IDS, IPS or Both?

IDS, IPS or Both?

Like every industry, the tech industry has its share of acronyms.

Intrusion defense systems (IDS) and intrusion prevention systems (IPS) are particularly confusing. Their names would suggest they’re similar. When you shop for either an IDS or IPS, you’ll find the same list of vendors. And even though they start with a common base, the actions they perform in the network are considerably different.

An intrusion prevention systems (IPS) is a control device. It helps build the policy side of your security system. It sits between networks, and controls the traffic going through them. It makes the decisions on what traffic should be allowed to be passed through the system, and what traffic should not.

The main reason to have an IPS is to block known attacks that can travel through a network. Often, there is a window of opportunity between when a security breach is found to exist and installing a patch within the system. An IPS is an excellent way to block known attacks, especially those using standard design tools.

An intrusion defense systems (IDS) on the other hand is a visibility tool. It’s a window into the security platform of the network. It helps security analysts see things like:

  • Security policy violations
  • Viruses or trojan horses
  • Information leaks, such as spyware
  • Incorrect security settings
  • Misconfigured firewalls
  • Unauthorized clients and servers

Which should you buy?

As you move forward in internal security, detection is your first line of defense. Knowing you have a problem allows you take the necessary precautions to get it fixed. Therefore for most businesses, an IPS puts the control into your security policy and provides you with a line of defense.

With an IDS, it only brings you value if you have the time to look at what it’s telling you. With a small staff, an overstressed IT manager, or personnel that doesn’t have the time to reflect properly on the analysis presented, the data isn’t going to do you much good.

In these conditions, IPS before IDS may be your best course of action.

However, most vendors sell products that combine both IPS and IDS functions. As you are considering IPS, IDS or a combination of both, it’s important to remember your original goal and focus on your primary requirement.

What’s the best system for your security needs?

How To Maintain Security With Telemedicine Employees

How To Maintain Security With Telemedicine Employees

According to the US National Center for Health Statistics, the term “chronic disease” is defined as a disease lasting three months or more. In general, it cannot be prevented by a vaccine, nor cured by medication. It won’t just disappear. Therefore, the only way to live with it is to find ways to alleviate the suffering and make the condition not as severe.

IT security works in much the same manner. No silver bullet will eliminate the need for security altogether. To keep your data safe and secure, it requires ongoing treatment, testing, and re-evaluation, again and again. The goal will never be to remove the problem; instead, it’s about lessening the possibilities and lowering the risk.

In the healthcare industry, things change daily. While in-person patient care has always been the norm, advances in telemedicine are making patient care better and more accessible to all. It helps keep medical costs as low as possible, and can allow medical staff to go where their skills are truly needed the most.

But telemedicine comes with its own costs. Medical privacy and confidentiality issues extend to the telehealth industry. And under HIPAA, telemedicine clinicians have the same responsibility to protect medical records and keep information on treatment confidential. This extends to all files and processes used, including electronic files, images, video and audio recordings. They must be stored with the same guidelines as traditional paper documentation.

If you are incorporating telemedicine practices into your organization, at a minimum you should be:

Conducting annual HIPAA security risk analysis
Think of it as your own annual exam. Many changes take place each year, such as new system requirements, new system integration, IT infrastructure enhancements, organizational reconstruction, and employee turnover. And every time a change takes place, your data is at risk. Annual exams take a picture at a point in time to discover how well you’ve performed over the past year, and where improvements can be made in the coming year.

Encrypting all data on portable devices
Today, everyone has a variety of portable devices they use every day. Telemedicine practitioners will use their own devices. And if they leave them vulnerable and insecure, it puts your entire organization at risk. Over the last six years, loss or theft of unencrypted portable devices has made up over a third of all large breach incidents and put as much as 50 percent of all health data at risk. Requiring all devices that are used to access sensitive data is the first step in keeping data safe.

Running frequent assessments and testing
Hackers sole purpose is to break in, cause havoc, and get the information they are looking for. They don’t stop with one try; they work at it again and again. And because more of our data is being put online all the time, the level of intensity is only going to rise. If you’re not paying attention to the latest technology, the newest risks, and determining if your system has holes and weaknesses, you’re setting yourself up for disaster. Frequent assessment and testing is the only way to stay ahead of hazards.

Training your workforce on security awareness
Your employee base stretches beyond those that come to the office every day. Do you have a formal training program for those that work out of their homes? Those that telecommute? Those that see patients via audio and video resources? Engagement is needed at all levels in order to create a secure wall around all sensitive data. And it can come in many forms, from internal training, daily reminders, or visual cues.

