Database Security and Auditing: Protecting Data Integrity and Accessibility
Protecting the Healthcare Database
-
Upload
steve-dunn -
Category
Health & Medicine
-
view
1.027 -
download
2
description
Transcript of Protecting the Healthcare Database
PROTECTING THE HEALTHCARE DATABASE
FROM SINGLE PROVIDERS TO THE HOSPITAL ENTERPRISE, KEEPING PROTECTED HEALTH INFORMATION PRIVATE AND SECURE
DATABASE THREATS
Today's database vulnerabilities along with known security threats continue to challenge even the best organizations
Emerging and developing threat or attack technologies will present new and serious risks to unprotected information
Healthcare organizations must have a better way to protect themselves
DATABASE THREATS
The healthcare database is becoming more vulnerable to attack
Data storage continues to increase More people have greater access Hackers are more sophisticated Technology has advanced Malicious intent greater Opportunity exists for financial gain
DATABASE ACCESS
Many different people and departments, both inside and outside the organization, have access to information stored in the healthcare database IT Staff Internal employees Vendors Insurance Companies Outside Physician offices and clinics Lab & Imaging Center personnel
DATABASE ACCESS
Insider attacks will continue to grow as one of the key reasons for a database breach Immune to firewalls and other security systems Many employees have excessive privileges Organizations are lax with level of access rules Disgruntled employees Insider searches for data on celebrities or
public figures Unintentional insider mistakes Phishing response by legitimate users
PREVENTING A DATABASE BREACH
All organizations need to: Reassess existing security practices
and policies Develop a comprehensive strategy Assess the overall IT environment Evaluate possible situations and
scenarios of unauthorized access Implement a professional grade
encryption solution for data-at-rest
WHICH ENCRYPTION SOLUTION IS BEST?
SOFTWARE
OR
APPLIANCE-BASED / HARDWARE?
APPLIANCE-BASED ENCRYPTION
Hardware or Appliance-based encryption, a superior data-at-rest security solution for eliminating insider threat
Technology works with Database, Web or Application Servers
Offloads high speed encryption processing from database for improved system performance
Non-proprietary, can be used with any OS Scalable to almost any size organization Ideal for Hosted or Cloud Applications Unlike software solutions, encryption keys are
not stored with encrypted data
JANA SERIES TECHNOLOGY Award winning appliance-based encryption
technology Scalable to any size healthcare provider Manufactured by Dark Matter Labs in the
USA Complies with State and Federal security
and privacy rules (HIPAA, PCI) Appliance-based for superior performance
and security Interfaces with database, web, application
or customized servers
JANA SERIES TECHNOLOGY
JANA appliances are award winning encryption solutions that completely offload intense cryptographic processing from overworked servers
3 Devices designed for small to enterprise-wide applications
Employs government certified algorithms Completely independent of database, operating
system, and application Units differentiate based on processing power,
speed, number of Ethernet ports and high availability capability
JANA SERIES TECHNOLOGY Complete Key Management
Multiple-user key-splitting during key entry Key configurations can be fully backed-up Seamlessly rotate keys according to your
business requirements without having to decrypt and re-encrypt all of data
Fully logged, comprehensive access controls to modify or utilize keys
Encryption and Decryption permissions, by users or applications, can be separated for enhanced security
•Multiple-user key-splitting during key entry •Key configurations can be fully backed-up •Seamlessly rotate keys according to your business requirements without having to decrypt and re-encrypt all of data •Fully logged, comprehensive access controls to modify or utilize keys •Encryption and Decryption permissions, by users or applications, can be separated for enhanced security
APPLICATION DIAGRAM
DARK MATTER LABS
Designs and manufacturers superior quality encryption devices to protect data-at-rest
Features industry leading key management, scalability, compliance and flexibility
Has unbeatable performance and security Uses revolutionary encryption technology that
is easy to install, simple to use, and does not require licensing fees
Protects the security of data in any organization
PROTECTING THE HEALTHCARE DATABASE
All healthcare providers who access and store protected health information are responsible for preventing a security breach.
Types of facilities that have databases that could be open to unauthorized access: Hospitals Physician Offices Pharmacies Clinics Labs Psychiatry Offices Imaging Centers / X-ray Dentists
Protect your database with appliance-based technology for state-of-the-art security