What Does SASE Do for Healthcare Organizations?
SASE lets you zoom out to consider applications and how users connect to them at the same time. Without a big-picture framework, organizations can end up with cloud-hosted applications that no one can use, or that are not secure.
What Are the Steps to Move to SASE?
The biggest piece of SASE is implementing ZTNA. This requires a strong identity management program that includes multifactor authentication, as well as significant network and firewall changes and application adjustments to integrate with ZTNA, such as single sign-on. The second step is shifting applications to the cloud and bolting on cloud-compatible security tools. This step can be challenging, but the lessons learned from ZTNA can speed the process.
How Does SASE Affect Patient Privacy and Health Information?
SASE is neutral regarding HIPAA privacy rules. However, SASE enables healthcare providers to field a more mobile workforce, which can lead to practices such as delivering patient data to clinicians on smartphones. This can create privacy concerns.
IT managers should include strong authentication of both devices and users. They should also revisit their policies and technologies for bring-your-own-device and choose-your-own-device programs to ensure they preserve patient privacy.
How Do I Reconcile HIPAA and SASE’s Access Freedoms?
SASE protects a cloud-focused approach to application delivery, which might raise alarm bells for healthcare organizations. IT managers may be tempted to provide access to resources via VPN to re-create the closed garden of a private data center. But that won’t move you very far down the path of SASE. It will also create a disconnect as you try to incorporate Software as a Service application and security offerings.