Modernizing Health Care Security with SASE

Since 2013 and the most recent set of updates to the Health Insurance Portability and Accountability Act (HIPAA), U.S. health care providers have been adopting technologies faster than at any point in the preceding decades. In particular, information security and risk management tools have been a part of nearly every compliance investment that providers have undertaken. Compliance, however, is just a baseline against which to measure minimums, and is never a suitable substitute for what many would consider best practices in privacy and data security; in other words, it sets out rules for what you must do versus what would be a wise investment to make above and beyond compliance alone. Over the years, as ransomware and other threat tactics became more prevalent, investments in data security and processes grew in tandem. More recently, the COVID-19 pandemic accelerated these investments considerably. This has led to the understandable adoption of nascent technologies that are, however, being deployed across legacy architectures in a suboptimal manner that reduces (or eliminates entirely) the potential realized value.

Modernize Health Care Security with SASE

What is needed to ensure long-term stability is a modern security architecture that has the flexibility to balance and manage risk, give greater visibility into the dynamics of health systems’ new digital footprints and support the ability to both detect and respond to risk in real-time. Notably, if the selection and adoption of these capabilities are made without a thoughtful plan and clear design for integration, there is potential for unnecessary exposure to risk. This is compounded by the fact that, as the rate of digital transformation continues to accelerate, so too will the threat landscape, exploiting and monetizing weaknesses in health systems’ architecture, technology and processes. Fortunately, a secure access service edge (SASE) security architecture approach can provide a scalable solution that will help address these issues. 

Measuring and managing the risk profile of devices that handle highly sensitive data is complicated because health care environments are very dynamic. Risk posture constantly changes as health care providers, patients, devices and the applications each connect with are often in flux. To manage risk, health care organizations must first understand their digital footprint and how applications, services and users interact and operate. Pervasive visibility into and monitoring of these transactions provides the means to identify possible vulnerabilities and threat vectors that might be exploited. Securing health systems is a high-stakes endeavor; health care data is highly valuable, often containing a great deal of personally identifiable information (PII). This particular point is crucial because, unlike banking and financial details that are able to be altered or remade, much of an individual’s personal health details are immutable. Furthermore, ransomware attacks threaten not only the health system, but also any impacted individual’s well-being and privacy if health records are part of a data breach.

Find Flexibility and Security in the Cloud

Many of today’s security approaches struggle with legacy architectures that have been rigid and complex and which involved considerable amounts of operational tuning. In the past, network security was deployed at the network edge within facilities or campuses and in the data center, generally directing all traffic through it for inspection. A SASE architecture moves most of these capabilities to the cloud, which is where many of the target applications already reside, reducing the distance between the user and application and—in most scenarios—eliminating backhaul dependencies. In addition, with the bulk of SASE security services often tightly integrated via APIs that are always tuned and updated, most of the operational requirements disappear, allowing the provider or organization to principally invest efforts in managing risk and driving daily operations once more. 

To pursue and consume new technologies, and in addition to ensuring that they are properly protected, health care providers must have a thorough understanding of the highly dynamic and elastic demands of cloud security. The alternative has the potential to complicate or derail the successful adoption of a SASE model. To overcome this challenge, institutions need to take advantage of AI-driven automation and other cutting-edge networking technologies. Doing so will empower them to properly integrate network and security elements into a single platform that has the ability to support the rapid growth of digital health services and which can be easily deployed, managed and updated. Adopting an architecture of this scale with the array of services and capabilities to accommodate the vast array of deployment needs (users to apps, IoT to infrastructure) is not one to be undertaken lightly, nor without a firm grasp of key objectives. SASE has enormous potential to deliver providers from many of the architectural challenges that were introduced over the last 15 years. However, if it is adopted without a purposeful intent or an understanding of exactly what the final solution should yield for the organization, where the operational responsibilities and uses lie and how it can accommodate future needs, the outcome will be no different than the current obstacles many are trying to escape.

Monitor Threats on the Road Ahead

It’s impossible to protect against threats that cannot be seen or evaluated, no matter what industry you’re in. Specifically for health systems, added risks lie in the sheer volume of connected devices, computers and other technologies common throughout modern health care environments. However, by leveraging SASE and integrated network telemetry insights, digital risks—including service continuity, application threats and unusual activities—can be monitored and risk can be managed.

Health care has experienced years of digital transformation, and what’s clear is that the next step for any provider is the adoption of a SASE architecture. Health care providers will gain better visibility into their application and device-heavy environment while also employing a solution that can scale with the increased rate of digitalization. If the health care industry is to continue its rapid adoption of new technologies and devices, it must also choose and deploy a solution that can accommodate their many requirements—the risk of not doing so is too great.

Avatar photo

Mike Spanbauer

Mike Spanbauer is a Senior Director and Technology Evangelist for Juniper Networks. Mike’s work and expertise in network and security advisory, consulting, and product strategy over the last 25 years provides a breadth of perspective across network and security execution, as well as approaches to solve for operational and governance needs that organizations face. He most recently served as Vice President of Research Strategy for NSS Labs, driving the enterprise research and consulting practice for NSS’ global clients. Prior to that, Mike held leadership roles at Current Analysis and HP in research, strategy, and competitive intelligence.

mike-spanbauer has 7 posts and counting.See all posts by mike-spanbauer