Increasing rate of endpoints raises healthcare susceptibility

The threat of criminal approach to networks and cyber attacks is increasing due to endpoint vulnerabilities, in accordance to results of a latest survey by the Ponemon Institute.

The survey, performed by Ponemon on behalf of CounterTack, has important implications for healthcare agencies, which have seen raised the access to networks and data through the utilization of many types of devices, like laptops and smartphones.

The logic that more devices are in utilization to access an agency’s network—often in the hands of unsophisticated consumers who may be careless with security practices—increases the number of ways that networks can be hacked.

The Ponemon research, which observed at data system security across various industries, disclosed that protection of endpoint tools has not kept up with threats that confront them. “With all the data we have collected, there appears to be a stalemate,” claims Larry Ponemon, founder of security research firm Ponemon Institute. “Companies are doing a lot more, but cannot keep up with the crooks.”

The healthcare industry is a high-profile aim due to the value of the information that contributors and payers hold.

Endpoint security is an increasing concern across companies. Endpoint devices can involve servers, desktop and laptop computers, printers, smartphones, point-of-service devices and more, and they communicate information with an agency’s data network. “The endpoint is the doorway to enterprise networks,” Ponemon elaborates. “Attack vectors converge on connected devices, and then infiltrate the network.”

Specifically in healthcare, with the increased utilization of mobile devices, not sufficient attention has been paid to how to assess either a device is secure, but several industries are not making a more secure atmosphere. “If you have 100 connected devices, it is difficult to determine which one is the aim,” Ponemonll claims. While there are many tools and devices to make endpoint security improved, the truth is that various agencies sustain in a status quo setting and aren’t being proactive.”

Negligent workers and the devices they utilize in the workplace sustain to be the greatest source of endpoint risk, the Ponemon survey discovered. Some 81% of respondents claimed the greatest challenge is minimizing the issue of negligent or careless workers who don’t follow security policies. The risk caused by the increasing number of insecure mobile tools in the workplace increased to 50% from 33% in the year 2013, respondents claimed.

Further 60% of respondents stated that it has become harder to handle endpoint risk, and 80% of respondents consider their mobile endpoints have been the aim of malware over the last 12 months, up from 68% only 2 years ago. Laptops and smartphones pose the greatest endpoint risk, in accordance to 43% and 30% of respondents, respectively. Respondents assume that an average of one-third of all endpoints linked to their agency’s network is not protected

Ransomware has become a major issue because not merely can a healthcare agency or another company be hit once, but ransomware can make lateral movements in an agency—stamp it out in 1 part and it indicates up in another.

That is why endpoint security has become so significant, in accordance to Ponemon. Many agencies in healthcare and other parts have followed a Fort Knox strategy of constructing powerful perimeter defenses. But even the greatest firewalls cannot recognize every piece of malware, and the idea of information has changed, he further adds. “It is all over the place and unstructured, like email.”

Healthcare agencies haven’t been at the leading edge of network security, in part because they mostly do not have the resources or consider that criminals were aiming other sectors, like banking and finance, Ponemon states. But other sectors have complicated their network defenses, and healthcare’s security seems soft by comparison, specifically considering the rate of business associates included in care, which might not be as security-conscious as they should be.

Ponemon suggests taking a good glance at cloud computing vendors, as they have entered up with very secure atmospheres, making it possible for even the smallest contributors to have correct protection. Furthermore, recent steps to share threat information and integrate threat intelligence into security policies will make better the overall protection, he further adds. “Many contributors did not consider they had the right persons to assess the data, so they did not essentially make better the security.”