SlideShare a Scribd company logo

Carestream white paper_cloud-security 2016

Carestream
Carestream

The document discusses evaluating the data security capabilities of cloud-based services. It outlines that choosing a cloud provider requires ensuring they have optimal technologies, infrastructures, and processes to secure data at all levels. This includes physical security of data centers, application-level security design with availability, integrity, and confidentiality, as well as security policies and procedures for monitoring, auditing, and incident response. Carestream Health is highlighted as an example provider that meets high standards for cloud security including ISO/IEC 27001 certification.

Healthcare
1 of 7
Download to read offline
White Paper | Cloud-Based Security Technical Brief Series How to Evaluate the Data Security Capabilities of Cloud-Based Services Executive Summary When evaluating cloud-based services, no issue is more critical than data security. Cloud-based services today can be compared to internet banking. Consumers were initially afraid that online banking would make them more vulnerable to fraud or identity theft. But as online security technologies and processes have improved, online banking is now actually safer than getting paper statements in the mail. Likewise, using a cloud-based service supplier instead of operating your own internal system can be a major step toward becoming liberated from serious security issues. However, you must choose your provider wisely. Suppliers must demonstrate that they have the optimal technologies, infrastructures and processes in place to ensure the security of your data. And each healthcare facility needs to require evidence that health information is protected at all levels and stages of the workflow – from duplicate disaster recovery copies and physical protection of the data center to data transmission, storage and user access. It’s important to understand the four key components of data security: availability, integrity, confidentiality and traceability. Availability ensures continuous access to data even in the event of a natural or man-made disaster or events such as fires or power outages. Integrity ensures that the data is maintained in its original state and has not been intentionally or accidentally altered. Confidentiality means information is available or disclosed only to authorized individuals, entities or IT processes. Traceability is the ability to verify the history, location or application of an item by means of documented recorded identification. All components of data security must be maintained at the following three levels: 1. The physical infrastructure of the data center. 2. The hosted application that manages data. 3. The policies and procedures to maintain continuous security in the cloud. 1. Physical Security at the Data Center The data center must supply a secure physical hosting environment. This typically includes: • Redundant utilities, particularly power supply and air conditioning. • Protection against fire with appropriate extinguishers in each computer room, as well as emergency power-off switches. • Specially equipped ventilating and air conditioning systems. While temperature is an important factor, equipment must also be protected from external heavy pollution such as smoke from a nearby fire. • Windowless rooms for servers and storage equipment. • Access control to enter the data center. This includes access monitoring through methods such as badge- based entry in tandem with a security guard or biometric identification system, strictly controlled visits, a single entrance to the most sensitive area of the data center, and surveillance cameras around the building and at each entrance. Extra authentication should be required to access sensitive areas where patient data is stored. Ask to see the supplier’s security policy and find out how employees’ online access to data is monitored.
White Paper | Cloud-Based Security 2 Data center designs can be broken down into four tiers. Most hospital data centers are at Tier 1 or Tier 2. For Tier 3 and Tier 4, cloud service providers are best equipped to make the significant investment required to guarantee higher security. Tier Level Requirements 1 • Single non-redundant distribution path serving the IT equipment • Non-redundant capacity components • Basic site infrastructure that guarantees 99.671% availability 2 • Fulfills all Tier 1 requirements • Redundant site infrastructure capacity components that guarantee 99.741% availability 3 • Fulfills all Tier 1 and Tier 2 requirements • Multiple independent distribution paths serving the IT equipment • All IT equipment must be dual-powered and fully compatible with the topology of a site’s architecture • Concurrently maintainable site infrastructure that guarantees 99.982% availability 4 • Fulfills all Tier 1, Tier 2 and Tier 3 requirements • All cooling equipment is independently dual- powered, including chillers and heating, ventilating and air-conditioning (HVAC) systems • Fault-tolerant site infrastructure with electrical power storage and distribution facilities that guarantee 99.995% availability 2. Application-Level Security