SlideShare ist ein Scribd-Unternehmen logo

New Approach to Healthcare Security with VMware NSX

Angel Villar Garea
Angel Villar Garea

GET THE ORIGINAL: https://www.vmware.com/files/pdf/solutions/vmware-best-practices-healthcare-it-security-whitepaper.pdf

Technologie
1 von 13
Downloaden Sie, um offline zu lesen
A New Approach to Healthcare Security Defense in depth strategy powered by VMware NSX safeguards healthcare infrastructure, applications, and devices W H I T E P A P E R
A New Approach to Healthcare Security W H I T E P A P E R / 2 Table of Contents Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Key Insights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Healthcare organizations are targets of security breaches. . . . . . . . . . . . . . . . . . . . . . . . 3 Healthcare organizations must advance security postures beyond regulation. . . . . . . 4 Leading HIT teams are adopting software-defined solutions and a layered approach to security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Six critical capabilities comprise best practices security frameworks. . . . . . . . . . . . . . . 6 1. Distributed firewalls. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2. Proactive, real-time compliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 3. Virtual desktops and mobile device management. . . . . . . . . . . . . . . . . . . . . . . . . . . 8 4. Automated security and operations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 5. Network efficiency and asset utilization. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 6. Management of multiple-location enterprise. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Defense in depth strategy safeguards HIT infrastructure, applications, and devices. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Learn More. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
W H I T E P A P E R / 3 A New Approach to Healthcare Security Overview Electronic patient care and health insurance systems contain millions of valuable records, making them an attractive target for intruders seeking to mine sensitive information. The FBI estimates that each health record is worth $50. Some sources quote even more, upwards of $200. More than 80 percent of healthcare Chief Information Officers (CIOs), Chief Technology Officers (CTOs), and other security leaders polled by KPMG say their organizations have been victimized by at least one cyber attack in the past two years—and many still feel like sitting ducks. The reality for most healthcare CIOs and Chief Information Security Officers (CISOs) is this: today, it is not a question of if, but rather when, their systems will be attacked. Advanced intrusion continues to succeed because healthcare IT organizations are meeting mandated requirements—from HIPAA to HITECH*—without taking a defense in depth approach to safeguarding data. They have invested heavily in data center perimeter security but find their solutions falling short when they are asked to address critical business questions such as the following: • How can we improve our security to effort ratio? • Is security at the perimeter enough to protect our business from data breaches? • How can we secure network traffic inside the data center? • How can we quarantine attacks and limit damage to the rest of network—without incurring huge hardware and firewall costs or an outage? This paper addresses these questions and more about how healthcare organizations handle breaches, including phishing and malware which operate unfettered internally. It also describes how VMware solutions mitigate risks by delivering the comprehensive protections from breaches that today’s security-conscious healthcare organizations require. Key Insights • Healthcare organizations are targets of large-scale security breaches. • Healthcare organizations must advance security postures beyond compliance with regulations—e.g., HIPAA and HITECH. • Leading HIT teams are adopting software-defined solutions and a layered approach to security that delivers not only protections but also strategic business advantages. • Six critical capabilities comprise best practices security frameworks and deliver significant ROI. • Defense in depth strategy powered by VMware NSX safeguards HIT infrastructure, applications, and devices. Healthcare organizations are targets of large-scale security breaches. Digital attacks have become so broad and sophisticated that the Ponemon Institute coined “2014: A Year of Mega Breaches,” and predicted 2015 to be as bad or worse as more sensitive and confidential information and transactions will be moved to the digital space and become vulnerable to attack.1 The healthcare industry is a prime target: • In the U.S. alone, 100 million healthcare records were compromised in Q1 2015.2 • The Identity Theft Resource Center tagged healthcare as the source of 33 percent of all listed incidents nationwide. • A full 84 percent of healthcare organizations have been breached in last two years. • A class-action lawsuit is typically filed only one week after a breach is reported. * Health Insurance Portability and Accountability Act (HIPAA) of 1996 and the 2009 Health Information Technology for Economic and Clinical Health (HITECH) Act enacted as part of the American Recovery and Reinvestment Act of 2009. 1. Ponemon Institute. “2014: A Year of Mega Breaches,” January 28, 2015. 2. U.S. Department of Health and Human Services. 2015
W H I T E P A P E R / 4 A New Approach to Healthcare Security “Absolute security will never be a guarantee. Cyber attacks should be considered a constant threat and we need better tools and technologies to mitigate the risk and combat the attacks,”3 according to Sutter Health CIO John Manis in a recent Scottsdale Institute CIO Summit report. While 81 percent of those surveyed by KPMG have been recently compromised by malware, botnets, or other cyber-attacks, only 53 percent of providers and 66 percent of payers say they feel adequately prepared for a cyber attack.4 Other breaches also concern enterprise leaders, according to the Fifth Annual Benchmark Study on Privacy & Security of Healthcare Data, research independently conducted by Ponemon Institute LLC in May 2015. (Figure 1) Figure 1. Most Concerning Breaches Employee negligence, use of public cloud services, malicious insiders, and process failures can be mitigated with strong, auditable user-access controls and micro-segmentation while cyber attackers and identity thieves can be thwarted with strong encryption tied to boundary controls. By using data sovereignty to ensure restricted or regulated data, certain physical areas are protected regardless of who is requesting the data. Healthcare organizations must advance security postures beyond regulation compliance. Healthcare organizations working to meet more stringent government and industry requirements cannot predict the levels to which cyber criminals will go to breach their systems. VMware and its partners provide proven virtualization solutions that help healthcare organizations address the confidentiality, integrity, and availability requirements in HIPAA and HITECH around personally identifiable information. Beyond compliance, VMware and partners also provide solutions to protect healthcare organizations against today’s targeted security threats. 3. HealthIT Security. “Why Healthcare Security Must Be Top Priority for CIOs,” November 24, 2014. 4. Healthcare IT News. “4 in 5 health orgs hit by cyber crooks.” August 27, 2015.
W H I T E P A P E R / 5 A New Approach to Healthcare Security VMware solutions support a defense in depth strategy to combat intrusions. An information assurance concept where multiple layers of security controls are incorporated throughout the IT system, a defense in depth approach helps organizations provide redundancies to prevent vulnerabilities in case one or more controls fail. Most HIT teams have not integrated a full complement of layered protections for their healthcare infrastructure, applications, and mobile devices, which includes: Platform security Distributed firewalls, platform hardening, secure lifecycle development Secure operations and automation Enterprise policy controls for security, compliance, configurations, and deployment Virtualization Interoperable advanced networking and security services Compliance guidance Frameworks, validated reference architectures Leading HIT teams are adopting software-defined solutions and a layered approach to security that delivers not only protections but also strategic business advantages. New models of patient care require that systems are highly reliable and that data can be accessed by patients, caregivers, and payers anytime, anywhere. A software-defined strategy coupled with a defense in depth approach is one in which all infrastructure is virtualized and delivered as a service, and where protections are ensured at many layers by interoperable security and compliance frameworks. (Figure 1). When HIT organizations embrace this software-defined approach as the foundation for their IT infrastructure and applications, they can more quickly respond to new demands and their systems become more intelligent, automated, mobile, and secure. In a software-defined environment with multiple layers of security and compliance, all elements of the infrastructure—compute, network, storage, and security—are virtualized to enable applications to leverage a fully virtualized platform that is completely abstracted from the hardware layer. The environment is safeguarded with protections for infrastructure, applications, and end-point devices. Because environments become more application and service focused, HIT organizations not only improve security and data protection, they increase IT efficiency, agility, flexibility, and control. Figure 1: VMare provides an interoperable, multifaceted approach to meet security requirements.
W H I T E P A P E R / 6 A New Approach to Healthcare Security Six critical capabilities comprise best practices security frameworks and deliver significant ROI. VMware and VMware partner solutions incorporate the six critical capabilities that healthcare organizations need to safeguard their HIT environments. With VMware NSX®, healthcare organizations can define groups (e.g., app) based on things such as OS, workload type (web, app, database) and more. VMware NSX also acts as a platform to deliver best-possible security services, both natively and through more than 30 technology partners. A best practices approach may begin with a passive listener mode to monitor critical activity and determine the status of intra-virtual machine traffic. (Figure 2) Figure 2: Best-practice, defense in depth security framework enables HIT organizations to remain vigilant by providing proactive protections to address multifaceted challenges 1. Distributed firewalls The security model that most healthcare organizations use today relies heavily on the border where the network meets the Internet. There are established demilitarized zones with edge firewalls and inspection for systems accessed from outside. Although edge firewall measures protect the systems and can prevent system-level attacks, recent attacks have evolved beyond this method’s ability to protect care environments from other methods of breach. Inside the environment is generally considered safe—and most internal systems can talk to just about any other internal system—workstations included, however, this internal openness is now being exploited. Distributed firewalls are a new approach that brings strength to data center security by tying flexible security policies to individual workloads or workload groups. If a threat gets inside the network, VMware NSX contains and blocks the threat’s lateral movement to other servers. This dramatically reduces the attack surface and risk to the business. HIT teams are using distributed firewalls (also known as micro-segmentation) to solve a significant problem that was operationally infeasible with traditional firewalls, and have reported doing so at approximately one-third the cost. Some examples of workload segmentation include distributed firewall for regulated workloads such as PHI and PCI; managing virtual desktops in groups (e.g., external coders); finance, back-office, clinical or external organizations such as affiliates or recently acquired organizations.
W H I T E P A P E R / 7 A New Approach to Healthcare Security Dynamic and distributed policy enforcement at the virtual-machine level dramatically enhances network security. For healthcare organizations that equates to tighter linkages with third-party solutions that mitigate issues such as misconfigured firewall rules. For example, HIT teams can more effectively monitor ports or establish route-specific traffic to an external solution such as Palo Alto Networks for intelligent inspection. With distributed firewalls, healthcare organizations can speed processes when challenged to react to a problem and remediate it quickly, then audit the results to validate protected workloads are in compliance. Distributed firewalls increase consistency with streamlined operations and auto-deployment. Because security policies are applied to individual workloads, and travel with the workload as it moves around in the data center, portable policy administration is ensured. Moreover, a distributed firewall can improve performance, simplify operations, and create transparency. Distributed firewalls help to avoid or minimize the costs of a data breach, including engaging forensic experts, in-house investigations, loss of customers from turnover or diminished acquisition rates, providing free credit or identity monitoring subscriptions, customer communications and outsourcing hotline support, and many other costs that can range from several million to more than one hundred million dollars for a single data breach incident. Traditionally, deploying firewalls to control an increasing volume of East-West traffic inside the data center has been cost prohibitive for many enterprises. Additionally, the sheer number of devices needed and the effort required to setup and manage a complex matrix of firewall rules has made this approach operationally infeasible. In addition to making micro-segmentation simpler and more secure, VMware NSX delivers significant CapEx and OpEx reductions for this specific use case. Looking at the capital expense alone, VMware NSX enables enterprises to save upwards of 70 percent over purchasing physical firewalls for micro-segmentation. Following is an analysis of the CapEx savings for a typical enterprise that wants to use micro-segmentation for improved control of server-to-server traffic inside the data center. (Table 1) Table 1: Distributed Firewall CapEx Savings * Network Virtualization and Security with VMware NSX.” 2015.
