Healthcare businesses must balance the requirement to provide the necessary information practitioners need to deliver quality healthcare, with the pressing need to keep patient data private and secure. As more and more patient information moves online and mobile, healthcare organizations are rethinking the role of identity in ensuring that the right people get the right information when and how they need it.
Geoff Webb, Director of Solution Strategy with NetIQ presented 'Identity, Security and Healthcare' at the Heart of America HIMSS chapter event at Johnson County Community College on January 16th 2014. His presentation looked at the evolving trends of mobility, social identity, cloud, and security in the world of healthcare, and how you can start planning now to meet the needs of your organization today and in the future.
Well, the good ones look like everything else!
Not easy to spot: The intent speaks to the "A" in advanced -- the attackers aren't going to announce their intent.
Hack employees – map using LinkedIn and Facebook
You’ll need monitoring, logging, etc.
Transition in to phishing
As I discussed, the trophy is getting in…When it comes to APTs it is not about how good you are once inside, but that you use a totally new approach for entering the organization. You don’t bother to just simply hack the organization and its infrastructure; you focus much more of your attention on hacking the employees.
You can almost map the employees in an organization simply by using published information on LinkedIn. Facebook is another good place to find out where you work and when you are on vacation.