To support an increasingly mobile workforce both within the hospital setting and outside its four walls, leading healthcare organizations are pursuing a strategy of modern workplace management. In adopting this approach, organizations aim to make it as easy as possible for employees and IT staff to get devices up and running, log in to frequently used applications and keep software up to date.
Naturally, providing ease of access must be balanced with managing an ever-evolving cybersecurity landscape. That’s especially true as computing devices such as laptops, tablets and smartphones join remote monitoring devices at the edge of hospital networks and beyond the confines of the traditional, physical firewall.
As care delivery models and technology deployment strategies change, organizations need to adopt security strategies that protect patient data and other valuable assets without the burden of additional tasks for overworked clinicians.
Click the banner below to discover how to improve workflow efficiencies for clinicians.
Keeping Devices Secure No Matter Where Healthcare Is Delivered
Healthcare’s approach to managing computing devices has gone through a slow but subtle shift in the past two decades.
With the emergence of laptops and smartphones came the approach of mobile device management, which emphasizes securing the device itself. Mobile device management works by setting strict policies that pertain to a specific device. However, it often requires different policies for different operating systems or service providers, and it falls short when attackers get their hands on a device and can access a corporate network behind a firewall.
The evolution of this approach is unified endpoint management, which understands that these devices come in many shapes and forms. As a result, UEM aims to manage and control devices using a single set of policies for activities such as configuration, access, communication and data encryption. This is meant to improve data security by ensuring that only authorized individuals or applications have the right to access information.
EXPLORE: How IT enables providers to optimize care.
Modern workspace management goes one step further, recognizing that a computing device is a workstation critical to supporting employees’ day-to-day responsibilities. The value of MWM is magnified in a clinical setting: Physicians and nurses need fast access to sensitive information that’s stored in a separate location, sometimes on-premises but increasingly in the cloud. Requiring clinical staff to manage multiple usernames and passwords causes frustration at the point of care, and delayed decision-making can adversely impact clinical job satisfaction as well as patient outcomes.
Enabling speedy yet secure access for clinical staff is complicated by two core factors of the modern healthcare workspace. Within the hospital, shared workstations are common. Relaxed policies can lead to shared passwords, leaving not just workstations but also clinical applications and sensitive information readily available to attackers.
Individual users may also log on from any number of locations — an outpatient clinic, a specialist’s office or even their own homes — using any number of devices. A nonsecure device, network connection or combination of the two can likewise leave data and apps vulnerable.
6 Characteristics of a Well-Rounded MWM Security Strategy
A robust MWM security strategy should cover all the bases, ensuring that devices, network connections and data sources are protected from unauthorized access, while authorizing access in a way that doesn’t add burdensome steps to clinical workflows. Such a strategy should take these six tactics into consideration.
- Automated device setup and update: Preconfiguring devices with the right security settings and permissions (in addition to the right applications) helps get end users up and running quickly. Similarly, enabling automated software updates or patches keeps devices up to date without the need for action on the part of busy end users.
- Zero trust: The cornerstone of modern security policy, zero trust emphasizes continuous, multifactor authentication and validation of any end user before granting access to data or applications. Coupled with additional strategies described below, zero trust ensures that only authorized users are granted access.
- Identity and access management: IAM defines and implements policies at a granular level for how individual roles can and cannot use a healthcare organization’s assets. These policies ensure that employees have access to what they need to do their specific jobs but are otherwise restricted from assets unrelated to their work.
- Single sign-on: SSO enables users who have verified their identity to access multiple applications using a single username and password or biometric identification. For example, a physician would gain access to an electronic health record system as well as any applications directly integrated into the EHR, saving time and reducing bottlenecks at the point of care.
- Secure access service edge: SASE lets authorized users connect regardless of their location — a critical advantage for a healthcare workforce that may include visiting nurses, office-based physicians with hospital privileges, or providers of virtual care. Authorized is the operative word: Identity must be verified, and connections must be secured before access is granted.
- Threat protection: In an increasingly connected environment, organizations must keep abreast of cybersecurity threats. When it comes to the modern workspace, this includes steps such as monitoring network activity or assessing devices for vulnerabilities. For shared devices, policies may limit which external websites users can access.
By taking the right approach to modern workspace management, healthcare IT teams can keep their organization’s assets secure while providing authorized, authenticated users with access to resources where and when they need them. This helps to strike the necessary balance between security and usability, reducing the friction between clinicians and technology applications so they’re empowered to improve patient care.
UP NEXT: How to take your zero-trust maturity to the next level.
Amorn Suriyan, Djavan Rodriguez, Creative Credit, peterspiro, umesh chandra, radenmas/Getty Images