W H I T E P A P E R / 8 A New Approach to Healthcare Security 2. Proactive, real-time compliance Many HIT teams spend time developing manual reports just for audit purposes. However, it is much more effective to rely on built-in, real-time audit capabilities to provide proactive rather than reactive compliance. Organizations using real-time compliance solutions can continuously monitor their infrastructure, looking for and receiving alerts to any changes. As a result, they can proactively address issues and security gaps as they happen which helps better protect the integrity of HIT resources while keeping the organization in compliance. HIT teams can also provide the critical reports required to meet internal and external audits and quickly remediate compliance issues. VMware and VMware partners including HyTrust provide solutions that support regulatory requirements and workflows. A real-time, automated compliance checking solution, such as VMware vRealize® Air™ Compliance, automates the detection of non-compliant infrastructure against industry best practices and hardening guidelines—without manual effort or custom scripting. 3. Virtual desktops and mobile device management Using virtual desktop infrastructure (VDI), HIT teams can segment vulnerable desktops from the rest of the data center and mission-critical server workloads. By integrating third-party solutions, such as Imprivata’s Single Sign-On and Tap In/Tap Out, healthcare workflows are even easier to support and optimize. Firewalls can be assigned based on logical groupings while distributed firewalls provide isolation and segmentation of specific workloads (see description of distributed firewalls). In addition, VDI helps secure protected health information (PHI) from becoming lost or stolen when a device is compromised by ensuring data remains in the data center. This is especially important for organizations with caregivers working at patient bedsides, in remote clinics, or even from home or while mobile. With an enterprise mobility management platform, HIT teams have the flexibility to support the unified management of endpoints, end-to-end security from devices to the data center, and seamless integration across enterprise systems. A single platform can provide HIT teams with powerful automation engines so team members can easily manage a growing number of workstations, PCs, tablets, and mobile devices. Through containerization and context-aware VMware NSX policies, HIT teams can protect sensitive corporate data at the user, application, device, and network levels. Moreover, HIT teams can manage anti-virus and anti-malware policies for virtualized environments using the same management interfaces they use to secure physical infrastructure. Healthcare organizations gain stronger virtualization security with enhanced end-point protection by offloading anti-virus processing to a secure virtual appliance. 4. Automated security and operations Automation is critical to a successful security and cloud strategy. Healthcare organizations can proactively monitor, alert, troubleshoot, and resolve performance and operational issues before they affect end users by integrating application and infrastructure performance data for greater visibility into healthcare IT systems. Predictive analytics, powerful visualization, and progressive integration capabilities across physical, virtual, and cloud infrastructures increase the likelihood of finding and resolving issues quickly. Additionally, HIT teams can develop security policies and blueprints to ensure deployed regulated workloads are always in compliance. Within a single portal, virtual network rules can be created, managed, and automated, and HIT teams can enable self-service with confidence. Troubleshooting and forensics tools aid in management, supporting the virtual network. Enterprises are using VMware NSX to realize significant operational cost reductions because it dramatically reduces the manual effort and cycle time for networking tasks, including provisioning, change/adaptation, scaling, and troubleshooting/remediation. (Cycle time accounts for delays due to requests, approvals, coordination, handoffs, logistics, downtime windows, etc.)
W H I T E P A P E R / 9 A New Approach to Healthcare Security As the following OpEx analysis shows, VMware NSX dramatically speeds the initial provisioning of a network into production. With traditional hardware, the associated cycle time to provision a network for a new application forces enterprises to wait 23 days. VMware NSX reduces that to minutes – nearly a 100 percent reduction and massive time-to-market win. Likewise, provisioning a network for a new application takes 14 person hours or close to two days of person effort. VMware NSX reduces that to less than 2 person hours—a substantial 87 percent reduction. (Table 2) Table 2: IT Automation OpEx Reduction 5. Network efficiency and asset utilization Cost and utilization pressures are heating up as healthcare reform funding and reimbursements evolve. HIT teams are becoming frustrated with hardware churn for networking assets because of time and cost replacement demands. When healthcare organizations apply network virtualization, they gain greater flexibility in the hardware layer because features and controls are applied in software. With network virtualization, internal data center traffic is managed between the virtual machines rather than to the physical network and back to servers. By freeing up internal data center traffic, HIT teams can improve the performance of both the network and servers while reducing operational effort. Specifically, VMware NSX provides the operational model of a VM for networks. HIT teams use VMware NSX to streamline provisioning of network services from weeks to seconds. This removes the manual effort and cycle times associated with procuring, installing, and configuring traditional network hardware. The solution’s powerful orchestration capabilities programmatically distribute network services in lock step with virtual machines. Healthcare organizations use VMware NSX to standardize and maintain pre-defined templates that consist of the network topologies and services. The solution’s automation capabilities reduce operational expense, accelerate time-to-market, and speed IT service delivery. NSX also streamlines operations by consolidating configuration state and instrumentation data for all network connections. Administrators have complete operational visibility into what’s occurring across the entire network infrastructure. This simplifies traffic management, monitoring, troubleshooting, and remediation.
W H I T E P A P E R / 1 0 A New Approach to Healthcare Security Enterprises are using VMware NSX to access islands of unused compute capacity inside the data center. In traditional topologies each network cluster has its own compute capacity. IT often over provisions compute because the network re-configuration required to reach available capacity in another cluster takes too long and is prone to error. By many measures, 60 percent or more of a network’s total compute capacity remains dormant, which is a waste of resources. HIT teams are using VMware NSX to bridge two or more network clusters and deploy workloads to this unused capacity. As a result, they are saving upwards of 88 percent by using existing server capacity rather than purchasing new physical servers. The following CapEx analysis shows how much enterprise save in annual server expenses by leveraging VMware NSX to use more of its existing compute capacity. (Table 3) Table 3: Server Asset Utilization CapEx Saving
W H I T E P A P E R / 1 1 A New Approach to Healthcare Security 6. Management of multiple-location enterprises Leveraging network virtualization provides freedom for IP address management through encapsulation. This is particularly relevant for healthcare organizations involved in merger, acquisition, and affiliation activities. The implementation of a merged network may be a major critical path item in the consolidation plan yet risks may exist which could be easily mitigated with segmentation. As acquiring organizations seeks to drive efficiencies and expand business models, they can uncover unknown risks that may exist in their acquired organizations’ IT systems. More effective network security can help ensure a successful business relationship from the start. Moreover, HIT teams are leveraging VMware NSX as a complement to their existing disaster recovery (DR) solutions. The solution is helping them to reduce their recovery time objective (RTO) by upwards of 80 percent, considerably minimizing downtime and cost to the business. HIT teams use VMware NSX to replicate the entire network and its security environment. They periodically snapshot the network construct, along with its applications and services, and maintain it at a recover site. IT does not need to change IP addresses because the virtual network construct is decoupled from the underlying hardware and topology. The disaster recovery site is identical to the primary site, with no tradeoffs in functionality or performance. The copy sits at the recovery site in standby mode for push-button activation in the event of a disaster. Any changes made to the source network are automatically replicated to the copy at the recovery site. Defense in depth strategy powered by VMware NSX safeguards HIT infrastructure, applications, and devices. Now is the time for healthcare organizations to adopt a new model for data center security; one that’s defined in software, with native and third-party security controls that allow HIT teams to protect workloads at the virtual level, across private and hybrid cloud infrastructures. VMware vCloud for Healthcare features comprehensive mobility, private cloud, and public cloud services that advance a defense in depth approach by helping HIT teams improve delivery outcomes and address the compounding cost, quality, and delivery challenges of patient care while safeguarding information and systems. (Figure 3) The vCloud for Healthcare portfolio of solutions includes the following key capabilities: • Mobility services – VDI, cloud workspaces, and enterprise mobility management • Private cloud services – Security and compliance, systems analytics, IT financial management, automation, and business continuity • Public cloud services – Hybrid cloud deployment Figure 3: A comprehensive approach to security and compliance
W H I T E P A P E R / 1 2 A New Approach to Healthcare Security With VMware security and real-time monitoring solutions, healthcare organizations achieve business and IT benefits: • Network security inside the data center – HIT teams can create fully isolated and protected parallel virtual networks on top of existing physical networks. • Automated deployments and data center agility – HIT teams can implement powerful security policies that mirror business logic and workflows. • Integration with leading networking and security infrastructure – HIT teams can continue to use existing security products within a new advanced platform—without the need for extra investment. vCloud for Healthcare has been integrated with and tested by leading healthcare ISVs to ensure it meets healthcare organizations’ security and compliance needs. Learn More Threats to healthcare IT show no signs of dissipating. Most CIOs and CISOs are choosing to deploy a multifaceted, defense in depth approach to security because it provides their healthcare organizations with best-practices security frameworks. HIT teams are using these frameworks to mitigate and anticipate risks. They are also integrating frameworks with layered security to increase system uptime and accessibility while improving IT flexibility and agility as they respond to issues. While the goal of every healthcare organization is to develop a strategy and deploy proven solutions that evolve with increasing threats, only a few technology companies provide comprehensive security and compliance support. VMware and VMware partners deliver the platform security, secure operations, security virtualization, and compliance guidance healthcare HIT teams require, where and when they need protection most. To learn more about vCloud for Healthcare and how VMware solutions safeguard healthcare infrastructure, applications, and mobile devices, visit http://www.vmware.com/industry/healthcare/overview. Existing VMware customers may also explore the benefits of vRealize Air Compliance as a service and VMware compliance checkers at http://vrealizeair.vmware.com/compliance or by contacting their account teams for more information.
VMware, Inc. 3401 Hillview Avenue Palo Alto CA 94304 USA Tel 877-486-9273 Fax 650-427-5001 www.vmware.com Copyright © 2015 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or more patents listed at http://www.vmware.com/go/patents. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies. Item No: VMW8856-WP-NEW-APPROACH-HEALTHCARE-SECURITY-USLET-103 11/15

