Hospital networks are complex. There’s no getting around it. With increased demand for digital files and excessive need for medicine that is accessible, it’s no surprise that hospital networks would grow into beasts that, often, seem hard to manage.
The same goes for hospital cybersecurity.
I like to simplify a hospital network with the following analogy. Think of your network like a gated community. You’ve got a fence around the perimeter—something that protects it from intruders. There’s a gatekeeper at the front gate only letting cars or people it trusts in. You have houses and other facilities within the community. Think of those as all the other hardware on the network—workstations and devices—critically needed to keep the hospital running.
But that fence—which I would say mirrors as your network’s firewall—might not be blocking all of your traffic.
First of all, if your firewall is not heuristically evaluating and alarming suspicious activity moving across the network, you’re likely not making sure that all of your PHI stays in and that bad guys in the forms of viruses and malware stay out. In fact, the majority of cyberattacks first hit networks that do not have adequate firewalls in place.
Assuming you already have a secure firewall that is able to detect suspicious activity in place, the next vulnerability that leads to major breaches across hospital systems is related to other holes in their networks. Over three quarters of hospitals that we’ve evaluated for ransomware preparedness actually have gaping holes that allow third party vendors complete access to the entirety of their network.
Through virtual private networks (VPNs), hospitals all over the country are connecting to much necessary 3rd party platforms—EHRs, PACs, billing, banking, etc.—and risking their own cybersecurity in the process.
What is a virtual private network?
A virtual private network (VPN) is essential a secure tunnel between two or more computers on the internet. In the case of your hospital, the tunnel connects a server on your network to a remote server or terminal at a vendor site.
VPNs are used to protect privacy and security of data going to and from a network to another secure network.
Open wireless or unsecured transfers of information could pose serious risks to your patient records because attacks may be sitting just outside of your firewall waiting for information to get transferred across.
By using a VPN connection, all of your traffic can be securely routed through a server located somewhere else. This protects the computer from local tracking and hacking attempts and hides your location. In essence, your information is able to travel securely from computer to computer without having to worry about someone intercepting it.
The problem with VPNs from a network security standpoint?
Most VPNs set up in hospitals bypass the hospital firewalls. That means that you need to put a lot of trust in your vendors—that they have all of their ducks in a row when it comes to their own cybersecurity—if you expect to keep your hospital safe.
If your vendors are accessing your network strictly through a VPN (that by-passes your firewall), you are putting your hospital at risk for catching a virus or malware that might infect your vendor’s networks.
For a minute, recall that AllScripts ransomware attack earlier this year? Some cybersecurity experts speculate that the AllScripts infection actually infected practitioner’s networks through unprotected VPN connections!
How can you protect your hospital from 3rd party vendors? Consider placing your firewall behind any connections to your network. Train that firewall to accept normal traffic from your vendors so that daily operations continue as normal. BUT, make sure it blocks anything suspicious to protect your network from ransomware or viruses if your vendor’s network ends up getting compromised.
Want a second pair of eyes to look at your network connections? Consider a ransomware vulnerability assessment to see where to shore up your cybersecurity.