Design Application-Level Availability Any application should start with a secure and reliable storage mechanism: • The cloud service provider maintains at least two copies of ingested data, thus reducing the risk of data loss. One of the two copies should reside in a backup data center at a separate location in case a disaster impacts the main data center. The system should ensure that the two copies are permanently synchronized. • Database is stored on RAID-10 (1+0) disk system. RAID-10 provides high availability and performance when there is a need to reconstruct data in the case of disk failure. • Data is stored on RAID-6. While this type of RAID is slower to reconstruct in case of disk failure, it offers excellent reliability with a higher ratio of usable storage to physical storage. One of the often-overlooked areas of data security is authentication procedures. It is not enough to maintain two copies of patient data. The cloud service provider must also have a validation process to ensure that each copy of the data maintains its integrity and that any damaged files can be quickly detected and reconstructed from a RAID copy. Application-Level Integrity Application-level signatures should be computed for every document and kept in the database. The encryption mechanism used to ensure confidentiality during the TCP/IP transmission includes an integrity check that prevents the risk of data corruption. The Transport Layer Security (TLS) protocol and its predecessor Secure Socket Layer (SSL) provide for privacy and data integrity in communications between two computer applications. When secured by TLS, connections between a client and server (such as the connection between a web browser and a cloud-based application) have one or more of the following properties: • The connection is private because symmetric cryptography is used to encrypt the data transmitted. The keys for this symmetric encryption are generated uniquely for each connection and are based on a shared secret negotiated at the start of the session. The server and client negotiate the details of which encryption algorithm and cryptographic keys to use before the first byte of data is transmitted. The negotiation of a shared secret is both secure and reliable. • The identity of the communicating parties can be authenticated using public-key cryptography. • The connection is reliable because each message transmitted includes a message integrity check using a message authentication code to prevent undetected loss or alteration of the data during transmission.
White Paper | Cloud-Based Security 3 Multi-Level Data Confidentiality Data protection is required at both the application and network level. Communication between healthcare sites and the data center is performed with TSL/SSL-based encryption at the application level to ensure end-to-end protection between the service access point and the data center. This encryption ensures that none of the employees of the network provider can access data. It also prevents data from being viewed while it is being carried over the internet to an end user’s viewing software. TSL/SSL can implement several encryption algorithms, the most common being AES, 128-bit key length encryption. Access control also combines two levels of restriction: • Site-level access control defines which originating sites can access data. A default configuration specifies that data ingested by an originating site may only be accessed by the same site. Patient data can be shared between health establishments, such as a regional healthcare organization, providing that the service has been enabled under formal agreements and specific access controls are in place. Any other access, such as queries from other sites or from the web portal, must be specifically set up. This restriction applies to most imaging IT clouds that require a local server as a point of access. • A user profile specifies access to both features and data. Access rights for a given user can also be defined for patients and types of studies. Secure Connection to the Cloud Secure access requires the data center to equip its internet connection with the following: • Firewalls to control network transmissions based on a set of rules that protect networks from unauthorized access. • A demilitarized zone (DMZ), which is a physical or logical subnetwork that contains and exposes an organization’s external services to a larger untrusted network, providing security from external attacks. • Permanent updates to antivirus software with the latest virus signature databases. To guarantee secure data exchange, the connection between the data center and a customer site is usually made through a TSL/SSL-encrypted tunnel. 3. Policies and Procedures to Maintain Security Beyond physical and application-level design, proper policies and procedures are required to maintain ongoing security for cloud-based services, completing the traceability component of the security design. Establishing an Audit Trail While data privacy addresses who can access data and what a user can do, a comprehensive auditing function is needed to track all activities, warnings and failures related to patient health information (PHI) that occur in the system. A trusted cloud service provider should provide robust data that can be used for auditing and other system performance tools, supporting the security administrator in managing the system.