Empfohlen

vmware-best-practices-healthcare-it-security-whitepaper
vmware-best-practices-healthcare-it-security-whitepapervmware-best-practices-healthcare-it-security-whitepaper
vmware-best-practices-healthcare-it-security-whitepaperTony Amaddio
 
rp-esg-tackling-attack-detection-incident-response
rp-esg-tackling-attack-detection-incident-responserp-esg-tackling-attack-detection-incident-response
rp-esg-tackling-attack-detection-incident-responseMaciej Buczkowski
 
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013drewz lin
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trendsChristopher Bennett
 
Enterprise Strategy Group: The Big Data Security Analytics Era is Here
Enterprise Strategy Group: The Big Data Security Analytics Era is HereEnterprise Strategy Group: The Big Data Security Analytics Era is Here
Enterprise Strategy Group: The Big Data Security Analytics Era is HereEMC
 
Risk assessment report
Risk assessment reportRisk assessment report
Risk assessment reportEugene Mukuka, BSc. MBA, MSc
 
Industry Overview: Big Data Fuels Intelligence-Driven Security
Industry Overview: Big Data Fuels Intelligence-Driven SecurityIndustry Overview: Big Data Fuels Intelligence-Driven Security
Industry Overview: Big Data Fuels Intelligence-Driven SecurityEMC
 
Risk Management
Risk ManagementRisk Management
Risk Managementijtsrd
 

Empfohlen

vmware-best-practices-healthcare-it-security-whitepaper
vmware-best-practices-healthcare-it-security-whitepapervmware-best-practices-healthcare-it-security-whitepaper
vmware-best-practices-healthcare-it-security-whitepaperTony Amaddio
 
rp-esg-tackling-attack-detection-incident-response
rp-esg-tackling-attack-detection-incident-responserp-esg-tackling-attack-detection-incident-response
rp-esg-tackling-attack-detection-incident-responseMaciej Buczkowski
 
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013drewz lin
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trendsChristopher Bennett
 
Enterprise Strategy Group: The Big Data Security Analytics Era is Here
Enterprise Strategy Group: The Big Data Security Analytics Era is HereEnterprise Strategy Group: The Big Data Security Analytics Era is Here
Enterprise Strategy Group: The Big Data Security Analytics Era is HereEMC
 
Risk assessment report
Risk assessment reportRisk assessment report
Risk assessment reportEugene Mukuka, BSc. MBA, MSc
 
Industry Overview: Big Data Fuels Intelligence-Driven Security
Industry Overview: Big Data Fuels Intelligence-Driven SecurityIndustry Overview: Big Data Fuels Intelligence-Driven Security
Industry Overview: Big Data Fuels Intelligence-Driven SecurityEMC
 
Risk Management
Risk ManagementRisk Management
Risk Managementijtsrd
 
Fdic ffiec cyber_security_assessments
Fdic ffiec cyber_security_assessmentsFdic ffiec cyber_security_assessments
Fdic ffiec cyber_security_assessmentsKen M. Shaurette
 
The Business Case for Data Security
The Business Case for Data SecurityThe Business Case for Data Security
The Business Case for Data SecurityImperva
 
The Security and Compliance Plan for Maxistar Medical Supplies Company
The Security and Compliance Plan for Maxistar Medical Supplies Company The Security and Compliance Plan for Maxistar Medical Supplies Company
The Security and Compliance Plan for Maxistar Medical Supplies Company Abdulrahman Alamri
 
IT Security and Compliance Program Plan for Maxistar Medical Supplies Company
IT Security and Compliance Program Plan for Maxistar Medical Supplies CompanyIT Security and Compliance Program Plan for Maxistar Medical Supplies Company
IT Security and Compliance Program Plan for Maxistar Medical Supplies CompanyJames Konderla
 
Prevention is futile in 2020 - Gartner Report in Retrospect
Prevention is futile in 2020 - Gartner Report in RetrospectPrevention is futile in 2020 - Gartner Report in Retrospect
Prevention is futile in 2020 - Gartner Report in RetrospectJermund Ottermo
 
Cisco Yıllık Güvenlik Raporu 2015
Cisco Yıllık Güvenlik Raporu 2015Cisco Yıllık Güvenlik Raporu 2015
Cisco Yıllık Güvenlik Raporu 2015Marketing Türkiye
 
State of Security Operations 2016 report of capabilities and maturity of cybe...
State of Security Operations 2016 report of capabilities and maturity of cybe...State of Security Operations 2016 report of capabilities and maturity of cybe...
State of Security Operations 2016 report of capabilities and maturity of cybe...at MicroFocus Italy ❖✔
 
What is Enterprise Security Architecture (ESA)?
What is Enterprise Security Architecture (ESA)?What is Enterprise Security Architecture (ESA)?
What is Enterprise Security Architecture (ESA)?John Gardner, CMC
 
It risk assessment
It risk assessmentIt risk assessment
It risk assessmentHappiest Minds Technologies
 
Content Aware SIEM™ defined
Content Aware SIEM™ definedContent Aware SIEM™ defined
Content Aware SIEM™ definedEnterprise Technology Management (ETM)
 
Take back your security infrastructure
Take back your security infrastructureTake back your security infrastructure
Take back your security infrastructureAnton Chuvakin
 
Ieee itmsb20
Ieee itmsb20Ieee itmsb20
Ieee itmsb20Juan Carlos Olivares Rojas
 
Ema report -_ibm_security_q_radar_incident_forensics_vs_other_industry_tools
Ema report -_ibm_security_q_radar_incident_forensics_vs_other_industry_toolsEma report -_ibm_security_q_radar_incident_forensics_vs_other_industry_tools
Ema report -_ibm_security_q_radar_incident_forensics_vs_other_industry_toolsAnjoum .
 