Should You Be Worried About Ransomware

Should You Be Worried About Ransomware

It’s early. And with a busy day ahead, you decide to head into the office to get a few things done before patients fill your day. You sit down at your desk, boot up your computer. But instead of seeing the familiar screen that greets you each morning, you see a bright red image, blinking, threatening that if you don’t pay $300 to an unknown party in the next forty-eight hours, everything currently on your computer will be erased.

Is it real? Do you believe it?

Click around and you’ll discover your computer is no longer under your control. You can’t bypass the screen. You can’t access anything.

Welcome to the world of ransomware. 

Antivirus software and security professionals have been in business almost as long as computers themselves. As people began trusting software and the online world with their sensitive data, hackers looked for ways to exploit the data for their own benefits. But with security one step behind them, they constantly look for new ways to get what they want.

The result has been a slew of new viruses known as ransomware. The earliest known version of ransomware was CryptoLocker, which hit the scene around the end of 2013. In less than a week, users began reporting that an unknown virus locked down their hard drives and demanded a ransom in return for access to their files.

Unlike other viruses that insert backdoors or trojans in hopes of capturing sensitive data they can later use any way they choose, ransomware demands a reliable revenue stream from the beginning. Amounts demanded depend on the criminal ring, but typically range anywhere from $25 to $600. And because it accepts Bitcoin or funds sent through MoneyGram on untraceable prepaid cards, it’s remained a solid income source for the originators.

Ransomware works because of its speed. And of course, knowledge is power. So the sophistication of ransomware continues to grow.

If a ransomware attack hits your practice, you have three basic options:

  • If you perform frequent backups, restore your system with the latest one
  • If you have not performed a backup, pay the ransom
  • Put your system back to default and lose all your data

Which means the safest, more reliable way of countering any ransomware attack is to

Back. Up. Everything.

Ransomware exploits the human aversion to taking action. Hackers prey on people’s displeasure of doing more work than is absolutely necessary. They know a vast majority of the population does not create carbon copies of their photo albums, music files, sensitive data and other folders that hold the most important data needed in daily life. They hold them hostage and demand ransom because they know they will get it if it’s the only version you have in existence.

That’s why s cloud storage system or backup service is vitally important on both the personal and professional level. This will prevent you from becoming a victim of ransomware and keep you in control over your data at all times.

How would ransomware affect your data?

The #1 Problem With Connected Health Design

The #1 Problem With Connected Health Design

The more engaged a patient is with the process for monitoring health-related issues, the better their clinical outcomes.

Seems like a no-brainer idea. After all, if you truly want the best health possible, you’ll do whatever it takes to monitor, control and improve it.

But it’s not as simple as giving the patient more control. Provider engagement matters too.

Imagine a scenario like this.

A patient brings technology home. They download apps, connect wires, set up monitors, and push buttons, transmitting data back to the medical office on a regular basis. They get data every time they use it, seeing daily progression right before their eyes. And equally important, they learn as they go. They get real world feedback to help them stay on track. They ask questions. They receive answers. And gradually their health improves.

People want ease of use. They want “wear and forget” sensors that upload automatically. They want technology to do the work for them, not the other way around.

People also want to know that the medical community is using the data in a way that makes it worth the trouble for using it. If they have to repeat tests and measurements when they visit in person, if a doctor has to review data before questions can be asked, an individual will quickly determine that the added burden of technology isn’t worth it. And most often will quit using it altogether.

The Sentinel Effect is the tendency for human performance to improve when participants are aware that their behavior is being monitored and evaluated. And that is the key to improving both better health and better care.

We’ve done a great job with increasing wearable technology. Mobile makes everything easier. But where we lag is engagement. How many “great job” push notifications can you get on your mobile device before you turn the notification feature off?

Early adapters love technology; they’ll use it no matter what. That’s not the problem. It’s creating enough engagement to motivate the holdbacks, the people that don’t necessarily want to hear the reminders they are overweight, have high blood pressure, or need to check their blood sugar level. And to do so in a way that motivates them to action.

The engagement challenge is where future development lies.

The most widely used apps today are socially engaging. It’s hard to ignore Instagram or Twitter. They harness a person’s need to share, feel like they are a part of a community. And that’s what gives them their power. That’s also why engagement is more difficult in things that are more personal in nature.

When apps can reach the personal side of human nature, provide enough technology and combine it with motivating feedback directly from the places that can help them the most – medical facilities, doctors offices, etc – that’s when technology will truly be able to improve our lives tenfold.

Are you up for the challenge? How are you integrating technology into your practice?