03 April 2024

Jason Mafera, IGEL field CTO, Healthcare

Cybersecurity is a top concern among healthcare professionals, notably CFOs, many of whom have experienced the disruptive and costly effects of a breach. A survey conducted by the UK’s Healthcare Financial Management Association (HFMA) found that 55% of healthcare providers list cybersecurity as their top investment priority for 2024.

Vulnerability management, data security and threat detection were cited as areas of prime interest. These three areas tie back to the proliferation of endpoint devices which clinical staff now use every day. While firewalls, network monitoring and other security practices are imperative, it pays to give more thought to endpoint computing itself given this directly impacts a NHS Trust’s overall level of security.

Prevention at the endpoint
As cyber threats escalate, a preventative approach to better security at the endpoint can reap positive results in not only operational outcomes but better adherence to data privacy and compliance regulations. The best risk mitigation, or prevention, at the endpoint requires lessening device risk factors, using the cloud for secure storage, employing a secure OS, efficient and centralised endpoint management, and communication with end users - all elements which will improve your overall security posture.

Cloud storage and access can reduce risk
Healthcare staff and clinicians often work at several hospital locations or in different departments on any given day. They can use mobile devices that may not meet best security practices. Additionally, staff may access a number of applications and desktops. Moving applications to the cloud is a solution to further minimise the risk of an individual introducing malware or ransomware into a trust’s network as they travel around locations and use different devices. Staff can retrieve applications and virtual desktops as authorised. It also allows for centralised management, patching and recovery and cloud-based updates.

When accessing workloads via the cloud, healthcare professionals can use a single sign-on (SSO) identity provider (IDP). Single sign-on improves productivity by enabling people to easily access their desktops and applications regardless of hardware like mobile carts or nurse workstations. It is gaining popularity among healthcare users who have patient workloads that require the most efficient use of time and do not want the inconvenience of continually entering passwords as they work throughout the day.

A secure OS is imperative
Moving to more secure endpoint computing requires an operating system that supports Zero Trust methodologies and integrations, eliminates local data storage, is read only, and encrypted. Zero Trust, as defined by the National Institute of Standard and Technology, “is the term for an evolving set of cybersecurity paradigms that move defenses from static, network-based perimeters to focus on users, assets, and resources. Zero Trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location (i.e., local area networks versus the internet) or based on asset ownership (enterprise or personally owned).”

Security practices like single sign-on and multi-factor authentication (MFA) are needed to support Zero Trust principals. Zero Trust is in part a response to the BYOD era and is gaining prominence as more and more organisations are looking for ways to support productivity while lessening the risk of cyberthreats gaining successful access to the network or data. The number of workflows in healthcare will remain complex and varied. Protection measures like Zero Trust at the endpoint provides a framework to tighten security.

In addition to fully embracing Zero Trust, NHS Trusts need an endpoint OS that can support various VDI, DaaS and SaaS environments. Using an OS with this varied capability is an economical choice.

Centralised management and staff communication is key
“A single pane of glass” is a commonly heard phrase in the IT world. In an NHS Trust setting, it is relevant in that it refers to the need to centralise management of your endpoint OS and cloud computing storage and workloads to achieve efficiency and cost controls. Centralised management can support multiple hosted services and applications, relieving the burden of IT staff and requiring fewer resources to manage the endpoint infrastructure.

We know that phishing, social engineering and other cyberattacks are successful because the individual user opened a virus-laden link or clicked on a dangerous website. Internal communications to educate healthcare staff about the constant dangers of cyberthreats must be part of an overall security improvement and threat prevention strategy. Increasing communication with staff is an essential element to achieve this. Avoiding penalties, data breaches and lack of patient trust – all lead back to the individual at the endpoint.

Prevention is doable
Besides adhering to more stringent cybersecurity and privacy regulations, preventing ransomware and data breaches is central to a well-managed healthcare system. By using the cloud for storage and access, organisations can eliminate some of the risks that can occur at the endpoint. Additionally, tools like single sign-on and MFA, to support Zero Trust, are essential to controlling access to data and applications.

Lastly, security is now everyone’s responsibility. Keeping staff engaged in the best security practices helps to ensure healthcare can focus on patient outcomes and avoid disruption in providing services.