We didn’t find any medical sutures or gauze at HIMSS last week, but there sure was a lot of talk about the future of healthcare IT security. The status of electronic health record (EHR) security as a hot topic is clear, too: patient information is increasingly being moved to electronic form in order for healthcare organizations to increase clinician efficiency and remain compliant, but as we’ve seen in other industries, electronic information is difficult to keep safe. EHR data contains our medical identities, complete with medical histories, address histories, extended family names and histories, and more, making it a prime target for bad actors attempting to steal personal information.

What is the current threat landscape for this EHR data? A recent Accenture survey found approximately 26 percent of Americans have been impacted by a healthcare data breach. To combat the rise in healthcare cyber attacks, health providers are looking to IT for infrastructure and application support that prioritizes data security while continuing to maximize clinician workflow efficiency and drive better patient outcomes.

That’s where VMware NSX comes in. NSX empowers healthcare organizations to secure the infrastructure that EHR systems and other critical care applications live on. This ensures the healthcare information that lives in those applications is protected from the inside of the data center all the way out to the endpoints where its being accessed from. Considering a security breach and exposure of a single patient health record averages $355 per record, with an overall $7.01 million cost to an organization, healthcare companies can’t afford to incur costs associated with security risks.

By providing healthcare IT organizations with increased agility, NSX allows admins to easily adapt networking and security services to support increasingly dynamic clinician workflows, such as the use of mobile and IoT devices at the point of care. This maximizes information accessibility for clinicians and patients and minimizes security gaps.

First comes EHR micro-segmentation.

Although EHR systems allow clinicians to work more efficiently and help connect patients and doctors with information, they are massively complex to deploy and manage. EHR systems often employ hundreds of servers tightly integrated with various applications to run one unified system. This compilation of applications creates a larger, more complex attack surface susceptible to breaches. Because there are often limited controls in place to segment the workloads that make up these applications, once an attacker has access to the network, they can move from workload to workload unchecked until they find valuable data to steal. The solution is to utilize a strategic platform that decreases the attack surface by limiting the amount of east-west communication between the workloads that comprise these applications.

lateralLateral movement of a threat

NSX is the only security solution that tailors network segmentation down to the individual workload or vNIC level by abstracting key networking and security services into the hypervisor. The ability to leverage micro-segmentation gives healthcare IT professionals more insight and control over how applications interact with each other and the infrastructure on which they live. Ultimately, this granular level of control prevents threats that have made it past traditional network perimeter defenses from propagating laterally throughout the data center.


            Micro-segmented environment

So, how can NSX capabilities best support healthcare organizations? Ask Interfaith Medical Center (IMC). They wanted to give their patients access to healthcare information via an online portal to improve patient communication, satisfaction, and turnaround times while also qualifying for Meaningful Use incentive programs. Opening up this information to the internet presented serious security concerns, however. In accordance with the NIST Cybersecurity Framework, IMC decided to micro-segment their environment as much as possible before rolling out their online portal. They deployed NSX in a matter of days and have since qualified for Meaningful Use stages 1 and 2, earning incentive payments to reinvest in new healthcare technology, while ensuring the security of their patient data.

Then comes endpoint security.

With various types of sensitive medical information being exchanged, healthcare organizations are under more pressure than ever to safeguard data. This is where advanced endpoint security comes in. Micro-segment endpoint extension builds off of micro-segmentation, enabling healthcare organizations to secure their digital environments while embracing mobile technology.

NSX harnesses micro-segment endpoint extension to ensure digital access stays secure despite employee workload fluctuations and independent device access. Although a wide range of access points can be great for workplace collaboration, juggling various entry points can pose a huge security threat; more access means more system vulnerability. By isolating each endpoint and giving each device its own perimeter defense, NSX eliminates unverified system access between endpoints and workloads. This model helps contain clinician and patient security without compromising flexibility, considering NSX endpoint security services are designed to adapt to dynamic workloads in a mobile landscape.

Healthcare organizations are already supporting this security trend. Baystate Health wanted to allow their clinicians to work from anywhere on the planet at any time. They decided to roll out virtual desktops across the organization, enabling physicians to access patient information anywhere, from any device, at any time. However, they knew that securing the virtual desktop infrastructure (VDI) was critical to its success. Baystate opted to deploy NSX to secure their VDI and ensure that if a virtual desktop were to be compromised, their data center would be protected. Since rolling out their solutions, there has been “a lot of adoption and excitement among all our users at being able to work whenever and wherever they want”, according to Joel Vengco, CIO at Baystate Health.

In today’s rapidly evolving healthcare threat environment, exceptional agility and optimal security must go hand-in-hand. That’s what makes VMware NSX a healthcare IT organization’s best ally when combatting security attacks. You can read more in this healthcare IT security whitepaper, which provides in-depth cybersecurity strategies leveraging VMware NSX.

And to stay updated on VMware’s capabilities and advancements in healthcare, be sure to follow us on Facebook and Twitter.