Microsoft Word Morningstar Rfp Security Assessment 2008 V2 1
Microsoft Word Morningstar Rfp Security Assessment 2008 V2 1Microsoft Word Morningstar Rfp Security Assessment 2008 V2 1
Microsoft Word Morningstar Rfp Security Assessment 2008 V2 1Todd Petty
 
What's behind a cyber attack
What's behind a cyber attackWhat's behind a cyber attack
What's behind a cyber attackAndreanne Clarke
 
IT SECURITY PLAN FOR FLIGHT SIMULATION PROGRAM
IT SECURITY PLAN FOR FLIGHT SIMULATION PROGRAMIT SECURITY PLAN FOR FLIGHT SIMULATION PROGRAM
IT SECURITY PLAN FOR FLIGHT SIMULATION PROGRAMIJCSEA Journal
 
Logging, monitoring and auditing
Logging, monitoring and auditingLogging, monitoring and auditing
Logging, monitoring and auditingPiyush Jain
 
2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for Insurance2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for InsuranceAccenture Insurance
 
Healthcare Data Security Update
Healthcare Data Security UpdateHealthcare Data Security Update
Healthcare Data Security UpdateGuardEra Access Solutions, Inc.
 
IBM SmartCloud Enterprise - A Secure Infrastructure for Test and Development
IBM SmartCloud Enterprise - A Secure Infrastructure for Test and DevelopmentIBM SmartCloud Enterprise - A Secure Infrastructure for Test and Development
IBM SmartCloud Enterprise - A Secure Infrastructure for Test and DevelopmentPiotr Pietrzak
 
Healthcare IT Security Threats & Ways to Defend Them
Healthcare IT Security Threats & Ways to Defend ThemHealthcare IT Security Threats & Ways to Defend Them
Healthcare IT Security Threats & Ways to Defend ThemCheapSSLsecurity
 
Healthcare Infrastructure Solutions that Deliver Dramatic Savings
Healthcare Infrastructure Solutions that Deliver Dramatic SavingsHealthcare Infrastructure Solutions that Deliver Dramatic Savings
Healthcare Infrastructure Solutions that Deliver Dramatic SavingsMestizo Enterprises
 

Weitere ähnliche Inhalte

Was ist angesagt?

Fdic ffiec cyber_security_assessments
Fdic ffiec cyber_security_assessmentsFdic ffiec cyber_security_assessments
Fdic ffiec cyber_security_assessmentsKen M. Shaurette
 
The Business Case for Data Security
The Business Case for Data SecurityThe Business Case for Data Security
The Business Case for Data SecurityImperva
 
The Security and Compliance Plan for Maxistar Medical Supplies Company
The Security and Compliance Plan for Maxistar Medical Supplies Company The Security and Compliance Plan for Maxistar Medical Supplies Company
The Security and Compliance Plan for Maxistar Medical Supplies Company Abdulrahman Alamri
 
IT Security and Compliance Program Plan for Maxistar Medical Supplies Company
IT Security and Compliance Program Plan for Maxistar Medical Supplies CompanyIT Security and Compliance Program Plan for Maxistar Medical Supplies Company
IT Security and Compliance Program Plan for Maxistar Medical Supplies CompanyJames Konderla
 
Prevention is futile in 2020 - Gartner Report in Retrospect
Prevention is futile in 2020 - Gartner Report in RetrospectPrevention is futile in 2020 - Gartner Report in Retrospect
Prevention is futile in 2020 - Gartner Report in RetrospectJermund Ottermo
 
Cisco Yıllık Güvenlik Raporu 2015
Cisco Yıllık Güvenlik Raporu 2015Cisco Yıllık Güvenlik Raporu 2015
Cisco Yıllık Güvenlik Raporu 2015Marketing Türkiye
 
State of Security Operations 2016 report of capabilities and maturity of cybe...
State of Security Operations 2016 report of capabilities and maturity of cybe...State of Security Operations 2016 report of capabilities and maturity of cybe...
State of Security Operations 2016 report of capabilities and maturity of cybe...at MicroFocus Italy ❖✔
 
What is Enterprise Security Architecture (ESA)?
What is Enterprise Security Architecture (ESA)?What is Enterprise Security Architecture (ESA)?
What is Enterprise Security Architecture (ESA)?John Gardner, CMC
 
Take back your security infrastructure
Take back your security infrastructureTake back your security infrastructure
Take back your security infrastructureAnton Chuvakin
 
Ema report -_ibm_security_q_radar_incident_forensics_vs_other_industry_tools
Ema report -_ibm_security_q_radar_incident_forensics_vs_other_industry_toolsEma report -_ibm_security_q_radar_incident_forensics_vs_other_industry_tools
Ema report -_ibm_security_q_radar_incident_forensics_vs_other_industry_toolsAnjoum .
 
Microsoft Word Morningstar Rfp Security Assessment 2008 V2 1
Microsoft Word Morningstar Rfp Security Assessment 2008 V2 1Microsoft Word Morningstar Rfp Security Assessment 2008 V2 1
Microsoft Word Morningstar Rfp Security Assessment 2008 V2 1Todd Petty
 
What's behind a cyber attack
What's behind a cyber attackWhat's behind a cyber attack
What's behind a cyber attackAndreanne Clarke
 
IT SECURITY PLAN FOR FLIGHT SIMULATION PROGRAM
IT SECURITY PLAN FOR FLIGHT SIMULATION PROGRAMIT SECURITY PLAN FOR FLIGHT SIMULATION PROGRAM
IT SECURITY PLAN FOR FLIGHT SIMULATION PROGRAMIJCSEA Journal
 
Logging, monitoring and auditing
Logging, monitoring and auditingLogging, monitoring and auditing
Logging, monitoring and auditingPiyush Jain
 
2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for Insurance2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for InsuranceAccenture Insurance
 

Was ist angesagt? (18)

Fdic ffiec cyber_security_assessments
Fdic ffiec cyber_security_assessmentsFdic ffiec cyber_security_assessments
Fdic ffiec cyber_security_assessments
 
The Business Case for Data Security
The Business Case for Data SecurityThe Business Case for Data Security
The Business Case for Data Security
 
The Security and Compliance Plan for Maxistar Medical Supplies Company
The Security and Compliance Plan for Maxistar Medical Supplies Company The Security and Compliance Plan for Maxistar Medical Supplies Company
The Security and Compliance Plan for Maxistar Medical Supplies Company
 
IT Security and Compliance Program Plan for Maxistar Medical Supplies Company
IT Security and Compliance Program Plan for Maxistar Medical Supplies CompanyIT Security and Compliance Program Plan for Maxistar Medical Supplies Company
IT Security and Compliance Program Plan for Maxistar Medical Supplies Company
 
Prevention is futile in 2020 - Gartner Report in Retrospect
Prevention is futile in 2020 - Gartner Report in RetrospectPrevention is futile in 2020 - Gartner Report in Retrospect
Prevention is futile in 2020 - Gartner Report in Retrospect
 
Cisco Yıllık Güvenlik Raporu 2015
Cisco Yıllık Güvenlik Raporu 2015Cisco Yıllık Güvenlik Raporu 2015
Cisco Yıllık Güvenlik Raporu 2015
 
State of Security Operations 2016 report of capabilities and maturity of cybe...
State of Security Operations 2016 report of capabilities and maturity of cybe...State of Security Operations 2016 report of capabilities and maturity of cybe...
State of Security Operations 2016 report of capabilities and maturity of cybe...
 
What is Enterprise Security Architecture (ESA)?
What is Enterprise Security Architecture (ESA)?What is Enterprise Security Architecture (ESA)?
What is Enterprise Security Architecture (ESA)?
 
