Software

Review: Inoculating Healthcare Networks from the Latest Threats

Seamlessly protect applications, users, clouds and medical devices operating within healthcare environments with Palo Alto Networks’ Prisma Access.

John Breeden II

Twitter

John Breeden II is an award-winning reviewer and public speaker with 20 years of experience covering technology.

The increase in cyberattacks and threats in recent years has overwhelmed many traditional security applications and defenses operating within healthcare organizations.

But a modern platform approach, such as Palo Alto Networks’ Prisma Access, can help protect users, connected medical devices, applications, data and just about everything else that exists within a typical enterprise healthcare network.

Deployed as a service using either Amazon Web Services or Google Cloud, the core Prisma Access platform is kept up to date and always available by Palo Alto Networks, leaving administrators free to concentrate on crafting highly secure policies to ensure that their facilities and the people who work there can operate safely.

Click the banner to get the expertise you need to strengthen your ransomware protection capability.

Gain Visibility and Control Across a Complex Healthcare Environment

The main interface for Prisma Access is accessible via a web portal. The platform’s dashboard is easy to read and understand at the top level, which provides an overview of network health and key security alerts that need to be addressed. Administrators can drill down all the way to specific devices to set policies, troubleshoot issues or investigate anomalous behavior.

Setting up firewall rules for devices through Prisma Access is straightforward. Personally owned devices can have software agents installed on them, giving administrators a lot of control over how the devices act and what they are allowed to access. Administrators can even prevent those devices from connecting to a network at all until certain security criteria are met.

Improve Security of Internet of Medical Things Devices

Prisma Access is also designed to protect the thousands of Internet of Medical Things devices found in most hospitals. A Prisma user can quickly examine hundreds of connected medical devices, read about any vulnerabilities they have, discover what applications each device is running and get a history of network traffic generated by each device.

It’s even possible to drill down to individual devices — say, an MRI machine that’s generating a security alert. From there, an IT team member can work to fix the problem, isolate the machine, read about the related Common Vulnerabilities and Exposures, tailor rules to mitigate bad behavior or simply take the device offline until the security alert can be officially cleared.

Healthcare environments have increasingly complex security needs, but a Software as a Service platform such as Palo Alto Networks’ Prisma Access can help level the playing field. It’s a powerful platform that needs no management, letting admins fully concentrate on using its powerful tools to keep their environments safe and secure.

SPECIFICATIONS

PRODUCT TYPE: Web-based firewall and security center
DEPLOYMENT: Software as a Service
HOSTED CLOUD SERVICES: Amazon Web Services, Google Cloud
PROTECTED ELEMENTS: Users, applications, IoT and IoMT devices, cloud instances, data
LICENSE TYPE: Per seat, per year

What About Contractors, Remote Users and Guests?

While the core of Palo Alto Networks’ Prisma Access is designed to work with assets and devices that are owned by a healthcare facility, the platform can also protect the health system’s bring-your-own-device users, remote users, contractors and guests.

Prisma Access forms an almost unbreachable shield for devices such as laptops or tablets that operate in healthcare environments. That is because those devices can have a software agent installed that prevents them from even logging in to a protected network unless all of the requisite security measures, such as having the latest operating system patches, are met.

But not every device working within a hospital or healthcare facility is going to be company owned. Contractors, remote employees and even temporary workers all may require access to critical applications to do their jobs.

DIVE DEEPER: Learn how security partners can work with health IT teams to fight ransomware.

Prisma Access handles this very common situation within healthcare by providing the Global Protect VPN interface to users working on devices that are not owned by the facility. Through the VPN, administrators make specific applications available through the Global Protect web interface. Almost any application can be placed there; for example, common applications such as those used for scheduling or customer relationship management (Salesforce, for instance) can easily be added to the portal along with rules about who can access them and what they’re allowed to do.

For users to access those programs, they must first log on to the Global Protect platform. From there, they can choose from the applications they’re authorized to use. Generally, to completely lock things down, a healthcare facility will allow access to those applications by non-owned devices only through the secure Global Protect portal.

Once connected, users can do everything they normally would with approved applications. However, Prisma Access keeps an eye on all traffic to ensure that, for example, no malware is able to enter the network through those connections.

Applications served through the Global Protect platform have the same functionality as apps connected to directly. As long as there is sufficient bandwidth, remote users should not notice any difference, other than the extra login step at the beginning.