Verification, Automation Strengthen Healthcare Network Security

January 03, 2018 - Organizations going through a digital transformation are challenged when it comes to ensuring their healthcare network security can handle all the traffic and different devices connecting to it. Many organizations lack visibility and control, which calls for additional network tools to be added to the IT infrastructure.

Entities are constantly adding layers of IT infrastructure, making it easy to lose track of devices and how they connect to the network. Organizations need to be proactive about their network security. Discovering vulnerabilities before they lead to cyberattacks and stolen data is vital to the healthcare industry.

As organizations are updating their networks to handle desperate infrastructure tools, they need to account for how they will discover vulnerabilities, Veriflow CTO Dr. Brighten Godfrey explained to HITInfrastrucutre.com

“The practical reality is that there are a lot of legacy systems out there,” Godfrey explained. “There’s a lot of different controllers and cloud instances that all need to work together and you need some sort of independent verification to get that assurance that it’s all correct.”

“Once that verification it makes the business be more agile,” he continued. “You can make changes without worrying and going through a laborious process to try to test for vulnerabilities. You can now deploy other automated control solutions that will help you be more efficient without worrying that they're going to spin out of control.”

READ MORE: Visibility, Automation Defend Against Network Security Threats

Formal verification is a valuable tool for healthcare organizations because it helps entities ensure that their network software works the way it’s supposed to. Verification uses a mathematical system to analyze the design of the network and continuously verifies it as it’s constantly changing.

“The reason verification is critical for network infrastructure is due to complexity,” said Godfrey. “Previously, you would put a packet into the network and it would come out the other side, but, today there’s a lot more complexity.” 

“There’s dozens of vendors and new layers like virtual networks in the cloud,” he added. “There might be thousands of firewall rules where the network is assisting with security and many vendors’ products that need to be integrated and networked together.”

Organizations have complex systems that are constantly changing and primarily depend on IT staff manually making or overseeing those changes. This leaves the network vulnerable to human error, which is a large reason why data breaches occur that damage critical infrastructure.

“That’s why it’s important to mathematically verify to understand these complex systems,” Godfrey explained. “Network verification assures that the high-level goal of the network, like a critical service, is available and translated down to the network and is actually being achieved.”

READ MORE: Health Network Security Challenges of Wireless Deployment

Network verification applies to healthcare because of the number of networked devices including routers, firewalls, switches, laptops, servers and IoT devices. Many healthcare organizations operate on a large scale.

National healthcare organizations are especially susceptible to network vulnerabilities because they are responsible for sensitive data governed by compliance standards such as HIPAA and the Payment Card Industry Data Security Standard (PCI DSS) across many locations. Entities are dealing with EHRs, employee information, and insurance information, which is all very sensitive. Providers also have a range of different doctors and other medical professionals who need access to this information.

“It’s a whole ecosystem of people and sensitive data that are governed by these standards,” said Godfrey. “The standards, which reflect good practices, generally have to deal with confidentiality of data, integrity of that data, and availability of that data. This is a pretty significant and difficult mission that the IT professionals are tasked with in a healthcare organization.”

One of the greatest benefits of network verification is that it allows organizations to be proactive instead of reactive about their network security. Network monitoring is currently one of the most popular network security tools.

Network monitoring really only allows IT staff members to watch the traffic that’s flowing through the network. This only shows what has already happened, even if it only happened moments ago. Verification can show what can happen in the future.

“You can pinpoint a security vulnerability within the network, using network verification, before it’s ever been exploited,” Godfrey explained. “That’s the power of this predictive model. The system uses this model to mathematically verify whether the intent matches reality.”

“The intent would be intending that this zone of my data center is inaccessible from another zone,” he continued. “I want my financial auditors to access certain servers, but they should not be able to access patient records. This would be part of the due diligence in keeping patient records absolutely secure.”

“That would be intent,” Godfrey stated. “That’s a high-level business goal that you can now express and the system translates that and checks it mathematically using the predictive model to either say, ‘yes, this zone in the network actually is secure,’ or ‘no, there’s a vulnerability here,’ and pinpointing exactly what that vulnerability is.”

Deploying a network verification system involves installing several virtual machines that can collect network data. That data is then used to digitally make changes to the network. No matter how other infrastructure tools change or what devices are introduced into the network, the verification process will ensure that the network is constantly compliant, secure, and resilient.

As healthcare networks become more complex, organizations need to consider automation. Godfrey suggested that IT decision-makers consider automation techniques to support growing networks. IT infrastructure is moving away from individual device configurations and taking a more holistic approach to network management.

“There are solutions now that are trying to help with automating security and also automating the verification,” said Godfrey. “My perspective is that verification is maybe the best way to begin down that path of automation because it gives you this assurance that you carry with you as you implement other solutions. You can verify the messy, complex reality that people are dealing with today.”

“Verification is interesting because on the one hand it’s in this area of intent-based networking, which is one of the most exciting developments in the networking industry right now,” he continued. “But, you can take that and implement in the network of today across the whole infrastructure.

The networking industry is maturing, and organizations need to have visibility over their entire network, understand its potential vulnerabilities, and be able to predict those vulnerabilities.

“The whole infrastructure within the enterprise is like a distributed piece of software in its level of complexity and that’s how you have to think about managing it,” said Godfrey. “We’re intentionally broadening the use of the word ‘vulnerability’ because it’s a healthy way to think about networking. People often think of the word vulnerability as applying only to endpoints like a server or a web browser, but a vulnerability can be anywhere.”

“If you think about the network infrastructure itself as being a custom piece of software that an enterprise is building for its organization, that infrastructure itself has vulnerabilities,” he continued. “Each healthcare organization has their own infrastructure unique to them.  There’s no external agency that’s going to send them an alert.”

“You have to think about the network infrastructure as software,” Godfrey advised. “Manage it like software. You're not just making changes manually, you're undergoing rigorous processes that need to be tested.”