It risk assessment
It risk assessmentIt risk assessment
It risk assessment
 
Content Aware SIEM™ defined
Content Aware SIEM™ definedContent Aware SIEM™ defined
Content Aware SIEM™ defined
 
Take back your security infrastructure
Take back your security infrastructureTake back your security infrastructure
Take back your security infrastructure
 
Ieee itmsb20
Ieee itmsb20Ieee itmsb20
Ieee itmsb20
 
Ema report -_ibm_security_q_radar_incident_forensics_vs_other_industry_tools
Ema report -_ibm_security_q_radar_incident_forensics_vs_other_industry_toolsEma report -_ibm_security_q_radar_incident_forensics_vs_other_industry_tools
Ema report -_ibm_security_q_radar_incident_forensics_vs_other_industry_tools
 
Microsoft Word Morningstar Rfp Security Assessment 2008 V2 1
Microsoft Word Morningstar Rfp Security Assessment 2008 V2 1Microsoft Word Morningstar Rfp Security Assessment 2008 V2 1
Microsoft Word Morningstar Rfp Security Assessment 2008 V2 1
 
What's behind a cyber attack
What's behind a cyber attackWhat's behind a cyber attack
What's behind a cyber attack
 
IT SECURITY PLAN FOR FLIGHT SIMULATION PROGRAM
IT SECURITY PLAN FOR FLIGHT SIMULATION PROGRAMIT SECURITY PLAN FOR FLIGHT SIMULATION PROGRAM
IT SECURITY PLAN FOR FLIGHT SIMULATION PROGRAM
 
Logging, monitoring and auditing
Logging, monitoring and auditingLogging, monitoring and auditing
Logging, monitoring and auditing
 
2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for Insurance2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for Insurance
 

Andere mochten auch

IBM SmartCloud Enterprise - A Secure Infrastructure for Test and Development
IBM SmartCloud Enterprise - A Secure Infrastructure for Test and DevelopmentIBM SmartCloud Enterprise - A Secure Infrastructure for Test and Development
IBM SmartCloud Enterprise - A Secure Infrastructure for Test and DevelopmentPiotr Pietrzak
 
Healthcare IT Security Threats & Ways to Defend Them
Healthcare IT Security Threats & Ways to Defend ThemHealthcare IT Security Threats & Ways to Defend Them
Healthcare IT Security Threats & Ways to Defend ThemCheapSSLsecurity
 
Healthcare Infrastructure Solutions that Deliver Dramatic Savings
Healthcare Infrastructure Solutions that Deliver Dramatic SavingsHealthcare Infrastructure Solutions that Deliver Dramatic Savings
Healthcare Infrastructure Solutions that Deliver Dramatic SavingsMestizo Enterprises
 
The Security Gap: Protecting Healthcare Data in Office 365
The Security Gap: Protecting Healthcare Data in Office 365The Security Gap: Protecting Healthcare Data in Office 365
The Security Gap: Protecting Healthcare Data in Office 365Bitglass
 
Roadmap to Healthcare HIPAA Compliance and Mobile Security for BYOD
Roadmap to Healthcare HIPAA Compliance and Mobile Security for BYODRoadmap to Healthcare HIPAA Compliance and Mobile Security for BYOD
Roadmap to Healthcare HIPAA Compliance and Mobile Security for BYODSierraware
 

Andere mochten auch (8)

Healthcare Data Security Update
Healthcare Data Security UpdateHealthcare Data Security Update
Healthcare Data Security Update
 
IBM SmartCloud Enterprise - A Secure Infrastructure for Test and Development
IBM SmartCloud Enterprise - A Secure Infrastructure for Test and DevelopmentIBM SmartCloud Enterprise - A Secure Infrastructure for Test and Development
IBM SmartCloud Enterprise - A Secure Infrastructure for Test and Development
 
Healthcare IT Security Threats & Ways to Defend Them
Healthcare IT Security Threats & Ways to Defend ThemHealthcare IT Security Threats & Ways to Defend Them
Healthcare IT Security Threats & Ways to Defend Them
 
Healthcare Infrastructure Solutions that Deliver Dramatic Savings
Healthcare Infrastructure Solutions that Deliver Dramatic SavingsHealthcare Infrastructure Solutions that Deliver Dramatic Savings
Healthcare Infrastructure Solutions that Deliver Dramatic Savings
 
The Security Gap: Protecting Healthcare Data in Office 365
The Security Gap: Protecting Healthcare Data in Office 365The Security Gap: Protecting Healthcare Data in Office 365
The Security Gap: Protecting Healthcare Data in Office 365
 
Roadmap to Healthcare HIPAA Compliance and Mobile Security for BYOD
Roadmap to Healthcare HIPAA Compliance and Mobile Security for BYODRoadmap to Healthcare HIPAA Compliance and Mobile Security for BYOD
Roadmap to Healthcare HIPAA Compliance and Mobile Security for BYOD
 
Data Security in Healthcare
Data Security in HealthcareData Security in Healthcare
Data Security in Healthcare
 
Hospital or Healthcare Security
Hospital or Healthcare SecurityHospital or Healthcare Security
Hospital or Healthcare Security
 

Ähnlich wie New Approach to Healthcare Security with VMware NSX

Cybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by ClearnetworkCybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by ClearnetworkClearnetwork
 
McMahon and Associates Cloud Usage Policy Paper
McMahon and Associates Cloud Usage Policy PaperMcMahon and Associates Cloud Usage Policy Paper
McMahon and Associates Cloud Usage Policy PaperMatthew J McMahon
 
Building an Intelligence-Driven Security Operations Center
Building an Intelligence-Driven Security Operations CenterBuilding an Intelligence-Driven Security Operations Center
Building an Intelligence-Driven Security Operations CenterEMC
 
Sample Incident Response Plan
Sample Incident Response PlanSample Incident Response Plan
Sample Incident Response PlanMatthew J McMahon
 
Cyber security basics for law firms
Cyber security basics for law firmsCyber security basics for law firms
Cyber security basics for law firmsRobert Westmacott
 
Scada implement secure - architecture
Scada implement secure - architectureScada implement secure - architecture
Scada implement secure - architectureFelipe Prado
 
Threat Hunting Procedures and Measurement Matrice
Threat Hunting Procedures and Measurement MatriceThreat Hunting Procedures and Measurement Matrice
Threat Hunting Procedures and Measurement MatriceVishal Kumar
 
Trends in Cloud Computing
Trends in Cloud ComputingTrends in Cloud Computing
Trends in Cloud Computingawais mushtaq
 
Whitepaper next generation_patient_safety_bertine_mc_kenna.01
Whitepaper next generation_patient_safety_bertine_mc_kenna.01Whitepaper next generation_patient_safety_bertine_mc_kenna.01
Whitepaper next generation_patient_safety_bertine_mc_kenna.01Ronan Martin
 
The Federal Information Security Management Act
The Federal Information Security Management ActThe Federal Information Security Management Act
The Federal Information Security Management ActMichelle Singh
 
Business Continuity Plan Essay
Business Continuity Plan EssayBusiness Continuity Plan Essay
Business Continuity Plan EssayKristi Anderson
 
MBM A Risk Management Approach to HITECH Whitepaper
MBM A Risk Management Approach to HITECH WhitepaperMBM A Risk Management Approach to HITECH Whitepaper
MBM A Risk Management Approach to HITECH WhitepaperMBMeHealthCareSolutions
 
Risk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs ProvidedRisk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs ProvidedTiffany Graham
 
The VMware Mobile Secure Workplace
The VMware Mobile Secure WorkplaceThe VMware Mobile Secure Workplace
The VMware Mobile Secure WorkplaceVMware
 
Cst 610 Enhance teaching / snaptutorial.com
Cst 610 Enhance teaching / snaptutorial.comCst 610 Enhance teaching / snaptutorial.com
Cst 610 Enhance teaching / snaptutorial.comBaileyabw
 

Ähnlich wie New Approach to Healthcare Security with VMware NSX (20)

Cybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by ClearnetworkCybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by Clearnetwork
 
McMahon and Associates Cloud Usage Policy Paper
McMahon and Associates Cloud Usage Policy PaperMcMahon and Associates Cloud Usage Policy Paper
McMahon and Associates Cloud Usage Policy Paper
 
Building an Intelligence-Driven Security Operations Center
Building an Intelligence-Driven Security Operations CenterBuilding an Intelligence-Driven Security Operations Center
Building an Intelligence-Driven Security Operations Center
 
Sample Incident Response Plan
Sample Incident Response PlanSample Incident Response Plan
Sample Incident Response Plan
 
Cyber security basics for law firms
Cyber security basics for law firmsCyber security basics for law firms
Cyber security basics for law firms
 
Job help
Job helpJob help
Job help
 
Scada implement secure - architecture
Scada implement secure - architectureScada implement secure - architecture
Scada implement secure - architecture
 
