Cybersecurity Practices for Health Care Organizations~ RJ BLANCHARD BENEFIT SERVICES

Page 49

Data  Channel 

Network

Implementation Specification

Considerations

Implement through Switched Port Analyzer ports from egress network points or through Internet Content Applica�on Protocol on web proxies.

If online, prevent the leakage of unencrypted sensitive data based upon predefined thresholds (e.g., files that contain > 100 records of PHI).

If out of band, activate IR procedures to contain data leakages that occur through the network.

Sub-Practices for Large Organizations 4.L.A

Advanced Data Loss Prevention

NIST FRAMEWKORK REF: PR.DS-5

After implementing basic DLP controls, you should consider expanding your DLP capabilities to monitor other common data access channels. Table 7 recommends methods for your consideration. Table 7. Expanding DLP to Other Data Channels Data Channel  

Cloud storage

Implementation Specification Use cloud access security broker systems to monitor data flows into cloud systems.

Considerations 

Label data identified as sensitive. Implement digital rights and encryption to limit access to sensitive data.

Ensure that cloud-based file storage and sharing systems do not expose sensitive data in an “open sharing” construct without authentication (i.e., do not permit the use of sharing data through a simple URL link).

49

Turn static files into dynamic content formats.

Create a flipbook

Articles inside

Appendix B: References

3min
pages 105-108

Table 13. Incident Response Plays for Attacks Against Medical Devices

8min
pages 93-96

Table 15. Acronyms and Abbreviations

0
page 100

Table 14. Example Cybersecurity Policies for Consideration

0
page 97

Cybersecurity Practice #9: Medical Device Security

10min
pages 87-91

Table 12. Timeframes for Resolving Medical Device Vulnerabilities

1min
page 92

Table 11. Roles and Responsibilities for an Organizational CIRT

17min
pages 79-86

Table 9. Factors for Consideration in Penetration Test Planning

6min
pages 69-72

Cybersecurity Practice #6: Network Management

15min
pages 57-64

Cybersecurity Practice #8: Security Operations Center and Incident Response

4min
pages 73-74

Table 10. Example Incident Response Plays for IR Playbooks

5min
pages 75-78

Cybersecurity Practice #7: Vulnerability Management

5min
pages 65-67

Cybersecurity Practice #5: IT Asset Management

8min
pages 52-56

Table 7. Expanding DLP to Other Data Channels

3min
pages 49-51

Table 6. Data Channels for Enforcing Data Policies

2min
page 48

Table 3. Example of a Data Classification Schema

1min
page 43

Table 5. Security Methods to Protect Data

6min
pages 45-47

Table 4. Suggested Procedures for Data Disclosure

1min
page 44

Cybersecurity Practice #4: Data Protection and Loss Prevention

1min
page 42

Cybersecurity Practices at Medium-Sized Health Care Organizations

4min
pages 4-6

Table 1. E-mail Protection Controls

19min
pages 15-23

Cybersecurity Practice #3: Identity and Access Management

23min
pages 31-41

Cybersecurity Practice #2: Endpoint Protection Systems

1min
page 24

Table 2. Basic Endpoint Controls to Mitigate Risk at Endpoints

9min
pages 25-30

Cybersecurity Practices at Large Health Care Organizations

3min
pages 7-8

Cybersecurity Practice #1: E-mail Protection Systems

1min
page 14

Introduction

0
page 3
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.