In Their Own Words: A Healthcare CISO’s Journey to Zero Trust
Healthcare Chief Information Security Officers (CISOs) and other security/IT team leaders are responsible for identifying patient safety or care issues, while driving the selection and adoption decisions on technology purchases to help address those concerns.
It’s not a simple task, especially when so many variables are at play:
- You’re concerned about securing patient data, employee data, financial and more
- But you also need to enable your diverse team of healthcare professionals - from physicians to clinicians to contractors - to do their jobs with limited additional friction
- You need to meet yearly audit requirements for HIPAA, PCI DSS, HITRUST, Joint Commission and NIST standards, and many other regulations
- Plus, you need to support always-available access from your users’ personal devices, no matter where they’re located
A large healthcare enterprise system needs a powerful, flexible and low-maintenance access security solution that doesn't introduce friction to workflows, and can work with complex, interconnected systems.
Oh, and it must work for every user scenario, with technical accessibility limitations. Did we mention it also has to provide a rich dataset for compliance audits and reporting needs? No big deal.
A CISO Guide for a New Approach to Security
To help see you through your 2019 game plan to provide a proactive and comprehensive security strategy, we’ve put together this guide, in which you’ll find:
- A detailed account of one healthcare CISO's experience with a zero-trust security model
- An overview of the needs of their hybrid, mobile and cloud environment, as well as the need to meet HIPAA compliance
- How they balanced usability and security and fit Duo Beyond into their existing network architecture
Their security team also discovered a hefty, surprising number of shadow devices after they gained insight into managed and unmanaged devices using Duo Beyond - there were nearly three times as many personal devices accessing their healthcare system network as they initially thought.
Check out our guide to learn about their other findings and how Duo helped them better secure patient data, get visibility into cloud apps they never had before, and meet their many different compliance and security objectives with Duo’s unified solution.