Threat Hunting Procedures and Measurement Matrice
Threat Hunting Procedures and Measurement MatriceThreat Hunting Procedures and Measurement Matrice
Threat Hunting Procedures and Measurement Matrice
 
Cyber security report 2017 cisco 2017 acr_pdf
Cyber security report 2017 cisco 2017 acr_pdfCyber security report 2017 cisco 2017 acr_pdf
Cyber security report 2017 cisco 2017 acr_pdf
 
Cyber security report 2017 cisco 2017 acr_pdf
Cyber security report 2017 cisco 2017 acr_pdfCyber security report 2017 cisco 2017 acr_pdf
Cyber security report 2017 cisco 2017 acr_pdf
 
Cyberedge 2015 Defense Report
Cyberedge 2015 Defense Report Cyberedge 2015 Defense Report
Cyberedge 2015 Defense Report
 
Trends in Cloud Computing
Trends in Cloud ComputingTrends in Cloud Computing
Trends in Cloud Computing
 
Whitepaper next generation_patient_safety_bertine_mc_kenna.01
Whitepaper next generation_patient_safety_bertine_mc_kenna.01Whitepaper next generation_patient_safety_bertine_mc_kenna.01
Whitepaper next generation_patient_safety_bertine_mc_kenna.01
 
The Federal Information Security Management Act
The Federal Information Security Management ActThe Federal Information Security Management Act
The Federal Information Security Management Act
 
Business Continuity Plan Essay
Business Continuity Plan EssayBusiness Continuity Plan Essay
Business Continuity Plan Essay
 
MBM A Risk Management Approach to HITECH Whitepaper
MBM A Risk Management Approach to HITECH WhitepaperMBM A Risk Management Approach to HITECH Whitepaper
MBM A Risk Management Approach to HITECH Whitepaper
 
6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins
 
Risk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs ProvidedRisk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs Provided
 
The VMware Mobile Secure Workplace
The VMware Mobile Secure WorkplaceThe VMware Mobile Secure Workplace
The VMware Mobile Secure Workplace
 
Cst 610 Enhance teaching / snaptutorial.com
Cst 610 Enhance teaching / snaptutorial.comCst 610 Enhance teaching / snaptutorial.com
Cst 610 Enhance teaching / snaptutorial.com
 

Mehr von Angel Villar Garea

VMware Solutions for the Connected Car
VMware Solutions for the Connected CarVMware Solutions for the Connected Car
VMware Solutions for the Connected CarAngel Villar Garea
 
Business and Economic Benefits of VMware NSX
Business and Economic Benefits of VMware NSXBusiness and Economic Benefits of VMware NSX
Business and Economic Benefits of VMware NSXAngel Villar Garea
 
Arkin and VMware NSX Operations
Arkin and VMware NSX OperationsArkin and VMware NSX Operations
Arkin and VMware NSX OperationsAngel Villar Garea
 
Gigamon Pervasive Visibility into SDDC/NSX Deployments
Gigamon Pervasive Visibility into SDDC/NSX DeploymentsGigamon Pervasive Visibility into SDDC/NSX Deployments
Gigamon Pervasive Visibility into SDDC/NSX DeploymentsAngel Villar Garea
 
Business Agility and Security with VMware
Business Agility and Security with VMwareBusiness Agility and Security with VMware
Business Agility and Security with VMwareAngel Villar Garea
 
VMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesVMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesAngel Villar Garea
 

Mehr von Angel Villar Garea (11)

VMware NSX NTT Case Study
VMware NSX NTT Case StudyVMware NSX NTT Case Study
VMware NSX NTT Case Study
 
VMware Solutions for the Connected Car
VMware Solutions for the Connected CarVMware Solutions for the Connected Car
VMware Solutions for the Connected Car
 
Business and Economic Benefits of VMware NSX
Business and Economic Benefits of VMware NSXBusiness and Economic Benefits of VMware NSX
Business and Economic Benefits of VMware NSX
 
Arkin and VMware NSX Operations
Arkin and VMware NSX OperationsArkin and VMware NSX Operations
Arkin and VMware NSX Operations
 
Gigamon Pervasive Visibility into SDDC/NSX Deployments
Gigamon Pervasive Visibility into SDDC/NSX DeploymentsGigamon Pervasive Visibility into SDDC/NSX Deployments
Gigamon Pervasive Visibility into SDDC/NSX Deployments
 
NSX on VMware Data Center
NSX on VMware Data CenterNSX on VMware Data Center
NSX on VMware Data Center
 
Business Agility and Security with VMware
Business Agility and Security with VMwareBusiness Agility and Security with VMware
Business Agility and Security with VMware
 
OneCloud-VMwareNSX
OneCloud-VMwareNSXOneCloud-VMwareNSX
OneCloud-VMwareNSX
 
NSX Infographic - Security
NSX Infographic - SecurityNSX Infographic - Security
NSX Infographic - Security
 
VMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesVMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use cases
 
Welcome!
Welcome!Welcome!
Welcome!
 

Kürzlich hochgeladen

My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 

Kürzlich hochgeladen (20)