White Paper | Cloud-Based Security 4 Remote, Proactive Monitoring Remote, proactive monitoring is an extremely important function offered by leading cloud-based service providers, requiring both technology and experienced personnel. Monitoring enables early detection of potential incidents, ideally before they impact users. Monitoring should be executed by a dedicated tool that permanently watches each node of the cloud infrastructure, along with access points at each customer’s location and platforms at data centers. Monitoring controls key application processes, systems and the wide area network between the service access point and the data center. An appropriate proactive monitoring infrastructure collects metrics from each device and automatically triggers alerts when a fault condition is detected. Conditions that trigger an alert can range from a failure to back up data to unauthorized attempts to access data. Depending on the severity of the incident detected, the monitoring system might send an email to the support team or open a case file and display a visible alarm at the dashboard, allowing follow- up action to be performed by the incident-management team. In addition to protecting data, monitoring activities should also ensure that systems achieve specified performance and uptime guarantees. Monitoring should be conducted 24/7, and trained personnel should investigate each incident. Defining the Appropriate Security Policy The final element in a comprehensive security system is the organization’s security policy and its support team. The security policy tracks how security is achieved through the technical and human resources aspects of the product, operations and organization. The security policy is maintained under the responsibility of a designated security officer. The security officer must be involved every time a change is performed to the infrastructure or to the services that could impact data integrity or confidentiality. This includes upgrades, new functionality or organizational changes. The security policy should address the following topics: • Security organization: The security officer ensures that the security policy is updated. Internal audits are conducted and corrective actions are identified and implemented. • Human resources: The policy lists security procedures to be used when employees are hired, resign, or move within the organization. Forms must be signed by employees, and security training must be conducted. When an employee leaves, specific network access must be disabled and equipment such as tokens must be returned. • Assets management: This section of the policy outlines procedures to ensure that patient information is identified and well-managed. It describes how data must be destroyed when required. It explains how equipment is identified (serial number, internal identification number) and where this information is stored and maintained. • Physical security: Data center security is the responsibility of the hosting company, but the list of employees allowed to enter the data center is maintained internally and communicated to the hosting company. The data center should restrict physical access and require badges to enter specific areas. Security guards prevent the removal of equipment and any unauthorized physical access. • Operations: This section defines the boundaries of responsibility of the hosting company, operations and R&D. For example, upgrades and monitoring should be performed by operations, while R&D is the only department with access to source code. The policy should describe which technical solutions are in place, and enumerate the protocol and encryption mechanisms to be used from the customer site to the data center resources. The policy should also describe how data is secured (replication, media, etc.), how changes are tracked (logs) and methods for database backup. • Access control: The policy should list how and from where sensitive data can be accessed, and restrict access to appropriate users using Secure Remote Service Access (SRSA), secure ID, authentication with login and passwords. It should also describe how servers are hardened and protected. • Security incident management: This section describes the tracking and logging of all security incidents. Depending on incident severity, the security officer may coordinate immediate corrective action and communicate with R&D (to develop a workaround), operations (to deploy), human resources (should the incident involve an employee) and the legal department (in case of a regulation or contract violation).
