optimal protection. WPA2 Enterprise is preferred over the Personal option because of its advanced authentication settings. Be sure that the physical hardware is secured in some way. Many devices are designed in such a way that they can actually be locked down after they are mounted to prevent theft.

Signal Boundaries

A potential danger on a WLAN is an intruder hopping onto the WiFi from outside of the building or attempting to interrupt services. The WiFi should be strong enough for employees to efficiently perform work functions, but ideally should not extend past the boundaries of the building or the risk of unauthorized use or disruption increases significantly. Special termination equipment can be used to contain the signal within the four walls of the facility.

Management Tools

In today’s world of bring your own device (BYOD) programs, managing the myriad of connections and users accessing the company network is a challenge. The company enjoys the cost savings of not having to provide mobile equipment, but must also handle the complication of securing employees’ personal devices.

Mobile Device and WLAN management tools are essential to the organization’s security program. These applications can detect intrusion, unauthorized access points, or rogue users attempting to break into the network. Devices can be decommissioned quickly and easily in case of theft or compromise. Intrusion prevention will help protect against floods and spoofing efforts.

Proper Planning for Legacy Devices

Higher cost equipment like printers and scanners aren’t always feasible to replace when more modern functionality is introduced to the market. In cases of older durable devices such as these, there may be an element of backward compatibility with the WLAN that must be accommodated. Segregating these connections onto a separate network that does not interact with company data will help manage this situation effectively.

Effective WLAN management is crucial to the security of company applications and data. Creating a comprehensive wireless strategy that encompasses all of the above points is a sound start to defending the organization’s network. To discuss other ways to protect company technical assets, contact us today.

Staying on Top of Cloud Security

ROI April blog 1The past several years have seen a massive shift from traditional on-premise services and hardware to cloud-based solutions of all shapes and sizes. With that shift came hackers and pirates looking for easy ways to steal data. Considering that IT spending on cloud is expected to consume a company’s entire technology budget within the next few years, it’s important that IT managers learn how to protect against breaches. Constructing and implementing a comprehensive security plan is absolutely essential before deploying cloud solutions.

Choose the Right Partnerships

A cloud-based solution is only as good as the vendor’s security provisions. Using a provider that doesn’t also supply a robust security system is likely to cause trouble in the future. Select a partner with a sterling reputation and a full suite of security tools. One trend that has resulted from the need for security in the cloud is the use of data security warehouses that specialize in sensitive data management.

Read the Fine Print

Before choosing a cloud vendor, be sure to understand their methods of storage and management. In addition, read contracts very carefully and look for any unclear terms. Verify who holds the burden in the case of a security incident, as these can quickly bankrupt a business. Contracts aren’t exciting to read, but they certainly do result in chaos if they’re not what they seemed to be. It may be beneficial to pay for legal review before signing on the dotted line.

Passwords

Passwords are a basic element of security, and strong passwords can prevent a breach more effectively than most other security tools. Enforce rules for password complexity that require use of special characters, numbers, and capital and lowercase letters. Preventing the use of previously saved passwords or common dictionary words is essential. The company’s authentication/authorization system may utilize a library of easily cracked passwords to prevent their use.

Encryption

No matter where data resides, it should be encrypted. This is especially true when it is housed in the cloud. Whether at rest or in motion, encryption should be used to provide additional protection. Employ the most current encryption standards as older versions may expose vulnerabilities, and be prepared to update the company’s encryption as technology evolves.

The cloud is a powerful business tool, but is one that must be used sensibly and with security as a top priority. A company must construct and consistently enforce a security program that actively defends against new threats. Doing so can save billions in breach recovery costs as well as preserve future revenue. To learn how ROI Networks helps businesses stay on top of cloud security, contact us today.

[Infographic] Finding Holes: The State of Business IT Security

When it comes to the story of IT security, is it possible to have a happy ending? Here’s how a business can find gaps and strengthen its business network so it doesn’t become the next cautionary tale.

Infographic-Finding-Holes-The-State-of-Business-IT-Security

Click below to embed the above image into your website

Security and the Software Defined Network

shutterstock_275504303With everything and everyone connected through today’s technology, security has never been more important. As the demand on networks continues to grow, technical teams scramble to manage traffic efficiently while protecting the network. Software-defined networking (SDN) is becoming an attractive solution for this issue. However, the switch to SDN isn’t always supported by all of the necessary personnel.

Resistance

Enterprise servers and networks are intentionally complex and require support packages from the original equipment manufacturer (OEM). Vendors try to capitalize on the growing trend toward SDN by offering SDN management services. This is actually contrary to the concept of SDN, which is meant to enhance company control and minimize the need for external intervention. Programmable switches are part of SDN, and the network can be configured easily to best support load and security needs.

With SDN, the burden of network management shifts from a vendor-supplied solution to the company’s internal IT resources. Such a change can be highly political and strain the IT team. In addition, IT employees may experience challenges when learning how to program and optimize the SDN. The transition can certainly be rocky and lower the perceived value of the shift.

Overcoming Objections

A possible compromise is to create an easily attainable method for controlling the network via simple interface. The need for an SDN expert would then be localized to one-time implementation of the system. The ease of network management would allow the technical team to focus their efforts elsewhere, which could result in better service, improved speed, or more frequent release of new technical products or updates. While this approach would minimize costs and regain favor for SDN, it may require long term effort to change the mindset of IT.

Security

More companies are considering open source software for all areas. Recent publicized breaches, however, have involved open source products, leading to distrust of its general nature and the misconception that it is not a secure format. Open source code can be audited by a wide variety of detail-oriented developers who are likely to identify and fix vulnerabilities before any breach occurs. While the potential for security holes is a given for any software, constant code review of open source products minimizes the likelihood of deliberate attacks.

SDN has a distinct advantage over traditional enterprise networks in managing security issues. Operators are able to lock down problematic areas, scale the network easily, and apply the most up-to-date protection if intrusion or malfeasance is detected.

Control

Another benefit of SDN is that the company is no longer subject to hardware or software vendor whims. The entire system is completely controllable. Any type of software can be confidently used and operators are able to audit and edit the software on the system if needed. Access and visibility are totally configurable, allowing the right people the right access at the right time.

SDN is a boon to those in charge of enterprise systems. Its power, flexibility, and highly configurable nature relieve the burden on network managers. Security is improved due to the relative ease and speed of shutting down trouble spots. While human obstacles may present a temporary roadblock in the attempt to shift to SDN, the benefits of the transition cannot be ignored.