My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 

New Approach to Healthcare Security with VMware NSX

  • 1. A New Approach to Healthcare Security Defense in depth strategy powered by VMware NSX safeguards healthcare infrastructure, applications, and devices W H I T E P A P E R
  • 2. A New Approach to Healthcare Security W H I T E P A P E R / 2 Table of Contents Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Key Insights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Healthcare organizations are targets of security breaches. . . . . . . . . . . . . . . . . . . . . . . . 3 Healthcare organizations must advance security postures beyond regulation. . . . . . . 4 Leading HIT teams are adopting software-defined solutions and a layered approach to security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Six critical capabilities comprise best practices security frameworks. . . . . . . . . . . . . . . 6 1. Distributed firewalls. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2. Proactive, real-time compliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 3. Virtual desktops and mobile device management. . . . . . . . . . . . . . . . . . . . . . . . . . . 8 4. Automated security and operations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 5. Network efficiency and asset utilization. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 6. Management of multiple-location enterprise. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Defense in depth strategy safeguards HIT infrastructure, applications, and devices. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Learn More. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
  • 3. W H I T E P A P E R / 3 A New Approach to Healthcare Security Overview Electronic patient care and health insurance systems contain millions of valuable records, making them an attractive target for intruders seeking to mine sensitive information. The FBI estimates that each health record is worth $50. Some sources quote even more, upwards of $200. More than 80 percent of healthcare Chief Information Officers (CIOs), Chief Technology Officers (CTOs), and other security leaders polled by KPMG say their organizations have been victimized by at least one cyber attack in the past two years—and many still feel like sitting ducks. The reality for most healthcare CIOs and Chief Information Security Officers (CISOs) is this: today, it is not a question of if, but rather when, their systems will be attacked. Advanced intrusion continues to succeed because healthcare IT organizations are meeting mandated requirements—from HIPAA to HITECH*—without taking a defense in depth approach to safeguarding data. They have invested heavily in data center perimeter security but find their solutions falling short when they are asked to address critical business questions such as the following: • How can we improve our security to effort ratio? • Is security at the perimeter enough to protect our business from data breaches? • How can we secure network traffic inside the data center? • How can we quarantine attacks and limit damage to the rest of network—without incurring huge hardware and firewall costs or an outage? This paper addresses these questions and more about how healthcare organizations handle breaches, including phishing and malware which operate unfettered internally. It also describes how VMware solutions mitigate risks by delivering the comprehensive protections from breaches that today’s security-conscious healthcare organizations require. Key Insights • Healthcare organizations are targets of large-scale security breaches. • Healthcare organizations must advance security postures beyond compliance with regulations—e.g., HIPAA and HITECH. • Leading HIT teams are adopting software-defined solutions and a layered approach to security that delivers not only protections but also strategic business advantages. • Six critical capabilities comprise best practices security frameworks and deliver significant ROI. • Defense in depth strategy powered by VMware NSX safeguards HIT infrastructure, applications, and devices. Healthcare organizations are targets of large-scale security breaches. Digital attacks have become so broad and sophisticated that the Ponemon Institute coined “2014: A Year of Mega Breaches,” and predicted 2015 to be as bad or worse as more sensitive and confidential information and transactions will be moved to the digital space and become vulnerable to attack.1 The healthcare industry is a prime target: • In the U.S. alone, 100 million healthcare records were compromised in Q1 2015.2 • The Identity Theft Resource Center tagged healthcare as the source of 33 percent of all listed incidents nationwide. • A full 84 percent of healthcare organizations have been breached in last two years. • A class-action lawsuit is typically filed only one week after a breach is reported. * Health Insurance Portability and Accountability Act (HIPAA) of 1996 and the 2009 Health Information Technology for Economic and Clinical Health (HITECH) Act enacted as part of the American Recovery and Reinvestment Act of 2009. 1. Ponemon Institute. “2014: A Year of Mega Breaches,” January 28, 2015. 2. U.S. Department of Health and Human Services. 2015
  • 4. W H I T E P A P E R / 4 A New Approach to Healthcare Security “Absolute security will never be a guarantee. Cyber attacks should be considered a constant threat and we need better tools and technologies to mitigate the risk and combat the attacks,”3 according to Sutter Health CIO John Manis in a recent Scottsdale Institute CIO Summit report. While 81 percent of those surveyed by KPMG have been recently compromised by malware, botnets, or other cyber-attacks, only 53 percent of providers and 66 percent of payers say they feel adequately prepared for a cyber attack.4 Other breaches also concern enterprise leaders, according to the Fifth Annual Benchmark Study on Privacy & Security of Healthcare Data, research independently conducted by Ponemon Institute LLC in May 2015. (Figure 1) Figure 1. Most Concerning Breaches Employee negligence, use of public cloud services, malicious insiders, and process failures can be mitigated with strong, auditable user-access controls and micro-segmentation while cyber attackers and identity thieves can be thwarted with strong encryption tied to boundary controls. By using data sovereignty to ensure restricted or regulated data, certain physical areas are protected regardless of who is requesting the data. Healthcare organizations must advance security postures beyond regulation compliance. Healthcare organizations working to meet more stringent government and industry requirements cannot predict the levels to which cyber criminals will go to breach their systems. VMware and its partners provide proven virtualization solutions that help healthcare organizations address the confidentiality, integrity, and availability requirements in HIPAA and HITECH around personally identifiable information. Beyond compliance, VMware and partners also provide solutions to protect healthcare organizations against today’s targeted security threats. 3. HealthIT Security. “Why Healthcare Security Must Be Top Priority for CIOs,” November 24, 2014. 4. Healthcare IT News. “4 in 5 health orgs hit by cyber crooks.” August 27, 2015.
  • 5. W H I T E P A P E R / 5 A New Approach to Healthcare Security VMware solutions support a defense in depth strategy to combat intrusions. An information assurance concept where multiple layers of security controls are incorporated throughout the IT system, a defense in depth approach helps organizations provide redundancies to prevent vulnerabilities in case one or more controls fail. Most HIT teams have not integrated a full complement of layered protections for their healthcare infrastructure, applications, and mobile devices, which includes: Platform security Distributed firewalls, platform hardening, secure lifecycle development Secure operations and automation Enterprise policy controls for security, compliance, configurations, and deployment Virtualization Interoperable advanced networking and security services Compliance guidance Frameworks, validated reference architectures Leading HIT teams are adopting software-defined solutions and a layered approach to security that delivers not only protections but also strategic business advantages. New models of patient care require that systems are highly reliable and that data can be accessed by patients, caregivers, and payers anytime, anywhere. A software-defined strategy coupled with a defense in depth approach is one in which all infrastructure is virtualized and delivered as a service, and where protections are ensured at many layers by interoperable security and compliance frameworks. (Figure 1). When HIT organizations embrace this software-defined approach as the foundation for their IT infrastructure and applications, they can more quickly respond to new demands and their systems become more intelligent, automated, mobile, and secure. In a software-defined environment with multiple layers of security and compliance, all elements of the infrastructure—compute, network, storage, and security—are virtualized to enable applications to leverage a fully virtualized platform that is completely abstracted from the hardware layer. The environment is safeguarded with protections for infrastructure, applications, and end-point devices. Because environments become more application and service focused, HIT organizations not only improve security and data protection, they increase IT efficiency, agility, flexibility, and control. Figure 1: VMare provides an interoperable, multifaceted approach to meet security requirements.
  • 6. W H I T E P A P E R / 6 A New Approach to Healthcare Security Six critical capabilities comprise best practices security frameworks and deliver significant ROI. VMware and VMware partner solutions incorporate the six critical capabilities that healthcare organizations need to safeguard their HIT environments. With VMware NSX®, healthcare organizations can define groups (e.g., app) based on things such as OS, workload type (web, app, database) and more. VMware NSX also acts as a platform to deliver best-possible security services, both natively and through more than 30 technology partners. A best practices approach may begin with a passive listener mode to monitor critical activity and determine the status of intra-virtual machine traffic. (Figure 2) Figure 2: Best-practice, defense in depth security framework enables HIT organizations to remain vigilant by providing proactive protections to address multifaceted challenges 1. Distributed firewalls The security model that most healthcare organizations use today relies heavily on the border where the network meets the Internet. There are established demilitarized zones with edge firewalls and inspection for systems accessed from outside. Although edge firewall measures protect the systems and can prevent system-level attacks, recent attacks have evolved beyond this method’s ability to protect care environments from other methods of breach. Inside the environment is generally considered safe—and most internal systems can talk to just about any other internal system—workstations included, however, this internal openness is now being exploited. Distributed firewalls are a new approach that brings strength to data center security by tying flexible security policies to individual workloads or workload groups. If a threat gets inside the network, VMware NSX contains and blocks the threat’s lateral movement to other servers. This dramatically reduces the attack surface and risk to the business. HIT teams are using distributed firewalls (also known as micro-segmentation) to solve a significant problem that was operationally infeasible with traditional firewalls, and have reported doing so at approximately one-third the cost. Some examples of workload segmentation include distributed firewall for regulated workloads such as PHI and PCI; managing virtual desktops in groups (e.g., external coders); finance, back-office, clinical or external organizations such as affiliates or recently acquired organizations.
  • 7. W H I T E P A P E R / 7 A New Approach to Healthcare Security Dynamic and distributed policy enforcement at the virtual-machine level dramatically enhances network security. For healthcare organizations that equates to tighter linkages with third-party solutions that mitigate issues such as misconfigured firewall rules. For example, HIT teams can more effectively monitor ports or establish route-specific traffic to an external solution such as Palo Alto Networks for intelligent inspection. With distributed firewalls, healthcare organizations can speed processes when challenged to react to a problem and remediate it quickly, then audit the results to validate protected workloads are in compliance. Distributed firewalls increase consistency with streamlined operations and auto-deployment. Because security policies are applied to individual workloads, and travel with the workload as it moves around in the data center, portable policy administration is ensured. Moreover, a distributed firewall can improve performance, simplify operations, and create transparency. Distributed firewalls help to avoid or minimize the costs of a data breach, including engaging forensic experts, in-house investigations, loss of customers from turnover or diminished acquisition rates, providing free credit or identity monitoring subscriptions, customer communications and outsourcing hotline support, and many other costs that can range from several million to more than one hundred million dollars for a single data breach incident. Traditionally, deploying firewalls to control an increasing volume of East-West traffic inside the data center has been cost prohibitive for many enterprises. Additionally, the sheer number of devices needed and the effort required to setup and manage a complex matrix of firewall rules has made this approach operationally infeasible. In addition to making micro-segmentation simpler and more secure, VMware NSX delivers significant CapEx and OpEx reductions for this specific use case. Looking at the capital expense alone, VMware NSX enables enterprises to save upwards of 70 percent over purchasing physical firewalls for micro-segmentation. Following is an analysis of the CapEx savings for a typical enterprise that wants to use micro-segmentation for improved control of server-to-server traffic inside the data center. (Table 1) Table 1: Distributed Firewall CapEx Savings * Network Virtualization and Security with VMware NSX.” 2015.