White Paper | Cloud-Based Security 5 • Business continuity: This section of the policy describes the technical solutions – such as RAID, cluster, network and fiber redundancy – that ensure continuity in the event of a disruptive incident. Every healthcare organization needs to ensure that the security policy is endorsed and implemented as part of each element in a cloud-based operation. Check the Security Supplier’s Credentials When a healthcare enterprise purchases a PACS or archiving system, it is purchasing features that the user must support and protect. Purchasers of cloud-based services are investing in a high-quality service that includes not only uptime guarantees but also data security levels. Security certification provides assurance that the provider adheres to the industry’s best practices for data security. The International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) have created a standard for information security management: ISO/IEC 27001. The most trustworthy providers of hosted security services have been audited by a third-party accredited certification body and have been granted a certificate of compliance with this standard. Carestream Health’s cloud business in Europe has been certified by BSI Group (also known as the British Standards Institution) as meeting the requirements of the latest published standard, ISO/IEC 27001:2013. This certification means that BSI auditors have examined and approved of all our security processes and controls at every site, and have determined them to be in full compliance with the standard. Certification also requires a yearly surveillance audit. The certificate is valid for three years, after which the full certification process must be repeated. .
White Paper | Cloud-Based Security 6 Carestream Delivers Secure Cloud-Based Collaboration for More Efficient, Effective Care It is cost-prohibitive for many individual healthcare systems to support investments in the equipment, technology, personnel and ongoing training required to deliver the highest level of data security. Converting to best-in-class cloud-based services allows healthcare providers to achieve industry-leading data security – including data availability, integrity, confidentiality and traceability. Carestream Health is a worldwide provider of cloud-based healthcare IT services, offering state-of-the-art technologies, infrastructures and processes to ensure healthcare data security and privacy. We currently manage 13 private and public data centers with over 12 petabytes of data replicated between multiple sites for backup, disaster recovery and business continuity. We protect health information at all levels of the workflow – including the physical infrastructure of the data center, the hosted application that manages data, and the policies and procedures that govern data access, audit trails, remote monitoring, incident management and business continuity. Our ISO/IEC 27001:2013 certification is a stamp of approval from the world’s foremost standards and certification bodies. Our flagship Clinical Collaboration Platform is designed to bring patient-centric diagnostic imaging to stakeholders across the healthcare enterprise. With anywhere/anytime image access and management – based on a unified core with extensible modules for enterprise-wide integration – it’s the ideal application for the cloud. Carestream’s Vue cloud services enhance the Clinical Collaboration Platform with: • Security that provides the highest levels of availability, integrity, confidentiality and traceability. • Protection against obsolescence, with no need to upgrade hardware and software over time. • Predictable operations and pay-as-you-go budgeting for reliable business continuity at a lower total cost. • An infinitely scalable, vendor-neutral architecture that frees administrators from infrastructure management so they can focus on clinical workflow needs. Hosted locally by the enterprise, the Clinical Collaboration Platform fosters efficiency and quality of care by providing seamless access to the collaborative imaging tools you need today, as well as the innovative tools of tomorrow. Hosted in the cloud by Carestream, it also frees your enterprise from the burden of hardware, application and security management – providing added peace of mind that your data is available only to authorized users, whenever and wherever they need it.
White Paper | Cloud-Based Security www.carestream.com Carestream Health, Inc., 2016. CARESTREAM is a trademark of Carestream Health. Cat No: 300 1055 Appendix: Cloud Service Provider Checklist – How Secure Is Your Data? 1. Physical Security Yes/No Redundant utilities: power supply and air conditioning Fire and flood protection Ventilation: protection from temperature extremes and external pollution Windowless rooms for servers and storage Access control: biometric ID, visitor process, single entrance to sensitive areas, security cameras, auditing Scalable floor space 2a. Application Level Availability Duplicate copy of data stored at multiple sites RAID-10 database storage RAID-6 data storage 2b. Application Level Integrity Application-level signature and integrity check 2c. Multi-Level Data Confidentiality Access control at site level Access control at user level, such as SRSA, secure ID and authentication Firewall Demilitarized zone (DMZ) Antivirus continuously updated with latest virus signature databases TSL/SSL-encrypted access tunnel 3. Policy and Procedures Audit trail for activities related to patient health information (PHI) Proactive monitoring, 24/7 Well-defined security policy

