Privileged access management helps mitigate insider threats before they happen

March 2, 2022 |  Security, C-level

businessman hand working with modern technology digital tablet computer and graphics layer effect as business strategy concept

Although there is much to be optimistic about in 2022, the steep rise in healthcare security breaches remains unrelenting. In fact, insider threats increased by 47% in two years, and the bad news doesn’t stop there. Research shows that a whopping 80% of breaches involve privileged credentials. What are health systems to do? Fortunately, the news isn’t all bad.

Identity and Access Management has come a long way, and solutions offering Privileged Access Management (PAM) provide greater visibility and control over privileged credentials across the entire organization, including remote employees and contractors. With automatic features for detecting and securing privileged accounts, storing and rotating passwords, and recording sessions for auditing, organizations can limit their attack surface and minimize the risk of stolen or compromised credentials.

Is PAM Right for Your Organization?
Healthcare organizations are complex environments with a lot of moving parts, including new hires, temporary employees, contractors and vendors, and complicated industry regulations. Without a centrally managed PAM solution, it’s all too possible for something (or someone) to slip through the cracks causing a critical security breach. Can you answer “yes” to any of the below questions? If so, it may be a good idea for your organization to consider PAM.

1. Are passwords written down in unsecured locations?
2. Are passwords stored in Excel files?
3. Are server and service accounts rotated/changed on a periodic basis?
4. Are users (admins or vendors) logged into servers/systems with a server or service account?
5. Are remote contractors maintaining your equipment?
6. Do you struggle to quickly generate audit reports?
7. Do you rely too much on your Admin for reports?
8. Could some equipment still have factory default passwords?

Key Criteria for Healthcare
Security breaches are on the rise across nearly every industry, but healthcare is unique. As a critical industry, healthcare is more vulnerable to the risks associated with a breach including system downtime, compromised care, and sharp penalties. These unique challenges require healthcare-focused solutions and vendors who understand the industry and your specific environment. The most suitable PAM solutions for healthcare should:

  • Automatically detect privileged accounts for quick lock down and reduced risk.
  • Routinely randomize, manage, and vault passwords and other credentials.
  • Meet compliance requirements for regulations such as: HIPAA, HITRUST, SOX, PCI, GDPR, NIST and others.
  • Provide centralized visibility by isolating, monitoring, recording, and auditing privileged access sessions, commands, and actions (including keystroke logs).
  • Allow administrators to quickly access all privileged accounts, keeping audit logs and securing everything along the way.
  • Achieve fast ROI and reduced total cost of ownership with a quick deployment and easy management.
  • Include or integrate with multifactor authentication for a more secure, streamlined experience.

The Takeaway
Forward Advantage has been in the Identity and Access Management (IAM) space for 17 years. Our experience has shown that it’s not if a security breach happens – it’s when. Healthcare security is in a new era with insider threats quickly mounting. In response, Forward Advantage recently added Imprivata Privileged Access Management to its suite of solutions. Imprivata Privileged Access Management incorporates the principle of least privilege to minimize risks of data breaches from compromised privileged credentials, meets regulatory compliance requirements, and includes out-of-the-box integration with Imprivata Confirm ID for multifactor authentication. Built-in tools include:

  • Enterprise Password Vault for securely storing credentials (*May be purchased separately).
  • Job Engine for cycling passwords and detecting privileged accounts.
  • Session Manager for facilitating access to and from systems and records.
This post originally appeared on the Forward Advantage blog.

Learn more about MEDITECH's scalable, secure, cloud-native solutions that are built on Google Cloud.

Learn More About MEDITECH Cloud Platform

Written by Lee Howard, Vice President of Client Services, Forward Advantage

Lee Howard is Vice President of Client Services for Forward Advantage, Inc. and has over 21 years of experience in healthcare information technology. Lee oversees the smooth communication between the company and its customers and associates. His teams focus on providing solutions and services for the company’s information exchange and faxing solutions, as well as identity and access management solutions.