Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Cisco, MobileIron, and Tenable

Managing Secure Access, Mobile Device Usage, and Security in Healthcare

2015 Healthcare Security Trends and Regulatory Compliance Webinar

Join Renee Murphy, Senior Analyst in Security and Risk Management at Forrester Research and Craig Shumard, former CISO with Cigna and Principal, Shumard and Associates at 2pm ET on February 25, 2015 for a webinar exploring the security trends and regulatory landscape impacting the healthcare industry in 2015 and beyond.

Register Now

Forrester Report – Security Risks Faced by Healthcare Providers Empowering Mobile Moments

How do you balance the needs of clinical personnel for anywhere, anytime access to patient information with effective security practices and compliance with HIPAA and other related regulations?

Learn More

Meet us at the Healthcare Cyber Security Reception

If you're attending the HIMSS Annual Conference & Exhibitionbe sure to visit us at theHealthcare Cyber Security Reception on April 13th. HIMSS15 will take place April 12-16, 2015 in Chicago, IL.

Learn more

Key Challenges

Modern healthcare organizations are undergoing a transformation in which their IT networks are no longer confined within four secure walls. Healthcare staff is demanding access to healthcare resources from more devices and places than ever before and mobility is completely changing the way healthcare professionals work. However, this does not exempt them from protecting against security threats, data breaches, and the need to comply with industry regulations such as HIPAA.

The ability to overcome this challenge requires a framework that enables solutions to work in unison, helping healthcare teams answer such questions as:

  • How many different healthcare systems, applications, and mobile devices connect to my network? Should these devices be allowed to access the network?
  • Which devices are out of compliance or misconfigured, unauthorized, or vulnerable? Are any running malware or infecting other hosts? Is there sensitive data stored on or transmitted from them?
  • Who are the users associated with the vulnerable healthcare systems and devices? What risks do these systems and devices pose?
  • Which users have access: to what systems, from what locations, with what type of access?
  • What risks require immediate action to prevent compliance violations or a security breach?
Tenable, MobileIron, Cisco Challenges
Tenable, MobileIron, Cisco solution diagram

Solution Overview

Cisco, MobileIron, and Tenable solutions individually provide essential capabilities that healthcare organizations require:

  • Cisco Identity Services Engine (ISE) is the market-leading security policy management platform that unifies and automates access control to proactively enforce role-based access to enterprise networks and resources, regardless of how a user chooses to connect.
  • MobileIron Enterprise Mobility Management (EMM) provides mobile device access control, configuration, and application management.
    • Tenable’s Nessus® and SecurityCenter™ solutions identify risk and compliance violations across servers, hosts, and databases.

    While these individual solutions are great at performing targeted tasks in their respective areas, they are more powerful when deployed together to provide visibility, access, and control over network users. Together, they also centralize, simplify, and expedite the detection and remediation of healthcare security and compliance issues.

    Device

    MobileIron captures smartphone and tablet details such as device type, software and OS version. When integrated with Tenable solutions, the MobileIron data is used to identify vulnerabilities and compliance violations from mobile devices. This offers a more complete identification of vulnerabilities on medical systems and mobile devices and identifies any security and compliance violations they introduce to the rest of the healthcare environment. Tenable’s continuous traffic monitoring capabilities allow organizations to detect unauthorized devices that are not managed by MobileIron. This provides a continuous visibility and spotlights healthcare systems that should be managed and monitored as they connect to the healthcare networks.

    Devices
    Access

    Access

    Cisco ISE provides endpoint access profiling along with user identity and device context. When integrated with MobileIron, access control can be extended to cover mobile devices so that only authorized devices are granted access. It also allows healthcare security and compliance teams to create access policies for mobile devices with user context.

    Healthcare IT teams can thus manage and provide access for those users connected to the network. When combined with Tenable solutions, this can be further refined to provide or deny access to systems based on their security or compliance posture – for example, limiting access to systems with critical and exploitable vulnerabilities or those that have malicious processes running on them.

    User

    Cisco ISE captures user identification and device type context in order to provide role-based network access policies. When integrated with Tenable solutions, it allows healthcare organizations to not only identify risk introduced by devices that connect to the network, but also merges context about the users associated with those devices. This enables healthcare teams to make informed decisions about the appropriate responses to initiate. For example, for critical security and compliance issues, Tenable includes the ability to initiate quarantine action back to Cisco ISE for a closed-loop workflow to swiftly mitigate the out-of-compliance or security issue.

    User
    Data

    Data

    Tenable solutions can identify not only all devices that are connected, but also detect sensitive data and medical information that are stored or transmitted by these systems. The context from MobileIron provides mobile device information in case sensitive data is transmitted from critical systems to mobile devices. The user identity information from Cisco ISE can further help in identifying users who are associated with transmitting systems - regardless of whether the target destination is a server, mobile device, or a cloud destination.