Recommended

Advanced Data Center Security
Advanced Data Center SecurityAdvanced Data Center Security
Advanced Data Center Security
manoharparakh
 
OTechs Cloud computing security
OTechs Cloud computing securityOTechs Cloud computing security
OTechs Cloud computing security
Osman Suliman
 
G0314043
G0314043G0314043
G0314043
iosrjournals
 
IRJET- Security Concern: Analysis of Cloud Security Mechanism
IRJET- Security Concern: Analysis of Cloud Security MechanismIRJET- Security Concern: Analysis of Cloud Security Mechanism
IRJET- Security Concern: Analysis of Cloud Security Mechanism
IRJET Journal
 
Security issue in Cloud computing
Security issue in Cloud computingSecurity issue in Cloud computing
Security issue in Cloud computing
Seema Kumari
 
Aspects of data security
Aspects of data securityAspects of data security
Aspects of data security
SaranSwathi1
 
1784 1788
1784 17881784 1788
1784 1788
Editor IJARCET
 
Brochure Imperva Vormetric
Brochure Imperva VormetricBrochure Imperva Vormetric
Brochure Imperva Vormetric
Michelle Guerrero Montalvo
 

Recommended

Advanced Data Center Security
Advanced Data Center SecurityAdvanced Data Center Security
Advanced Data Center Security
manoharparakh
 
OTechs Cloud computing security
OTechs Cloud computing securityOTechs Cloud computing security
OTechs Cloud computing security
Osman Suliman
 
G0314043
G0314043G0314043
G0314043
iosrjournals
 
IRJET- Security Concern: Analysis of Cloud Security Mechanism
IRJET- Security Concern: Analysis of Cloud Security MechanismIRJET- Security Concern: Analysis of Cloud Security Mechanism
IRJET- Security Concern: Analysis of Cloud Security Mechanism
IRJET Journal
 
Security issue in Cloud computing
Security issue in Cloud computingSecurity issue in Cloud computing
Security issue in Cloud computing
Seema Kumari
 
Aspects of data security
Aspects of data securityAspects of data security
Aspects of data security
SaranSwathi1
 
1784 1788
1784 17881784 1788
1784 1788
Editor IJARCET
 
Brochure Imperva Vormetric
Brochure Imperva VormetricBrochure Imperva Vormetric
Brochure Imperva Vormetric
Michelle Guerrero Montalvo
 
Iaetsd secure data storage against attacks in cloud
Iaetsd secure data storage against attacks in cloudIaetsd secure data storage against attacks in cloud
Iaetsd secure data storage against attacks in cloud
Iaetsd Iaetsd
 
Cloud Auditing
Cloud AuditingCloud Auditing
Cloud Auditing
Jonathan Sinclair
 
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDS
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDSSECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDS
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDS
IJNSA Journal
 
Hipaa auditing in cloud computing enviroment
Hipaa auditing in cloud computing enviromentHipaa auditing in cloud computing enviroment
Hipaa auditing in cloud computing enviroment
Parshant Tyagi
 
Data Security Explained
Data Security ExplainedData Security Explained
Data Security Explained
Happiest Minds Technologies
 
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTINGDATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
ijsptm
 
Cloud Audit and Compliance
Cloud Audit and ComplianceCloud Audit and Compliance
Cloud Audit and Compliance
Quadrisk
 
Data Stream Controller for Enterprise Cloud Application
Data Stream Controller for Enterprise Cloud ApplicationData Stream Controller for Enterprise Cloud Application
Data Stream Controller for Enterprise Cloud Application
IJSRD
 
Security Problem With Cloud Computing
Security Problem With Cloud ComputingSecurity Problem With Cloud Computing
Security Problem With Cloud Computing
Martin Bioh
 
It pp hybrid attribute- and re-encryption-based key management for secure and...
It pp hybrid attribute- and re-encryption-based key management for secure and...It pp hybrid attribute- and re-encryption-based key management for secure and...
It pp hybrid attribute- and re-encryption-based key management for secure and...
Papitha Velumani
 
Hybrid attribute and re-encryption-based key management for secure and scala...
Hybrid attribute and re-encryption-based key management for secure and scala...Hybrid attribute and re-encryption-based key management for secure and scala...
Hybrid attribute and re-encryption-based key management for secure and scala...
Papitha Velumani
 
Hybrid attribute and re-encryption-based key management for secure and scala...
Hybrid attribute and re-encryption-based key management for secure and scala...Hybrid attribute and re-encryption-based key management for secure and scala...
Hybrid attribute and re-encryption-based key management for secure and scala...
Papitha Velumani
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUD
Sweta Kumari Barnwal
 
Primend praktiline konverents - Office 365 turvalisus
Primend praktiline konverents - Office 365 turvalisusPrimend praktiline konverents - Office 365 turvalisus
Primend praktiline konverents - Office 365 turvalisus
Primend
 
