Security

Removing Technical Debt Supports Healthcare Cybersecurity and Incident Response

Technical debt is a roadblock to detecting and responding to cyberthreats. Strategies such as hyperconvergence can reduce vulnerabilities while improving visibility.

Brian Eastwood

Twitter

Brian Eastwood is a freelance writer with more than 15 years of experience covering healthcare IT, healthcare delivery, enterprise IT, consumer technology, IT leadership and higher education.

Enterprises in all industries have legacy applications and outdated infrastructure, but healthcare organizations often have more technical debt because they have so many solutions to manage and limited resources for doing so.

“Technical debt is prevalent because budgets are stretched thin and organizations want to maximize their investments,” says Scott Ragsdale, senior director of U.S. healthcare sales at Nutanix. “It’s not uncommon to see them get try to get three to five years more out of their hardware and software investments.”

It’s understandable to want to make the most of existing technology, especially it it’s a “crown jewel” of clinical operations, such as on-premises electronic health records or picture archiving and communication systems. But it’s also concerning, Ragsdale says: “Healthcare is a lucrative market for ransomware, and older hardware and software make it more vulnerable.”

Click the banner below to find out how infrastructure modernization increases healthcare agility.

xs_infrasturcturemod_animated_q324_learn_desktop

xs_infrasturcturemod_animated_q324_learn_mobile

Technical Debt Limits Visibility into Healthcare’s Vulnerabilities

One issue is that legacy systems, and the IT teams that manage them, tend to be siloed. That makes incident response difficult. With limited visibility across the enterprise, organizations may have trouble discerning where a problem started. That places an emphasis on troubleshooting, which all too often can lead to finger pointing. That means it can that much longer to mitigate a threat.

“As threats evolve, technical debt becomes a roadblock,” says Jeffrey Olson, director of SD-WAN product and technical marketing at Aruba, a Hewlett Packard Enterprise company. “Security protocols and standards have advanced to address common threats, but if you have older technology, you’re at risk until you can upgrade your devices.”

Upgrades can prove challenging, though. Without an enterprisewide view of what’s been deployed where, it’s difficult to manually patch every single laptop, medical device or network endpoint, Olson adds. Unfortunately, that leaves vulnerabilities in place.

Reducing Technical Debt Is a Matter of Prioritization in Healthcare

The first step to reducing technical debt is to act now, Olson says. “Sweating it out” for another two or three years will only make it worse, as change in healthcare takes time. Waiting also stymies innovation, as organizations aren’t well positioned to leverage advanced technologies such as artificial intelligence.

Organizations should start with a deep-dive gap analysis that identifies the legacy technology in place and the limitations it presents. Ragsdale recommends focusing on pain points that lead to complex workflows that don’t align with security or operational best practices.

You need modern infrastructure, with security built in at the network level, to take advantage of these powerful capabilities.”

Jeffrey Olson Director of SD-WAN Product and Technical Marketing, Aruba - Hewlett Packard Enterprise Company

The next step is prioritization, as not everything can be modernized overnight. Olson likens the process to triage. Organizations need to determine what requires immediate attention, such as medical devices in the operating room or emergency department, and what may not be as critical, such as the guest network that patients use in the waiting room.

“It needs to be a practical approach of enhancing what you have and putting layers of security in place,” he says.

EXPLORE: Mitigate hospital downtime with a robust cyber resilience strategy.

With Hyperconvergence Comes Security and Insight

Ragsdale says it’s common for organizations to move forward with reducing technical debt by combining storage, server and networking infrastructure and managing it through a single software layer.

The resulting hyperconvergence brings three immediate security benefits.

Modern hardware is inherently more secure, whether that means the latest laptops or cloud-native servers. So are operating systems: “There are no hidden back doors,” Olson says. Automated security updates are much easier to manage than manual installs, too.
Converged infrastructure requires less hardware in fewer locations. There are fewer attack vectors to manage, and fewer point solutions are needed to monitor them. For IT teams, Ragsdale says, “There’s one user experience, and one support number to call. The time to resolution is quicker.”
Running a converged hardware platform improves application performance. This cuts down on workarounds that can compromise security, such as sharing passwords instead of waiting for new logins to start up.

Infrastructure convergence also makes it possible to create a data lake for managed detection and response, especially at the network level, Olson says. That enables behavioral analysis of devices, which can be applied to policies for managing devices and to detect anomalies.

Olson points to the IV pump as an example. There’s a baseline for where within the hospital it’s located, how often it transmits data and how much data it shares. If that baseline changes — or if, say, the IV pump requests access to a security camera — then IT teams can receive an alert of suspicious behavior and take the device offline before an attacker can move laterally through the network.

“You need modern infrastructure, with security built in at the network level, to take advantage of these powerful capabilities,” he says.

andresr/Getty Images