Part 3 - Healthcare Security Pain Points: Device Visibility & BYOD
In a previous blog post, we explained the administrative and help desk burden is a common concern of IT operation leaders, often the head of infrastructure, networking and architecture; responsible for managing internal resources and deploying tech projects at their organization.
In this blog post, we’ll cover how the lack of administrative visibility into unmanaged personal devices (also known as bring your own device - BYOD) accessing personal health information (PHI) is a major concern for IT operations (also, head of infrastructure, networking and architecture, or IT VPs and directors), responsible for technology projects deployed in the environment and management of internal resources.
Feelin’ the Pain
Without visibility into endpoints in your environment, how can you ensure that jailbroken or insecure devices aren't gaining access to your patient data? These are some of the challenges you face when you don't have a comprehensive access security solution that can give you insight into endpoints:
HIPAA Violation & Fines - You may unknowingly fall out of compliance with healthcare data regulations that require encryption on devices with PHI if you can't verify encryption status on personal devices in your environment - which can result in millions of HIPAA penalty fines.
Unknown, Poor Security Posture - Unmanaged personal devices may be running older, vulnerable versions of software, or be jailbroken/rooted, and/or not encrypted or passcode-protected. Poor security posture results in easier hacking access to patient data.
Intrusive MDMs - For visibility and control, some healthcare IT admins opt to use mobile device management technology. But these tools are often disruptive because they invade user privacy and are often met with resistance by healthcare professionals when deployed on personal devices.
Easing the Pain
Opt for an access security solution that can provide extensive endpoint security visibility and control, without the intrusiveness of MDMs.
Actionable Endpoint Data - Without the use of intrusive agents, Duo's Endpoint Visibility gives you in-depth security posture data (operating system, platform, browser and plugin versions; plus passcode, screen lock, encryption and rooted/jailbroken status), while flagging out-of-date devices for admins.
Identify Unmanaged Devices - With Trusted Endpoints, you can both enable and secure personal devices in the workplace. You can see which devices logging into your environment are corporate or personal-owned, as well as set device access policies to track and block any untrusted endpoints.
Block Risky Devices - In addition to rich device data, Duo gives you the policy tools you need to notify, warn and/or block users from accessing your applications unless they update their devices, through Duo's Self-Remediation and Endpoint Remediation features. Plus, Duo marks devices that have been tampered (rooted, jailbroken or failed SafetyNet checks).
Our Duo Beyond edition unlocks all of the device insight, policies and control you need to keep access to patient data protected and compliant.
One of the largest healthcare systems in the nation deployed Duo Beyond and discovered 30,000 personal mobile devices that were accessing applications with PHI. Check out An Enterprise Healthcare CISO's Journey to Zero Trust for the full story.