Brochure Imperva Securesphere Vormetric Encryption
Brochure Imperva Securesphere Vormetric EncryptionBrochure Imperva Securesphere Vormetric Encryption
Brochure Imperva Securesphere Vormetric Encryption
Michelle Guerrero Montalvo
 
Information Leakage Prevention In Cloud Computing
Information Leakage Prevention In Cloud ComputingInformation Leakage Prevention In Cloud Computing
Information Leakage Prevention In Cloud Computing
IJERA Editor
 
eHealth ….. How to trust a cloud?
eHealth ….. How to trust a cloud?eHealth ….. How to trust a cloud?
eHealth ….. How to trust a cloud?
Mario Drobics
 
Sunny_Resume
Sunny_ResumeSunny_Resume
Sunny_Resume
Sunny Gupta
 
The Normal Menstrual Cycle
The Normal Menstrual CycleThe Normal Menstrual Cycle
The Normal Menstrual Cycle
Dr. Kanwal Ali
 
Summative_Comparative_Analysis
Summative_Comparative_AnalysisSummative_Comparative_Analysis
Summative_Comparative_Analysis
Danika Scevers
 
Dqi+Min
Dqi+MinDqi+Min
Dqi+Min
miney727
 
Melo
MeloMelo
Melo
zonalema
 

More Related Content

What's hot

Iaetsd secure data storage against attacks in cloud
Iaetsd secure data storage against attacks in cloudIaetsd secure data storage against attacks in cloud
Iaetsd secure data storage against attacks in cloud
Iaetsd Iaetsd
 
Cloud Auditing
Cloud AuditingCloud Auditing
Cloud Auditing
Jonathan Sinclair
 
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDS
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDSSECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDS
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDS
IJNSA Journal
 
Hipaa auditing in cloud computing enviroment
Hipaa auditing in cloud computing enviromentHipaa auditing in cloud computing enviroment
Hipaa auditing in cloud computing enviroment
Parshant Tyagi
 
Data Security Explained
Data Security ExplainedData Security Explained
Data Security Explained
Happiest Minds Technologies
 
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTINGDATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
ijsptm
 
Cloud Audit and Compliance
Cloud Audit and ComplianceCloud Audit and Compliance
Cloud Audit and Compliance
Quadrisk
 
Data Stream Controller for Enterprise Cloud Application
Data Stream Controller for Enterprise Cloud ApplicationData Stream Controller for Enterprise Cloud Application
Data Stream Controller for Enterprise Cloud Application
IJSRD
 
Security Problem With Cloud Computing
Security Problem With Cloud ComputingSecurity Problem With Cloud Computing
Security Problem With Cloud Computing
Martin Bioh
 
It pp hybrid attribute- and re-encryption-based key management for secure and...
It pp hybrid attribute- and re-encryption-based key management for secure and...It pp hybrid attribute- and re-encryption-based key management for secure and...
It pp hybrid attribute- and re-encryption-based key management for secure and...
Papitha Velumani
 
Hybrid attribute and re-encryption-based key management for secure and scala...
Hybrid attribute and re-encryption-based key management for secure and scala...Hybrid attribute and re-encryption-based key management for secure and scala...
Hybrid attribute and re-encryption-based key management for secure and scala...
Papitha Velumani
 
Hybrid attribute and re-encryption-based key management for secure and scala...
Hybrid attribute and re-encryption-based key management for secure and scala...Hybrid attribute and re-encryption-based key management for secure and scala...
Hybrid attribute and re-encryption-based key management for secure and scala...
Papitha Velumani
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUD
Sweta Kumari Barnwal
 
Primend praktiline konverents - Office 365 turvalisus
Primend praktiline konverents - Office 365 turvalisusPrimend praktiline konverents - Office 365 turvalisus
Primend praktiline konverents - Office 365 turvalisus
Primend
 
Brochure Imperva Securesphere Vormetric Encryption
Brochure Imperva Securesphere Vormetric EncryptionBrochure Imperva Securesphere Vormetric Encryption
Brochure Imperva Securesphere Vormetric Encryption
Michelle Guerrero Montalvo
 
