Welcome to the Sentinel Blog!
We are proud to feature a carefully curated collection of articles and other content related to the most important technology topics of today and beyond. Our posts are composed and edited by Sentinel’s ALWAYS ENGAGED team of solutions architects, engineers, project managers and other subject matter experts.
Strategic Solutions Advisor Rick Spatafore On HIPAA Compliance Vs. Ransomware
What was once thought of as a compliance checkbox, HIPAA (more specifically the Security Rule) is causing consternation among healthcare IT practices.
The Health Insurance Portability and Accounting Act, or HIPAA as it is known, requires that healthcare organizations protect the confidentiality, integrity and availability of your Protected Health Information (PHI). Confidentiality ensures that PHI remains private and inaccessible to unauthorized persons. Integrity keeps the PHI intact and prevents alterations or destruction in an unauthorized manner. Availability provides on demand access and usability of the PHI by an authorized person.
Healthcare IT departments are already struggling to keep up with the ever-increasing pace of technology. Now they must be ready to face a new threat to cybersecurity: ransomware. Healthcare has become a primary target for hackers to launch ransomware attacks.
A HIPAA breach is typically seen as a loss of PHI. With ransomware this changes as there is no theft of data, at least from what recent cases have shown. What ransomware does is limit access to PHI and brings the integrity of the PHI into question. Both of these acts could be construed as HIPAA violations, especially limiting the availability of PHI. Once your encrypted PHI is infected with ransomware, you have no idea what effect the breach will have on PHI or the rest of the environment.
Ransomware can be launched through different methods, but the most common are phishing attacks and software exploits. Both leave key data exposed. Healthcare organizations train users on HIPAA and how to prevent violations, but often provide insufficient instruction related to good cybersecurity practices. Healthcare organizations can improve user education on best practices by adopting comprehensive security training programs such as SANS Securing the Human.
Ransomware also targets older and unsupported middleware products. A recent campaign leveraging the SamSam variant exploits the middleware engine then proceeds to spread through the network, encrypting servers and databases that are available. This will continue to have a profound impact on the healthcare industry, as organizations and providers are typically slow to adopt new technologies and update systems. For example, many Windows XP workstations are still in use at healthcare facilities because vendors have not updated software for compliance with Windows 7, Windows 8.1 or Windows 10. This same slow adoption bleeds over in applying updates to servers and middleware. Healthcare organizations are at the mercy of their vendors to adopt secure software versions and provide updates.
Two recent ransomware incidents had two completely different outcomes. The Hollywood Presbyterian breach resulted in the hospital paying the ransom to regain access to their data. While the ransom was only 17 thousand dollars, the organization had to divert patients to other hospitals and was limited in their access to PHI for patients. The resulting damage to the credibility of their brand and loss of patient revenue is ultimately much higher than 17 thousand dollars.
A second ransomware incident occurred at Methodist Hospital in Kentucky. This incident had very different results. Methodist Hospital was able to activate their disaster recovery plan and continue to see patients while running off of their DR site. There was no need to divert patients, no need to pay the ransom, and minimal damage to their credibility.
This is where following a good security framework comes in. By following a standard like NIST Cybersecurity Framework, organizations are able to see how all systems are affected by security incidents. Many IT departments do not include backup and disaster recovery planning as a part of their security strategy when in fact they are one of the most critical parts. Having a solid backup system that is off-network and encrypted is crucial to dealing with ransomware attacks. There are ransomware variants that look for on-network backups and encrypt them, further crippling the organization. Having solid, practiced procedures to either restore your backups or run off the disaster recovery site can save critical time in ensuring access to PHI.
Adopting a layered security approach will lower your risk profile. No single technology can stop all malware, but layering technologies together can strengthen your security posture. In order to actively protect your organization, you must thoroughly understand your environment. This should be done during a Risk Assessment, which is required under HIPAA but oftentimes not performed thoroughly. Understanding your environment allows you to prioritize your cybersecurity tasks and develop a strategy to minimize your organizational risk.
Concerned and wondering about next steps? Sentinel can get you started on the right path with a Risk Assessment Audit that will determine among other things, how hardened your network is and evaluate the efficacy of your backup and DR strategy. Contact us for more information.
An Introduction to World Wi-Fi Day From Solutions Architect Tim Gustafson
Recently the Wireless Broadband Alliance announced the inaugural World Wi-Fi Day, set to take place annually on June 20th. The purpose behind it is to celebrate the role of Wi-Fi in connecting communities across the globe, and explore innovative new solutions to help bridge the digital divide.
Those of us who use Wi-Fi regularly often take it for granted. There are currently more than four billion people around the world with very limited or no access to the internet due to a lack of money and/or resources. While new initiatives such as Connected City are improving and introducing wireless to underserved urban areas, many other Wi-Fi projects still require funding and developmental support in order to become a reality.
One popular idea involves combining outdoor access points in a root and mesh topology with existing internet connectivity and wireless point-to-point solutions, which significantly expands the area of useable Wi-Fi coverage. This would enable more people to have access to reasonably priced high speed internet in places where it’s needed most.
