Cybersecurity

Healthcare orgs must secure networks when practicing telemedicine

Telemedicine or the use of ICT to improve patient care has never been more relevant today than before when governments ordered lockdowns to mitigate the spread of coronavirus that causes COVID-19. In the Philippines, the Food and Drug Administration (FDA) has allowed the issuance of electronic prescriptions to the public.

However, cybercriminals saw it as an opportunity to exploit cloud-based tools and services that contain patients’ data and health records. The value of the data being transmitted between networks is what encourages hackers to target telemedicine practices. If this data is accessed by the wrong person, it may not only impact general performance but could also put patient care at risk.

“For healthcare organizations to remain compliant and maintain patient trust, they need to consider all potential risks to ensure this technology is not being exploited by threat actors,” said Sonia Arista, CISO, Fortinet Healthcare.

Have you read “Fortinet introduces self-learning AI appliance for threat detection“?

The cybersecurity company said healthcare organizations using remote communications “do not have full control or visibility into the network they are connecting to. Patients that use messaging apps or video conferencing to get medical care are likely to use a personal device designed for performance rather than security, and that is connected to an unsecured home or even public WiFi network.”

Fortinet shares some tips in securing telemedicine especially these uncertain times.

  • An endpoint solution that provides integrated visibility, control, and proactive defense while providing secure remote access with a built-in VPN. This should be coupled with an endpoint management system to enable scalable and centralized management of multiple endpoints.
  • Identity and access management (IAM) products that are designed to confirm users’ identities and devices as they enter a network via certificate management, multifactor authentication, and single sign-on services.
  • Wireless management solutions that feature pre-configured access points for secure connectivity between a remote location and an organization’s networks. Additionally, healthcare IT teams should also consider combining their wireless access point with a next-generation firewall to maximize security while meeting performance requirements.
  • A telephony solution that features integrated security controls designed to protect phone conversations between patients and doctors as well as business data. This technology should be able to keep up with the high volume of traffic that telemedicine initiatives will inevitably bring about, both in terms of security and performance.
  • A network authentication solution that enables remote workers to access their organization’s networks at scale. Similar to IAM products, this solution should support certificate management and single sign-on services.
  • A next-generation firewall solution that consolidates various security capabilities, such as automated threat protection and SSL inspection, while reducing complexity and meeting performance needs.