Information Leakage Prevention In Cloud Computing
Information Leakage Prevention In Cloud ComputingInformation Leakage Prevention In Cloud Computing
Information Leakage Prevention In Cloud Computing
IJERA Editor
 
eHealth ….. How to trust a cloud?
eHealth ….. How to trust a cloud?eHealth ….. How to trust a cloud?
eHealth ….. How to trust a cloud?
Mario Drobics
 

What's hot (17)

Iaetsd secure data storage against attacks in cloud
Iaetsd secure data storage against attacks in cloudIaetsd secure data storage against attacks in cloud
Iaetsd secure data storage against attacks in cloud
 
Cloud Auditing
Cloud AuditingCloud Auditing
Cloud Auditing
 
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDS
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDSSECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDS
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDS
 
Hipaa auditing in cloud computing enviroment
Hipaa auditing in cloud computing enviromentHipaa auditing in cloud computing enviroment
Hipaa auditing in cloud computing enviroment
 
Data Security Explained
Data Security ExplainedData Security Explained
Data Security Explained
 
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTINGDATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
 
Cloud Audit and Compliance
Cloud Audit and ComplianceCloud Audit and Compliance
Cloud Audit and Compliance
 
Data Stream Controller for Enterprise Cloud Application
Data Stream Controller for Enterprise Cloud ApplicationData Stream Controller for Enterprise Cloud Application
Data Stream Controller for Enterprise Cloud Application
 
Security Problem With Cloud Computing
Security Problem With Cloud ComputingSecurity Problem With Cloud Computing
Security Problem With Cloud Computing
 
It pp hybrid attribute- and re-encryption-based key management for secure and...
It pp hybrid attribute- and re-encryption-based key management for secure and...It pp hybrid attribute- and re-encryption-based key management for secure and...
It pp hybrid attribute- and re-encryption-based key management for secure and...
 
Hybrid attribute and re-encryption-based key management for secure and scala...
Hybrid attribute and re-encryption-based key management for secure and scala...Hybrid attribute and re-encryption-based key management for secure and scala...
Hybrid attribute and re-encryption-based key management for secure and scala...
 
Hybrid attribute and re-encryption-based key management for secure and scala...
Hybrid attribute and re-encryption-based key management for secure and scala...Hybrid attribute and re-encryption-based key management for secure and scala...
Hybrid attribute and re-encryption-based key management for secure and scala...
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUD
 
Primend praktiline konverents - Office 365 turvalisus
Primend praktiline konverents - Office 365 turvalisusPrimend praktiline konverents - Office 365 turvalisus
Primend praktiline konverents - Office 365 turvalisus
 
Brochure Imperva Securesphere Vormetric Encryption
Brochure Imperva Securesphere Vormetric EncryptionBrochure Imperva Securesphere Vormetric Encryption
Brochure Imperva Securesphere Vormetric Encryption
 
Information Leakage Prevention In Cloud Computing
Information Leakage Prevention In Cloud ComputingInformation Leakage Prevention In Cloud Computing
Information Leakage Prevention In Cloud Computing
 
eHealth ….. How to trust a cloud?
eHealth ….. How to trust a cloud?eHealth ….. How to trust a cloud?
eHealth ….. How to trust a cloud?
 

Viewers also liked

Sunny_Resume
Sunny_ResumeSunny_Resume
Sunny_Resume
Sunny Gupta
 
The Normal Menstrual Cycle
The Normal Menstrual CycleThe Normal Menstrual Cycle
The Normal Menstrual Cycle
Dr. Kanwal Ali
 
Summative_Comparative_Analysis
Summative_Comparative_AnalysisSummative_Comparative_Analysis
Summative_Comparative_Analysis
Danika Scevers
 
Dqi+Min
Dqi+MinDqi+Min
Dqi+Min
miney727
 
Melo
MeloMelo
Melo
zonalema
 
Par2 2 0901(1)
Par2 2 0901(1)Par2 2 0901(1)
Par2 2 0901(1)
laura ximena nuñez plata
 
