Aug 24 2022

How Identity Segmentation Fits into Healthcare’s Cybersecurity Approach

Organizations must move toward stronger, zero-trust policies to guard against threats.

Healthcare organizations have a lot of identity-related needs. One midsize health system could have an average of 500 to 600 applications in use, and that number skyrockets for larger organizations.

An identity opens an attack surface for threat actors to exploit. And with 82 percent of data breaches involving a human element, such as social engineering, according to Verizon’s 2022 Data Breach Investigations Report, compromised credentials leading to unfettered system access can cause damage.

Because of all the connected medical devices that can make up a clinical workflow, network segmentation is often a major focus of cybersecurity strategies in healthcare. As zero-trust architecture continues to gain traction in the industry, organizations should also pay attention to the identities that access their networks.

DISCOVER: How to ensure healthcare organizations' cyberdefenses can combat rising threats.

Identity segmentation, as CrowdStrike defines it, is a method to enforce “risk-based policies to restrict resource access, based on workforce identities.” Organizations looking to reduce their attack surface should consider strengthening policies around identity.

Healthcare IT leaders may not want to deal with the cumbersome task of understanding every workflow and may just grant access out of ease. But once a user has access to one portal without barriers, it opens access for unrelated identities. Identity segmentation adds a much-needed layer of cybersecurity.

Click the banner below for more HealthTech content on security and zero trust.

Fitting into Zero-Trust Architecture

The areas of focus for the zero-trust model, according to the Cybersecurity and Infrastructure Security Agency, include identity, devices, networks, applications and workloads, and data. Many healthcare IT teams are already using zero-trust principles. Even maturing one or two of these pillars within an organization can help strengthen its cybersecurity approach.

When organizations have strong identity management, they are poised to respond more quickly and precisely when a potential threat appears. IT teams can better track and report red flags, prompting swift action to stop potential impostors.

The attack surface of an identity is smaller than a network’s. Organizations are not dealing with one large, flat network in today’s IT landscape. With the private cloud, public cloud and on-premises data centers, organizations have large network scopes that can be difficult to understand. But identity can cross those scopes, whether it’s on-premises or in the cloud. Network segmentation sets up the proverbial fences to work within a perimeter. But with identity segmentation, think of a guard at the fence who repeatedly asks for ID no matter how often you’ve already entered the perimeter — you have to request clearance every time.

GET THE WHITE PAPER: Find out how zero-trust architecture improves data protection.

Challenges for Identity Segmentation Implementation in Healthcare

Of course, when it comes to implementing stricter controls, the battle between usability and security, and business case versus risk, will rage on. That’s why it’s key to have a big-picture understanding of security across the organization to put things into perspective.

Identity segmentation uses a risk-based policy to restrict access based on identity. When trying to implement identity segmentation, it may seem like it could be easier to put in exceptions. Maybe a CEO decides that a rule applies to everyone except for a handful of leaders. But that misses the point of a zero-trust approach and complicates management.

Many in healthcare must also familiarize themselves with cloud strategies and move away from an on-premises mindset. For example, the use of a cloud access security broker is today seen as elemental and can be bundled with secure access service edge architecture or a software-defined WAN connection.

FIND OUT: Why healthcare organizations should begin their zero-trust implementations with identity.

Remember the Five P’s for Identity Segmentation

Proper planning prevents poor performance.

Don’t execute identity segmentation haphazardly, without a developed plan that includes a proof of concept and testing. Avoid tacking on solutions for short-term aims.

Plans must ensure that security basics are continually enforced. For example, do you have visibility and enabled logging? Do you have a basic understanding of network traffic for macro-segmentation? Do you have a core identity and access management program that’s an ongoing, evolving process?

Fully adopting a zero-trust framework will take time. It is a journey to mature each pillar, but there are fittingly incremental gains that organizations can take to improve their cybersecurity position.

This article is part of HealthTech’s MonITor blog series. Please join the discussion on Twitter by using #WellnessIT.


insjoy/Getty Images

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.