Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Cisco, MobileIron, and Tenable

Managing Secure Access, Mobile Device Usage, and Security in Healthcare

2015 Healthcare Security Trends and Regulatory Compliance Webinar

Join Renee Murphy, Senior Analyst in Security and Risk Management at Forrester Research and Craig Shumard, former CISO with Cigna and Principal, Shumard and Associates at 2pm ET on February 25, 2015 for a webinar exploring the security trends and regulatory landscape impacting the healthcare industry in 2015 and beyond.

Register Now

Forrester Report – Security Risks Faced by Healthcare Providers Empowering Mobile Moments

How do you balance the needs of clinical personnel for anywhere, anytime access to patient information with effective security practices and compliance with HIPAA and other related regulations?

Learn More

Meet us at the Healthcare Cyber Security Reception

If you're attending the HIMSS Annual Conference & Exhibitionbe sure to visit us at theHealthcare Cyber Security Reception on April 13th. HIMSS15 will take place April 12-16, 2015 in Chicago, IL.

Learn more

Key Challenges

Modern healthcare organizations are undergoing a transformation in which their IT networks are no longer confined within four secure walls. Healthcare staff is demanding access to healthcare resources from more devices and places than ever before and mobility is completely changing the way healthcare professionals work. However, this does not exempt them from protecting against security threats, data breaches, and the need to comply with industry regulations such as HIPAA.

The ability to overcome this challenge requires a framework that enables solutions to work in unison, helping healthcare teams answer such questions as:

  • How many different healthcare systems, applications, and mobile devices connect to my network? Should these devices be allowed to access the network?
  • Which devices are out of compliance or misconfigured, unauthorized, or vulnerable? Are any running malware or infecting other hosts? Is there sensitive data stored on or transmitted from them?
  • Who are the users associated with the vulnerable healthcare systems and devices? What risks do these systems and devices pose?
  • Which users have access: to what systems, from what locations, with what type of access?
  • What risks require immediate action to prevent compliance violations or a security breach?
Tenable, MobileIron, Cisco Challenges
Tenable, MobileIron, Cisco solution diagram

Solution Overview

Cisco, MobileIron, and Tenable solutions individually provide essential capabilities that healthcare organizations require:

  • Cisco Identity Services Engine (ISE) is the market-leading security policy management platform that unifies and automates access control to proactively enforce role-based access to enterprise networks and resources, regardless of how a user chooses to connect.
  • MobileIron Enterprise Mobility Management (EMM) provides mobile device access control, configuration, and application management.
    • Tenable’s Nessus® and SecurityCenter™ solutions identify risk and compliance violations across servers, hosts, and databases.

    While these individual solutions are great at performing targeted tasks in their respective areas, they are more powerful when deployed together to provide visibility, access, and control over network users. Together, they also centralize, simplify, and expedite the detection and remediation of healthcare security and compliance issues.

    Device

    MobileIron captures smartphone and tablet details such as device type, software and OS version. When integrated with Tenable solutions, the MobileIron data is used to identify vulnerabilities and compliance violations from mobile devices. This offers a more complete identification of vulnerabilities on medical systems and mobile devices and identifies any security and compliance violations they introduce to the rest of the healthcare environment. Tenable’s continuous traffic monitoring capabilities allow organizations to detect unauthorized devices that are not managed by MobileIron. This provides a continuous visibility and spotlights healthcare systems that should be managed and monitored as they connect to the healthcare networks.

    Devices
    Access

    Access

    Cisco ISE provides endpoint access profiling along with user identity and device context. When integrated with MobileIron, access control can be extended to cover mobile devices so that only authorized devices are granted access. It also allows healthcare security and compliance teams to create access policies for mobile devices with user context.

    Healthcare IT teams can thus manage and provide access for those users connected to the network. When combined with Tenable solutions, this can be further refined to provide or deny access to systems based on their security or compliance posture – for example, limiting access to systems with critical and exploitable vulnerabilities or those that have malicious processes running on them.

    User

    Cisco ISE captures user identification and device type context in order to provide role-based network access policies. When integrated with Tenable solutions, it allows healthcare organizations to not only identify risk introduced by devices that connect to the network, but also merges context about the users associated with those devices. This enables healthcare teams to make informed decisions about the appropriate responses to initiate. For example, for critical security and compliance issues, Tenable includes the ability to initiate quarantine action back to Cisco ISE for a closed-loop workflow to swiftly mitigate the out-of-compliance or security issue.

    User
    Data

    Data

    Tenable solutions can identify not only all devices that are connected, but also detect sensitive data and medical information that are stored or transmitted by these systems. The context from MobileIron provides mobile device information in case sensitive data is transmitted from critical systems to mobile devices. The user identity information from Cisco ISE can further help in identifying users who are associated with transmitting systems - regardless of whether the target destination is a server, mobile device, or a cloud destination.

    Try for Free Buy Now

    Try Tenable.io

    FREE FOR 30 DAYS

    Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

    Buy Tenable.io

    Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

    65 assets

    $2,275

    Buy Now

    Try for Free Buy Now

    Try Nessus Professional Free

    FREE FOR 7 DAYS

    Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

    Buy Nessus Professional

    Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

    Buy a multi-year license and save. Add Advanced Support for access to phone, email, community and chat support 24 hours a day, 365 days a year. Full details here.

    Try for Free Buy Now

    Try Tenable.io Web Application Scanning

    FREE FOR 30 DAYS

    Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

    Buy Tenable.io Web Application Scanning

    Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

    5 FQDNs

    $3,578

    Buy Now

    Try for Free Contact Sales

    Try Tenable.io Container Security

    FREE FOR 30 DAYS

    Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

    Buy Tenable.io Container Security

    Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

    Learn More about Industrial Security

    Get a Demo of Tenable.sc

    Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.

    Try for Free Contact Sales

    Try Tenable Lumin

    FREE FOR 30 DAYS

    Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

    Buy Tenable Lumin

    Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.