Sentinel Technologies has been consulting, designing, and deploying indoor and outdoor wireless solutions for the past two decades, helping cities, municipalities, government, education, enterprise and small businesses improve productivity and collaboration through affordable connections. Please contact us for more information about our wireless offerings.
Data Center Solutions Team Lead Bill LaFlamme on the Dell / EMC Merger
Back in October 2015, Dell and its partners acquired EMC for $67 billion. Since then, the tech industry has begun to evolve rapidly as many of the big players realign their focus on cloud, converged infrastructure, mobile, big data and other concepts essential to the future of IT. The EMC purchase happened because the company was well established in all the right areas and Dell was smart enough to buy instead of attempting to build. This is the same strategy used by a majority of Hyper-Converged/Converged infrastructure players.
From both a sales and technical perspective, this merger makes a lot of sense. Dell does well in the SMB, SLED and mid-market space, while EMC has been very successful in the commercial and enterprise markets. No one knows exactly how the products, sales teams, channel and partner programs will be organized just yet, but there are some very smart people at both organizations in charge of figuring that out.
Dell will change their name to Dell Technologies with several brands under this umbrella, including EMC, VMware, Pivotal, SecureWorks, RSA and Virtustream. With VCE (already part of EMC’s Emerging Technologies Division) and the expanded portfolio of VCE offerings (Blocks, Racks, Rails and Appliances) extending the lead in a crowded marketplace, this is just the beginning stage of changes in our industry. The advent of IoT (Internet of Things) has created a massive surge of connected devices, people and processes to rival the industrial revolution. To quote a common phrase, “May you live in interesting times.” That certainly holds true in today’s IT.
Sentinel Technologies will continue to support our customers with offerings in best-of-breed products, multi-vendor solutions, managed services and cloud offerings. Our customers and partners are key to our success, enabling us to lead, connect, engage, deliver and motivate across the technology industry. I’m certain the Dell and EMC teams will too as they collectively and collaboratively attempt to help customers achieve their individual business goals.
Solutions Architect Geoff Woodhouse On The Advantages of Document Digitization
Many companies and cultural institutions with long histories continue to maintain archives of important data and other information in analog formats such as paper, canvas and microfilm. This might seem like an antiquated idea in our increasingly technological world, but for industries such as healthcare, finance and education, hard copies remain a necessary part of daily business. The management of a physical archive, particularly a large and complex one, can create all sorts of extra headaches for organizations. Digitization is a simple solution with significant advantages for those eager to do more with their archived data.
The primary advantage of digitization is the significant increase in data accessibility. If a museum were to digitize an ancient scroll, it could more easily and safely be shared and studied around the world by multiple people at the same time. On an enterprise level, digitization of documents and other information improves access and collaboration between employees, customers, partners and everybody in between.
Another advantage of digitization is improved search functionality. Back when I was a kid, libraries had card catalogs. All the books in the library were organized by title on these little white cards, with the Dewey Decimal numbers on the card to tell you where it was located in the building. The amount of effort to keep those thousands of cards up to date was a monumental task, and if someone stole or destroyed one it made the book much harder to find.
With digitization, we can easily search an online database for any book in the library or a neighboring library system. We can also search for books and place them on hold from our home. Digitizing the library catalog revolutionized how to use the library system around the world. This has the same application in a corporate setting, where digitization makes it more convenient than ever to locate key data quickly and from any networked location.
There’s also a great financial benefit to digitization. Keeping virtual copies of records takes up less physical space. This can lead to thousands of dollars per year in savings for legal organizations, universities, financial institutions and other compliance-related businesses. It is relatively straightforward to set up the hardware and software to store the digital files. The difficult part is scanning the old documents and learning how to use the digital storage going forward. There will be new systems and people will need to be trained on them, but typically the savings are worth it.
The last key reason is security. You can’t really backup a piece of paper, but it is easy to encrypt and secure a digital file. This way if anyone does steal it, they can’t open it. For security reasons, it could be dangerous to keep papers in a file cabinet. Things could be taken and somebody might not realize they’re missing until months or even years later! Digitization of files is a great way to secure any archived data.
Sentinel offers a wide range of digitization solutions for your business or organization. Please contact us for more information.
Sentinel CTO Robert Keblusek on the Benefits of Cisco Intelligent WAN (IWAN)
As companies embrace streaming, downloads, mobility and BYOD in the workplace, the increased demand on Wide Area Networks (WAN) can often create speed and accessibility issues across the entire enterprise. Traditional WAN solutions no longer provide the necessary scalability at a cost effective price to remain competitive and secure in today’s marketplace, which is why nearly 50% of organizations are moving to the Internet for some or all WAN services.
At Sentinel we can design Internet service for backup, best effort and even mission critical guaranteed workloads. We have had great success helping customers save money on WAN services using the Internet as a backbone while also successfully supporting quality and latency-sensitive applications such as voice and video. While Internet WAN service isn’t a fit for everyone, an increasing number of customers have found it very beneficial as they continue to grow.
