Cisco Blogs


Cisco Blog > Healthcare

At the Security Cross Roads of Health Care Reforms and IoE – 6 Health Care IT Transitions

April 27, 2014 at 8:28 pm PST

The saying ‘Tell me how you will measure me and I will tell you how I will behave’ could have been the perfect tag line for the US Health Care Reforms. When we look at how Health Care Information technology is getting used to enable reforms, we see that most of the technologies existed prior to the reforms, but there wasn’t a compelling reason to adopt it. Once the measurement criteria, the carrots and the sticks were defined, the behaviors changed, and to achieve the metrics, the technology adoption picked up. As an example, according to CDC’s report, the adoption of office based physicians with EHR systems has increased to 78.4% in 2013 from 17.3% in 2003.

EMR-Adoption

Percentage of office based physicians with EHR systems in US

Maybe a coincidence, but the Health Care reforms and Health Care Internet of Everything (IoE) are very much intertwined. The Health Care reforms focus on the ‘why’ and ‘what’ changes are needed to enable outcomes and define how performance is measured.  The Health Care Internet of Everything focuses on how technology can be leveraged to enable the goals of Health Care Reforms. By connecting the unconnected, IoE brings more information from multiple sources (things and people) to create an enhanced evidence based model to enable better outcomes.

From an IT perspective, Health Care Reforms requires breaking boundaries, opening up the access, enabling choices, improving data collection from multiple critical sources, and enabling information sharing. It is definitely a challenge to achieve these needs using the traditional approaches in Health Care.  Hence Health Care approaches have evolved to leverage Health care IT as a change agent, thereby resulting in many new Health Care IT transitions.

Let us explore six key Health Care IT transitions that have significant security implications.

Healthcare-IT-Transition-part-1 Read More »

Tags: , , , , ,

Mobile Security: Actions Speak Louder than Words

Mobile security is a top concern for IT and business leaders. This guest authored blog series with Dimension Data explores how organizational leaders can work together to mitigate concern and implement clearly defined policies to achieve mobility goals. We are pleased to introduce our guest author Darryl Wilson, Director, Enterprise Mobility for Dimension Data Americas, as the first in this series – Darryl will address how a balanced approach to security can yield better business results. 

didata

 

 

dwilson

By Guest Contributor Darryl Wilson

Director, Enterprise Mobility for Dimension Data Americas

Darryl Wilson has more than 15 years of experience overseeing large scale network communications projects both from a technical delivery and pre-sales perspective. Wilson’s areas of expertise include unified communications, network performance, troubleshooting and optimization.

 

The evolution to a mobile-centric workforce has been relatively short, thanks to an explosion of innovation and emerging mobile and cloud technologies. Just a few years ago, BYOD was a hot topic of conversation and mobile device management (MDM) solutions offered a simple way to secure an influx of devices and users.

However, today we are seeing that the tactical implementation of MDM solutions is not enough to control a multi-device, multi-vendor, and multi-OS mobility landscape. In fact, most of the companies I work with are using solutions that have not been optimized or customized for today’s ever-changing mobile world. In addition, security concerns have left many organizations feeling like they need to choose between control and truly reaping the business value mobility offers.

Cisco_DimensionData#1_4.9.14

For example, in a recent Dimension Data Secure Mobility Survey Report, 79% say mobility is a top priority for their organization. However, the report indicates that a much smaller segment of those IT leaders’ actions back it up. Seventy-seven percent of those surveyed believe data is the greatest concern pertaining to mobility, yet only 55% have a mobility roadmap in place. If securing company data and successfully implementing a mobile policy is of such importance, why aren’t more IT leaders taking strategic action?

Read More »

Tags: , , , , , ,

Summary: IoT Holds Great Promise – But Ensuring Its Security Takes Strong Leadership and Teamwork!

April 18, 2014 at 7:20 am PST

Despite the many benefits of IoT, the billions of connected sensors, devices, and other smart objects it comprises will also dramatically increase the diversity of threats we will face. As a result, ensuring that we can reap the overwhelming benefits of IoT without undermining security will take strong leadership and a great deal of teamwork throughout the industry. That’s why I’m proud that Chris Young, Senior Vice President, Cisco Security Group, recently made the list as one of the top 100 thought leaders for IoT!

Read the full blog post to learn more.

Tags: , , , , , , , , ,

Bring Your Own Service: Why It Needs to be on InfoSec’s Radar

Security concerns around cloud adoption can keep many IT and business leaders up at night. This blog series examines how organizations can take control of their cloud strategies. The first blog of this series discussing the role of data security in the cloud can be found here. The second blog of this series highlighting drivers for managed security and what to look for in a cloud provider can be found here.

In today’s workplace, employees are encouraged to find the most agile ways to accomplish business: this extends beyond using their own devices to work on from anywhere, anytime and at any place to now choosing which cloud services to use.

Why Bring Your Own Service Needs to be on Infosec's Radar

Why Bring Your Own Service Needs to be on Infosec’s Radar

In many instances, most of this happens with little IT engagement. In fact, according to a 2013 Fortinet Survey, Generation Y users are increasingly willing to skirt such policies to use their own devices and cloud services. Couple this user behavior with estimates from Cisco’s Global Cloud Index that by the year 2017, over two thirds of all data center traffic will be based in the cloud proves that cloud computing is undeniable and unstoppable.

With this information in mind, how should IT and InfoSec teams manage their company’s data when hundreds of instances of new cloud deployments happen each month without their knowledge?

Additionally, what provisions need to be in place to limit risks from data being stored, processed and managed by third parties?

Here are a few considerations for IT and InfoSec teams as they try to secure our world of many clouds:

Read More »

Tags: , , , , , , , , , , , , , ,

Drivers for Managed Security and what to look for in a Cloud Provider [Summary]

The first blog of this series discussing the role of data security in the cloud can be found here.

In 2014 and onward, security professionals can expect to see entire corporate perimeters extended to the cloud, making it essential to choose a service provider that can deliver the security that your business needs.

While organizations can let business needs trade down security we’ve begun to see how a recent slew of data breaches are encouraging greater vigilance around security concerns. For example, a recent CloudTweaks article highlights the need for organizations to be confident in their choice of cloud providers and their control over data. IT leaders have the power to control where sensitive information is stored. They also have the power to choose how, where and by whom information can be accessed.

An important driver in mitigating risk and increasing security is to ask the right questions.

An important driver in mitigating risk and increasing security is to ask the right questions.

Institute Control By Asking the Right Questions

However, adding to fears about ceding the control of data to the cloud is lack of transparency and accountability about how cloud hosting partner/ providers secure data and ensure a secure and compliant infrastructure.  Cloud consuming organizations often don’t ask enough questions about what is contained in their  service-level agreements, and about the process for updating security software and patching both network and API vulnerabilities.

Organizations need reassurance that a cloud provider has a robust set of policies, process and than is using automated as well as the latest technologies to detect, thwart and mitigate attacks, while in progress as well as be prepared to mitigate after an attack.

An important driver in mitigating risk and increasing security is to ask the right questions. When evaluating cloud service providers, IT leaders need to ask:  Read the full blog here.

Tags: , , , , , , , , , , , , , , ,