The healthcare industry faces unique security challenges
The size and complexity of today’s healthcare industry is incomprehensible. No longer simply a service delivered in doctors’ offices and hospitals, today, healthcare is an intricate and global network of providers, payers, suppliers, medical device and pharmaceutical companies, researchers, NGOs, local community partnerships and countless others that come together to develop and deliver innovative and sophisticated treatments and models of patient care.
The technology supporting all this has become equally innovative, sophisticated, complex and, most importantly, connected. And that, of course, makes all of it vulnerable—including, at the center of everything, the patient. In an industry that is based on a promise of “first, do no harm,” much can go wrong and hackers are actively looking for ways to exploit anything and everything they can.
That’s why it is up to everyone involved in this vastly expanding circle of care to do their part to ensure patient safety, especially when it comes to cybersecurity.
Providing customized solutions for hospital systems, pharmacies, ambulatory surgery centers, clinical laboratories and physician offices worldwide, Cardinal Health was faced with highly technical challenges that required them to verify that specific network traffic was being delivered to the right security tools while meeting scaling needs on their global network. The company was running into issues related to packet analysis, port conflict, and remotely routing traffic to the proper tools to ensure confidentiality and integrity of data, as well as application performance monitoring to ensure availability.
Specifically, their monitoring team wanted to confirm that specific Test Access Point (TAP) and Switch Port Analyzer (SPAN) traffic types were being delivered to their tools. The network engineering team needed visibility and insight into the data-in-motion in order to perform the data analysis required for inspection.
Working with Gigamon, Cardinal Health was able to speed up time to resolution for a number of issues, including both network and security-related challenges, and their team can confirm that questionable traffic is properly routed and provide metrics as needed. The company has also seen cost avoidance by reducing the number of tools it owns and realizing better performance and efficiencies out of its existing investments. For example, with voice recording, the GigaSMART tunneling feature set enabled Cardinal Health to seamlessly transfer data between data centers as needed while fully meeting compliance requirements without any additional investment or added complexity related to deploying new tools.
Visibility into all aspects of network traffic greatly increased Cardinal Health’s ability to comply with HIPPA, HITECH and the countless other data privacy regulations requirements. Governance and compliance can often be more complicated than the technology itself, but the healthcare industry is poised to deliver cost-effective, innovative treatments and patient care models by integrating complete visibility into data networks that enables healthcare organizations to deliver on their promise to “first, do no harm.”