Presentation on theme: "Www.positivenetworks.com | Toll-free: 1-877-932-8671 1 How to have both Productivity and Security for Remote Access Solution in a HIPAA Environment Tom."— Presentation transcript:
www.positivenetworks.com | Toll-free: 1-877-932-8671 1 How to have both Productivity and Security for Remote Access Solution in a HIPAA Environment Tom Nielsen – Director of Business Development Positive Networks firstname.lastname@example.org
www.positivenetworks.com | Toll-free: 1-877-932-8671 2 Remote Access is critical for both patient care and to employee happiness Physicians, administrators and other healthcare employees need access to critical information all the time from many locations. Most healthcare facilities are not prepared to provide the necessary security that should be a part of serious remote access. Most facilities demand more than one remote access alternative –Full-time telecommuters need a rich experience –Convenience is paramount for occasional travelers –Kiosks demand web-based access
www.positivenetworks.com | Toll-free: 1-877-932-8671 3 Security is critical, but it cannot be at the expense of productivity – must work together IT professionals need security and end-users want it to be simple If it is not simple and productive, then end-users will search for ways to beat the system, or will not use it at all. If it is not simple an productive for end-users, then it will turn into a support nightmare for the IT department than one remote access alternative
www.positivenetworks.com | Toll-free: 1-877-932-8671 4 The Positive Networks Solution PositivePRO Healthcare Service Hosted, managed remote access service (Anywhere & Anytime) No hardware install Web-based provisioning and installation Remote Print capabilities Customized policy enforcement and customized work experience for each user in any location Automatic updating for each remote PC Productivity apps for remote work Real-time end user support Real-time endpoint security (Firewall, A/V, Spyware, Critical updates) 2-factor Authentication available Site-to-Site
www.positivenetworks.com | Toll-free: 1-877-932-8671 5 Is Your VPN the Weakest Link? Your network is only as secure as its most vulnerable entry point No matter what industry youre in, you want to protect corporate data –Sarbanes-Oxley, HIPAA, Gramm-Leach-Bliley, SAS70 VPNs can create more security issues than they solve –Complexity creates problems –Virus incidents are the most common –Worm threats Cost of a security breach is high –Hundreds of thousands to millions (KPMG) All types of VPN deployments are at risk – when mistakes are made –In-house, outsourced, appliance, SSL, IPSec
www.positivenetworks.com | Toll-free: 1-877-932-8671 6 Security Mistake #1 Skipping Real-time Endpoint Security Monitoring Problems –Most VPNs just do a one-time limited security check –After the user signs on to the VPN, security policy violation occurs –User remains connected to the corporate network –Problem mitigation cannot be verified Things you need to do: –Real-time integrated monitoring of antivirus software –Real-time monitoring of client firewall with no user interface –Automate problem resolution and quarantine user until compliance is verified –Develop reporting to monitor violations –Require users to be fully patched with Microsoft Critical Updates before they can connect through the VPN –Distribute and update anti-spyware software, require frequent spyware scans –Automate problem resolution and quarantine user until compliance is verified
www.positivenetworks.com | Toll-free: 1-877-932-8671 7 Security Mistake #2 Relying on passwords along for secure authentication Examples –Recent survey: 1/3 of employees write down their password –Plain text passwords are often easy to guess, share, lose –Keystroke loggers can record your password Things you need to do: –Combining two or more authetication factors significantly improves unauthorized authentication –Consider mobile users needs and device limitations –Who really wants to carry another device?
www.positivenetworks.com | Toll-free: 1-877-932-8671 8 Security Mistake #3 Leaving Critical Servers Accessible from the Internet Also known as: The portal myth Problems –IT administrators are in conflict: Ease of Use vs. Security –Dont use your DMZ as a free pass to ignore security! –Your company leaves web mail, Extranet web sites, and application servers reachable from the Internet
www.positivenetworks.com | Toll-free: 1-877-932-8671 9 Security Mistake #4 Assuming Citrix and MS Terminal Server Eliminates the Need for Endpoint Security Problems –Forget what they told you: data doesnt really stay on the server! –Thin clients do nothing to secure the endpoint –So, youre sending all of your information over a nice, encrypted tunnel to a completely insecure endpoint.
www.positivenetworks.com | Toll-free: 1-877-932-8671 10 Security Mistake #4 Assuming Citrix and MS Terminal Server Eliminates the Need for Endpoint Security Examples –Real world: Cerner at Columbia St. Marys –Doctor views confidential patient information using the Terminal Services Client while someone monitors his activity with Back Orifice or VNC –IT admins leave Citrix/nFuse readily accessible on the Internet for exploits and port scanners to discover (6 published Citrix exploits in the last 12 months) Things you need to do: –Fully authenticate the user and lock down the PC, even if the user is connecting with a web browser, before you let them begin communicating with your critical Citrix or Terminal Servers.
www.positivenetworks.com | Toll-free: 1-877-932-8671 11 Security Mistake #5 Depending on Employees to Never Use Untrusted PCs For Work Problems –IT admins ship out preconfigured corporate laptops and cross their fingers, with no assurance that the PC will remain secure –Users will forward emails and files to their personal email accounts on their home PCs, but your IT staff is unwilling/unable to support home PCs – ignorance is bliss! –You need the capability to do change security policies and apply updates for remote users in real-time, not just whenever the employee brings the laptop in
www.positivenetworks.com | Toll-free: 1-877-932-8671 13 Access path to match the application(s): Full Client (client based VPN LAN extension) –All the benefits of an IPSec client solutions without the limitations –Simple access from behind the firewalls, proxy servers and home networks –All software configuration elements are automatically supplied by the system SSL (WebTop…a complete personalized access portal) –Uses 192 Bit AES encryption & the local machine which is wiped clean upon closing the browser (nothing is cached) –Dynamic Application Tunneling allows non web-enabled applications can be ported through the SSL VPN making investment in web-enabled infrastructure and design unnecessary –Web-based access from anywhere Remote Desk Top –Integrated in both VPN Client and WebTop – nothing to administer or setup, and no additional software licenses to buy –Useful for bandwidth intensive applications outside of Citrix/Terminal Services If you can get internet access you can get connected.
www.positivenetworks.com | Toll-free: 1-877-932-8671 14 A New Breed of Outsourced Remote Access Designed with service in mind Positives Hosted Network Architecture
www.positivenetworks.com | Toll-free: 1-877-932-8671 15 PositivePRO… Hospital & Cerner Applications Work Seamlessly Together…Access, Security and Support
www.positivenetworks.com | Toll-free: 1-877-932-8671 16 PhoneFactor Authentication How it Works User enters their username & password within the application Instantly, the user receives a phone call and enters a PIN number (password) What Is It? Cellphone-based two-factor authentication service (also works with land lines) Key to protecting data and patient confidentiality Low cost No equipment to purchase (no tokens or USB devices) HIPAA compliant Works with all applications