Costs Of Compromised Credentials Rising

Healthcare organizations face unique network access challenges. While some industries only need to control access by professional employees and partners, healthcare organizations are increasingly opening up data to consumers, and the number of consumer access points are multiplying. While other industries face similar problems – banking seems particularly relevant – I don’t know of any other industry that depends on such a sophisticated data exchange with consumers to achieve critical results. Given the industry’s security issues, I found the following article to be quite interesting. While it doesn’t address healthcare concerns directly, I think it’s relevant nonetheless. The article, written by InfoArmor CTO Christian Lees, contends that next-generation credentials are “edging toward a precarious place.” He argues that because IT workers are under great pressure to produce, they’re rushing the credentialing process. And that has led to a lack of attention to detail, he says: “Employees, contractors and even vendors are rapidly credentialed with little attention given to security rules such as limiting access per job roles, enforcing secure passwords, and immediately revoking credentials after an employee moves on…[and as a result], criminals get to choose from a smorgasbord of credentialed identities with which to phish employees and even top executives.” Meanwhile, if auto-generated passwords are short and ineffective, or so long that users mus...
Source: EMR and HIPAA - Category: Information Technology Authors: Tags: Biometrics Electronic Health Record Electronic Medical Record EMR EMR Security Healthcare HealthCare IT HIPAA General Christian Lees Credentials Management Health Data Security InfoArmor Security Management Source Type: blogs