How Healthcare Can Benefit from Cloud Security Posture Management Solutions

What Is Cloud Security Posture Management?

“Cloud Security Posture Management is the answer to inadvertent insecure configuration,” says Nitzan Miron, vice president of product management at Barracuda Networks. “While you don’t know what you don’t know, a good CSPM tool does. It knows every setting on every cloud resource, and it can analyze each setting to see if it was configured in an insecure way.”

In practice, CSPM tools are designed to automatically assess current cloud configurations, compare them against existing security best practices and identify potential gaps. This is critical for healthcare companies that have adopted the cloud to meet telehealth demands but haven’t had time to conduct an in-depth evaluation of how cloud services act and interact with one another and what this means for data security.

Miron notes that CSPM solutions go beyond initial assessments to provide ongoing protection.

“When configuration changes or new resources are deployed, they are immediately inspected, and any issues are immediately flagged — before an attacker can exploit them,” he says. “This allows organizations to confidently deploy new resources without worrying about what they might have missed.”

GET THE WHITE PAPER: Learn to manage your cloud security posture effectively.

The Reality of the Healthcare Cloud

More than half of healthcare organizations say that they’ve increased their cloud adoption during the pandemic, and about two-thirds have already deployed hyperconverged infrastructure (HCI) models to help facilitate further cloud deployments.

“Healthcare in the cloud is happening,” says Aaron Ansari, global vice president of cloud security for Trend Micro. “Ten years ago, many experts would have scoffed at the idea; now it’s an accepted reality.”

Increased adoption comes with increased risk: In 2020, 39 percent of healthcare organizations were victimized by ransomware attacks in the cloud. It makes sense: As critical corporate data and patients’ personally identifiable information makes its way onto public, private and hybrid clouds, attackers can exploit the move by exfiltrating and selling this information or simply encrypting it and demanding a ransom for its return.

Ansari notes that the speed of application and service development in the cloud also creates challenges for healthcare security.

“Developers are creating new apps quickly, and data is often stored in a cloud-based option such as an S3 bucket, but there are so many services and options available that healthcare companies may not be sure how to configure it,” he says. “This is where exposure and leaks happen.”

LEARN MORE: Find out how cloud services are enhancing patient care.

Cloud Security Posture Management Tools

Ansari explains that there’s no one-size-fits-all model for CSPM. “Imagine you’re building a house,” he says. “CSPM tools reflect the current building code in the neighborhood. Depending on where you are, it may be strict or lax.”

In healthcare “neighborhoods,” cloud-building expectations are robust. To guard protected health information (PHI) and ePHI, guidelines in HIPAA, the Health Information Technology for Economic and Clinical Health Act and the HITRUST CSF lay out specific obligations around security due diligence, data protection and incident remediation. CSPM solutions help ensure that cloud environments are up to code.

Ultimately, Ansari notes, CSPM tools are a critical part of the shared responsibility model of healthcare data security. While providers do have an obligation to meet their commitments around HIPAA and HITRUST-compliant data protection, healthcare agencies are responsible for the continual evaluation of cloud environments.

“You’re compliant right up until the point that you’re not,” says Ansari. “As a result, you need continual visibility of data ownership.”

Best Practices for CSPM Implementation

To ensure that CSPM tools deliver on their protective potential, Miron offers four best practices:

1. Leverage solutions that can scan all public clouds. With many healthcare organizations now using multiple clouds to empower hybrid work and deliver telehealth services, it’s critical to use CSPM tools capable of scanning all connected public clouds for potential problems and vulnerabilities.
2. Ensure CSPM automation. Miron notes that newly created cloud accounts are often more likely to have security issues. As a result, your CSPM tool should be capable of automatically scanning new accounts as soon as they are created.
3. Integrate CSPM with ticket systems. “It’s easy to miss an alert email and end up exposed,” says Miron. “Integrate your CSPM tool with a ticketing or management system so that issues are brought to the team’s attention quicky.”
4. Inspect all issues. Even if your CSPM tool reports an issue that appears to be outdated, Miron cautions against ignoring it. “Since cloud resources frequently change in response to demand, there may be an issue that only arises at certain times, when certain resources spin up or are under heavier loads. Always inspect and solve all significant issues.”

CSPM: Capitalizing on the Cloud for Healthcare

“In the cloud, any resource can potentially be exposed directly to the internet, sometimes in ways that aren’t obvious unless you have experience,” Miron says.

CSPM tools help fill in the blanks by providing a way to detect, identify and remediate insecure cloud configurations before they become substantial security issues.