The healthcare industry must take security and privacy seriously. They collect and retain personal health information (PHI) and financial information while providing life-saving medical care. The protection of this information and the networks that manage it is one of the top concerns for IT organizations in the healthcare industry.
SSL/TLS technologies enable hospitals, medical facilities, and healthcare professionals to protect the sensitive personal data. Healthcare-based IT organizations need to leverage encryption technologies in two different ways to protect their IT infrastructure. First, they must protect the data that traverses the networks. Next, they need to protect the network infrastructure that contains and distributes the sensitive data.
Hedy Lamarr was right
In 1941, actress Hedy Lamarr was given a patent describing a method to obfuscate wireless signals. It was designed to prevent the jamming and tracking of radio signals to control torpedoes. This is considered the beginning of wireless encryption and subsequently, network encryption.
SSL/TLS technologies provide the same benefits for network communications that Hedy’s invention did for radio communications (though the actual mechanisms are different). SSL/TLS encryption of the personal data in-flight is essential to maintain the privacy and integrity of the information. The encryption provides security since the data is obfuscated through the use of complex mathematical algorithms that make the decryption of the data extremely hard to do without the appropriate keys or an enormous amount of computing power.
If the data is altered while it is on the network, then the original information is lost since the encryption algorithm will not be able to extract the data from the damaged communication. While the data is lost, the privacy of the information is maintained and it is possible to resend the information across the secured communication path.
Blinding the surveillance
The recent rise of malicious attacks involving ransomware and botnets has exposed the vulnerability of the network infrastructure as well as the data in-flight. If the hackers can gain access to and control the devices that own and transport the data, then the installed security solutions lose their value.
Many of the attacks and threats that expose the network infrastructure are encrypted using SSL/TLS protocols. This burdens the inbound and outbound security solutions with the task of decrypting the communications, inspecting the network traffic, and then re-encrypting the data afterwards. This is a large resource burden that can reduce the performance of these security solutions more than 80%.
Because of this issue, many businesses have decided to bypass the inspection of encrypted content. This means that all of the threats using encryption are entering the network without being properly searched. A viable solution to enable the security solutions to inspect encrypted traffic efficiently is necessary.
The application delivery controller as an SSL/TLS engine
Enter the application delivery controller (ADC). One of the core functions that an ADC provides is high performance SSL/TLS encryption and decryption. This function in conjunction with the core server load balancing (SLB) capabilities make the ADC well-suited to manage the decryption of SSL/TLS traffic for security threats.
Inbound traffic to the facility’s healthcare applications can be decrypted by the ADC, steered to security devices such as web application firewall (WAF), intrusion prevention systems (IPS), and next-generation firewalls (NGFW). Once inspected, the traffic returns to the ADC for re-encryption before being sent to the application servers.
Outbound traffic generated by users within the network infrastructure (employees, contractors, guests) is often encrypted when going to the internet. This communication is one of the primary avenues for ransomware. Phishing attacks have unsuspecting users click on malicious links in emails that compromise their device and other systems in the network. The ADC can act as a forward proxy to transparently decrypt and steer the outbound content to security solutions for proper inspection and potential mitigation.
The use of the ADC as part of the overall security solution enables healthcare organizations to properly protect the sensitive personal data that they maintain. The ADC also protects the network infrastructure from all threats, including the encrypted ones when used in conjunction with other security technologies.
A properly designed network infrastructure using and managing SSL/TLS technologies through the ADC can ensure a safe healthcare network and the privacy of the data it contains. The hackers’ use of encryption is not longer a valid excuse to allow the IT infrastructure to become compromised.
Read “Keep It Simple; Make It Scalable: 6 Characteristics of the Futureproof Load Balancer” to learn more.
Frank Yue is Director of Solution Marketing, Application Delivery for Radware. In this role, he is responsible for evangelizing Radware technologies and products before they come to market. He also writes blogs, produces white papers, and speaks at conferences and events related to application networking technologies.
Mr. Yue has over 20 years of experience building large-scale networks and working with high performance application technologies including deep packet inspection, network security, and application delivery. Prior to joining Radware, Mr. Yue was at F5 Networks, covering their global service provider messaging. He has a degree in Biology from the University of Pennsylvania.
*** This is a Security Bloggers Network syndicated blog from Radware Blog authored by Frank Yue. Read the original post at: https://blog.radware.com/applicationdelivery/2017/12/encryption-double-edged-sword-healthcare-industry/