  • 8. W H I T E P A P E R / 8 A New Approach to Healthcare Security 2. Proactive, real-time compliance Many HIT teams spend time developing manual reports just for audit purposes. However, it is much more effective to rely on built-in, real-time audit capabilities to provide proactive rather than reactive compliance. Organizations using real-time compliance solutions can continuously monitor their infrastructure, looking for and receiving alerts to any changes. As a result, they can proactively address issues and security gaps as they happen which helps better protect the integrity of HIT resources while keeping the organization in compliance. HIT teams can also provide the critical reports required to meet internal and external audits and quickly remediate compliance issues. VMware and VMware partners including HyTrust provide solutions that support regulatory requirements and workflows. A real-time, automated compliance checking solution, such as VMware vRealize® Air™ Compliance, automates the detection of non-compliant infrastructure against industry best practices and hardening guidelines—without manual effort or custom scripting. 3. Virtual desktops and mobile device management Using virtual desktop infrastructure (VDI), HIT teams can segment vulnerable desktops from the rest of the data center and mission-critical server workloads. By integrating third-party solutions, such as Imprivata’s Single Sign-On and Tap In/Tap Out, healthcare workflows are even easier to support and optimize. Firewalls can be assigned based on logical groupings while distributed firewalls provide isolation and segmentation of specific workloads (see description of distributed firewalls). In addition, VDI helps secure protected health information (PHI) from becoming lost or stolen when a device is compromised by ensuring data remains in the data center. This is especially important for organizations with caregivers working at patient bedsides, in remote clinics, or even from home or while mobile. With an enterprise mobility management platform, HIT teams have the flexibility to support the unified management of endpoints, end-to-end security from devices to the data center, and seamless integration across enterprise systems. A single platform can provide HIT teams with powerful automation engines so team members can easily manage a growing number of workstations, PCs, tablets, and mobile devices. Through containerization and context-aware VMware NSX policies, HIT teams can protect sensitive corporate data at the user, application, device, and network levels. Moreover, HIT teams can manage anti-virus and anti-malware policies for virtualized environments using the same management interfaces they use to secure physical infrastructure. Healthcare organizations gain stronger virtualization security with enhanced end-point protection by offloading anti-virus processing to a secure virtual appliance. 4. Automated security and operations Automation is critical to a successful security and cloud strategy. Healthcare organizations can proactively monitor, alert, troubleshoot, and resolve performance and operational issues before they affect end users by integrating application and infrastructure performance data for greater visibility into healthcare IT systems. Predictive analytics, powerful visualization, and progressive integration capabilities across physical, virtual, and cloud infrastructures increase the likelihood of finding and resolving issues quickly. Additionally, HIT teams can develop security policies and blueprints to ensure deployed regulated workloads are always in compliance. Within a single portal, virtual network rules can be created, managed, and automated, and HIT teams can enable self-service with confidence. Troubleshooting and forensics tools aid in management, supporting the virtual network. Enterprises are using VMware NSX to realize significant operational cost reductions because it dramatically reduces the manual effort and cycle time for networking tasks, including provisioning, change/adaptation, scaling, and troubleshooting/remediation. (Cycle time accounts for delays due to requests, approvals, coordination, handoffs, logistics, downtime windows, etc.)
  • 9. W H I T E P A P E R / 9 A New Approach to Healthcare Security As the following OpEx analysis shows, VMware NSX dramatically speeds the initial provisioning of a network into production. With traditional hardware, the associated cycle time to provision a network for a new application forces enterprises to wait 23 days. VMware NSX reduces that to minutes – nearly a 100 percent reduction and massive time-to-market win. Likewise, provisioning a network for a new application takes 14 person hours or close to two days of person effort. VMware NSX reduces that to less than 2 person hours—a substantial 87 percent reduction. (Table 2) Table 2: IT Automation OpEx Reduction 5. Network efficiency and asset utilization Cost and utilization pressures are heating up as healthcare reform funding and reimbursements evolve. HIT teams are becoming frustrated with hardware churn for networking assets because of time and cost replacement demands. When healthcare organizations apply network virtualization, they gain greater flexibility in the hardware layer because features and controls are applied in software. With network virtualization, internal data center traffic is managed between the virtual machines rather than to the physical network and back to servers. By freeing up internal data center traffic, HIT teams can improve the performance of both the network and servers while reducing operational effort. Specifically, VMware NSX provides the operational model of a VM for networks. HIT teams use VMware NSX to streamline provisioning of network services from weeks to seconds. This removes the manual effort and cycle times associated with procuring, installing, and configuring traditional network hardware. The solution’s powerful orchestration capabilities programmatically distribute network services in lock step with virtual machines. Healthcare organizations use VMware NSX to standardize and maintain pre-defined templates that consist of the network topologies and services. The solution’s automation capabilities reduce operational expense, accelerate time-to-market, and speed IT service delivery. NSX also streamlines operations by consolidating configuration state and instrumentation data for all network connections. Administrators have complete operational visibility into what’s occurring across the entire network infrastructure. This simplifies traffic management, monitoring, troubleshooting, and remediation.
  • 10. W H I T E P A P E R / 1 0 A New Approach to Healthcare Security Enterprises are using VMware NSX to access islands of unused compute capacity inside the data center. In traditional topologies each network cluster has its own compute capacity. IT often over provisions compute because the network re-configuration required to reach available capacity in another cluster takes too long and is prone to error. By many measures, 60 percent or more of a network’s total compute capacity remains dormant, which is a waste of resources. HIT teams are using VMware NSX to bridge two or more network clusters and deploy workloads to this unused capacity. As a result, they are saving upwards of 88 percent by using existing server capacity rather than purchasing new physical servers. The following CapEx analysis shows how much enterprise save in annual server expenses by leveraging VMware NSX to use more of its existing compute capacity. (Table 3) Table 3: Server Asset Utilization CapEx Saving
  • 11. W H I T E P A P E R / 1 1 A New Approach to Healthcare Security 6. Management of multiple-location enterprises Leveraging network virtualization provides freedom for IP address management through encapsulation. This is particularly relevant for healthcare organizations involved in merger, acquisition, and affiliation activities. The implementation of a merged network may be a major critical path item in the consolidation plan yet risks may exist which could be easily mitigated with segmentation. As acquiring organizations seeks to drive efficiencies and expand business models, they can uncover unknown risks that may exist in their acquired organizations’ IT systems. More effective network security can help ensure a successful business relationship from the start. Moreover, HIT teams are leveraging VMware NSX as a complement to their existing disaster recovery (DR) solutions. The solution is helping them to reduce their recovery time objective (RTO) by upwards of 80 percent, considerably minimizing downtime and cost to the business. HIT teams use VMware NSX to replicate the entire network and its security environment. They periodically snapshot the network construct, along with its applications and services, and maintain it at a recover site. IT does not need to change IP addresses because the virtual network construct is decoupled from the underlying hardware and topology. The disaster recovery site is identical to the primary site, with no tradeoffs in functionality or performance. The copy sits at the recovery site in standby mode for push-button activation in the event of a disaster. Any changes made to the source network are automatically replicated to the copy at the recovery site. Defense in depth strategy powered by VMware NSX safeguards HIT infrastructure, applications, and devices. Now is the time for healthcare organizations to adopt a new model for data center security; one that’s defined in software, with native and third-party security controls that allow HIT teams to protect workloads at the virtual level, across private and hybrid cloud infrastructures. VMware vCloud for Healthcare features comprehensive mobility, private cloud, and public cloud services that advance a defense in depth approach by helping HIT teams improve delivery outcomes and address the compounding cost, quality, and delivery challenges of patient care while safeguarding information and systems. (Figure 3) The vCloud for Healthcare portfolio of solutions includes the following key capabilities: • Mobility services – VDI, cloud workspaces, and enterprise mobility management • Private cloud services – Security and compliance, systems analytics, IT financial management, automation, and business continuity • Public cloud services – Hybrid cloud deployment Figure 3: A comprehensive approach to security and compliance
  • 12. W H I T E P A P E R / 1 2 A New Approach to Healthcare Security With VMware security and real-time monitoring solutions, healthcare organizations achieve business and IT benefits: • Network security inside the data center – HIT teams can create fully isolated and protected parallel virtual networks on top of existing physical networks. • Automated deployments and data center agility – HIT teams can implement powerful security policies that mirror business logic and workflows. • Integration with leading networking and security infrastructure – HIT teams can continue to use existing security products within a new advanced platform—without the need for extra investment. vCloud for Healthcare has been integrated with and tested by leading healthcare ISVs to ensure it meets healthcare organizations’ security and compliance needs. Learn More Threats to healthcare IT show no signs of dissipating. Most CIOs and CISOs are choosing to deploy a multifaceted, defense in depth approach to security because it provides their healthcare organizations with best-practices security frameworks. HIT teams are using these frameworks to mitigate and anticipate risks. They are also integrating frameworks with layered security to increase system uptime and accessibility while improving IT flexibility and agility as they respond to issues. While the goal of every healthcare organization is to develop a strategy and deploy proven solutions that evolve with increasing threats, only a few technology companies provide comprehensive security and compliance support. VMware and VMware partners deliver the platform security, secure operations, security virtualization, and compliance guidance healthcare HIT teams require, where and when they need protection most. To learn more about vCloud for Healthcare and how VMware solutions safeguard healthcare infrastructure, applications, and mobile devices, visit http://www.vmware.com/industry/healthcare/overview. Existing VMware customers may also explore the benefits of vRealize Air Compliance as a service and VMware compliance checkers at http://vrealizeair.vmware.com/compliance or by contacting their account teams for more information.
  • 13. VMware, Inc. 3401 Hillview Avenue Palo Alto CA 94304 USA Tel 877-486-9273 Fax 650-427-5001 www.vmware.com Copyright © 2015 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or more patents listed at http://www.vmware.com/go/patents. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies. Item No: VMW8856-WP-NEW-APPROACH-HEALTHCARE-SECURITY-USLET-103 11/15