Cisco’s IWAN offers transport independence, creating secure connectivity over the customer’s preferred transport option while offering path optimization to ensure the best possible performance. When combined with direct Internet access for application support and caching, new architectures become available that can improve performance and reliability. It also allows for the reduction or containment of connectivity costs over time, often with a better than one year return on investment.
When designed properly, IWAN enables distributed security and encryption with direct access to cloud services so you don’t have to use a private network for your applications. In fact, Sentinel has designed customer networks for both distributed and centralized network and internet control through our CloudSelect® INTERNETaaS offering. Developing dynamic private networks along with internet-connected wide area networks ensures optimal security and intelligent connectivity to internal and external application services.
With IWAN, Cisco has collected many years of proven technologies into a solid architecture that enhances productivity, saves money and improves security and reliability. They’ve also put together extensive training for experienced partners like Sentinel to enable our staff on designing, deploying and supporting full IWAN deployments for our customers. In addition, Sentinel has leveraged these technologies in delivering cloud services not only from our own premium CloudSelect® offerings but to other SaaS and cloud providers. Any customer looking at their next generation of wide area connectivity should consider Cisco’s IWAN architecture to create a modern network capable of delivering a rich technology experience at an affordable cost.
FAQ: CTO Robert Keblusek Answers Common Ransomware Questions
Ransomware continues to dominate headlines across the tech industry. The threat of these security breaches has many organizations, especially in the healthcare field, looking for answers. We asked our Chief Technology Officer and all-around security expert Bob Keblusek to provide insights on some of the most common questions related to ransomware.
1. What is the best solution to deploy against ransomware?
I believe it takes an architecture that includes endpoint through perimeter and mobility solutions as well as ongoing management of all involved systems.
It is critical to have a central point of management for security incidents in addition to tracking them through the duration of the security event. Having a security management platform that integrates multi-vendor solutions creates a comprehensive tool that helps uncover the highest risk areas and in turn where to best invest in security solutions with limited IT budgets.
Security is an ongoing effort, balancing access to information while keeping it protected from attack. Compromises that steal data or hold data hostage for a fee will continue to evolve and challenge traditional IT perimeter solutions. These measures often fail to keep data fully secure, which is why an expansive architecture is required along with continuous management, review and proper incident/response policies.
These events can also result in a disruption of business. Similar to how companies protect their data from a physical disaster, there needs to be a contingency plan in place should a data breach or theft occur.
2. With healthcare being targeted, how do providers protect HIPPA data from ransomware?
Within our healthcare practice we have experts that advise on best practices for securing HIPAA data as well as PCI data and more.
We have seen an increase in technology architectures that protect data both in-flight and at-rest, including encryption, endpoint protection and behavioral response systems. Some modern solutions analyze network activity within the infrastructure, and when combined with embedded network access control, are reaching a point where administrators can set policies in order to protect sensitive data.
3. How does Sentinel protect our current clients from ransomware?
Sentinel offers a complete security assessment and review with an architecture recommendation for ransomware in addition to full security solutions.
These can be as simple as a point-in-time assessment and remediation recommendations. Our CloudSelect® SECaaS offering provides complete intrusion detection as well as an incident and event management platform that integrates incident lifecycle management for a single pane of glass.
Using the threat exchange and signatures on our IDS we have this detection built into our CloudSelect® SECaaS offering. With this solution in place we can detect, alert and create a service ticket on this activity coming from any customer.
This offering also includes constant traffic detection and integrates multi-vendor security solutions into a complete management platform. When combined with a strong information security policy, the technology provides some of the best protection possible before, during and after the attack.
4. How does Sentinel utilize their partnership with Cisco for security solutions?
Sentinel is very optimistic about recent Cisco acquisitions such as StealthWatch (formerly Lancope), OpenDNS, SourceFIRE, as well as existing Cisco security products that continue to evolve. When combined with network access control we feel that we can offer a complete solution to help fight the ongoing security challenges for most organizations.
Sentinel also combines these architectures into a single platform for clients to have ongoing visibility and management capabilities. Each of these pieces solve specific security needs, and we bring them all together into a complete architecture and management solution with our CloudSelect® SECaaS to help you get the most from your security investment and protect your sensitive data from breaches and/or being held hostage.
Want more information on a solution mentioned, or want to schedule a Sentinel security assessment? Let us know at: www.sentinel.com/ContactUs.
Welcome to The Pulse
Sentinel Technologies is proud to launch our new blog! A huge aspect of our website upgrade was focused on organizing the site so visitors had the most up-to-date information on solutions, products, news and other industry topics, right at their fingertips.
In designing the site, we also wanted to create a platform that allowed us to create informative and interactive content. Our in-house experts have their finger on the pulse of the industry, and we wanted an outlet that allowed them to share that knowledge.
The Pulse is that platform. Each week different contributors will weigh in on their topic of expertise, hot trends or industry news. As experts in the field, they will be able to give guidance, advice and truly inform our readers on topics and issues dominating the industry.
Check back weekly to see what’s new on The Pulse!