Sophos. The importance of zero trust network access (ZTNA) in healthcare
With perimeter boundaries quickly blurring thanks to remote care and telehealth, the implicit trust placed in perimeter-centric security makes healthcare dangerously vulnerable.
The Sophos State of Ransomware in Healthcare 2022 report revealed a 94% increase in ransomware attacks on healthcare year over year, with 66% of healthcare organizations getting hit by ransomware in 2021.
Furthermore, 61% of these attacks resulted in data encryption, making healthcare data unavailable until the victims paid ransom or restored their systems. Such attacks can prove deadly as they disrupt patient care and safety.
So, healthcare today is as much about securing patient data as it is about providing effective patient care.
It’s a challenge for caregivers, remote healthcare workers, and outsourced staff who need access to such data to provide uninterrupted and remote patient care.
Not only do they need to contend with multiple industry regulations that regulate the use of protected health information (PHI), including the Health Insurance Portability and Accountability Act (HIPAA), but there’s also a labyrinth of access and authentication complexities as well.
The industry is moving to cloud-based apps and services while also witnessing a proliferation of IoMT devices, telehealth, remote patient monitoring, portable medical devices, augmented reality, and robotics – all of which use existing IT infrastructure and legacy security technologies, resulting in a broader attack surface.
Most attacks on healthcare organizations exploit the inherent trust and unrestricted access given to the users and devices that are protected by traditional perimeter-based security.
With perimeter boundaries quickly blurring thanks to remote care and telehealth, the implicit trust that organizations place in their perimeter-centric security makes them dangerously vulnerable.
ZTNA – or zero trust network access – makes healthcare IT more effortless and secure by verifying user identity, device health, and access policy before seamlessly granting access to network resources. It only connects users to very specific applications or systems, not the entire network.
ZTNA eliminates vulnerable VPN clients and can prevent compromised devices from connecting to applications and data, effectively preventing lateral movement and attacks like ransomware from getting a foothold on the network.
With Sophos ZTNA, you get the added benefit of a single-agent, single-console, single vendor solution for both ZTNA and your next-gen endpoint protection.
Sophos ZTNA uniquely integrates with Sophos Intercept X endpoint protection to constantly share status and health information and can automatically isolate compromised systems and prevent threats from moving or stealing data.
Sophos ZTNA removes implicit trust in your healthcare organization’s applications, users, and devices and provides segmented access to your systems and resources only to those who need it.
Learn more at Sophos.com/ZTNA.
Source: Sophos