Servidordeimpresion
ServidordeimpresionServidordeimpresion
Servidordeimpresion
Ricardo Diaz
 
Materi IPA kelas 4 Semester 2 Gaya " Karya ZAFRAN "
Materi IPA kelas 4 Semester 2 Gaya " Karya ZAFRAN "Materi IPA kelas 4 Semester 2 Gaya " Karya ZAFRAN "
Materi IPA kelas 4 Semester 2 Gaya " Karya ZAFRAN "
Rachmah Safitri
 
Software Defined Networking (SDN) with VMware NSX
Software Defined Networking (SDN) with VMware NSXSoftware Defined Networking (SDN) with VMware NSX
Software Defined Networking (SDN) with VMware NSX
Zivaro Inc
 
application of differential equation and multiple integral
application of differential equation and multiple integralapplication of differential equation and multiple integral
application of differential equation and multiple integral
divya gupta
 
IPSec_VPN_Final_
IPSec_VPN_Final_IPSec_VPN_Final_
IPSec_VPN_Final_
Pratik Bhide
 
Drugs used in pregnancy
Drugs used in pregnancyDrugs used in pregnancy
Drugs used in pregnancy
ethan1hunt
 
Application of differential equation in real life
Application of differential equation in real lifeApplication of differential equation in real life
Application of differential equation in real life
Tanjil Hasan
 
Rhinoplasty raju ppt full
Rhinoplasty raju ppt fullRhinoplasty raju ppt full
Rhinoplasty raju ppt full
Ram Raju
 
Eye injuries and illnesses- Third year mbbs Ophthalmology
Eye injuries and illnesses- Third year mbbs OphthalmologyEye injuries and illnesses- Third year mbbs Ophthalmology
Eye injuries and illnesses- Third year mbbs Ophthalmology
DrVarun5179
 
Pharmacotherapeutics in obstetrics
Pharmacotherapeutics in obstetricsPharmacotherapeutics in obstetrics
Pharmacotherapeutics in obstetrics
Deepthy Philip Thomas
 
звукови модели
звукови модели звукови модели
звукови модели
Vаlentina Bikova
 

Viewers also liked (17)

Sunny_Resume
Sunny_ResumeSunny_Resume
Sunny_Resume
 
The Normal Menstrual Cycle
The Normal Menstrual CycleThe Normal Menstrual Cycle
The Normal Menstrual Cycle
 
Summative_Comparative_Analysis
Summative_Comparative_AnalysisSummative_Comparative_Analysis
Summative_Comparative_Analysis
 
Dqi+Min
Dqi+MinDqi+Min
Dqi+Min
 
Melo
MeloMelo
Melo
 
Par2 2 0901(1)
Par2 2 0901(1)Par2 2 0901(1)
Par2 2 0901(1)
 
Servidordeimpresion
ServidordeimpresionServidordeimpresion
Servidordeimpresion
 
Materi IPA kelas 4 Semester 2 Gaya " Karya ZAFRAN "
Materi IPA kelas 4 Semester 2 Gaya " Karya ZAFRAN "Materi IPA kelas 4 Semester 2 Gaya " Karya ZAFRAN "
Materi IPA kelas 4 Semester 2 Gaya " Karya ZAFRAN "
 
Software Defined Networking (SDN) with VMware NSX
Software Defined Networking (SDN) with VMware NSXSoftware Defined Networking (SDN) with VMware NSX
Software Defined Networking (SDN) with VMware NSX
 
application of differential equation and multiple integral
application of differential equation and multiple integralapplication of differential equation and multiple integral
application of differential equation and multiple integral
 
IPSec_VPN_Final_
IPSec_VPN_Final_IPSec_VPN_Final_
IPSec_VPN_Final_
 
Drugs used in pregnancy
Drugs used in pregnancyDrugs used in pregnancy
Drugs used in pregnancy
 
Application of differential equation in real life
Application of differential equation in real lifeApplication of differential equation in real life
Application of differential equation in real life
 
Rhinoplasty raju ppt full
Rhinoplasty raju ppt fullRhinoplasty raju ppt full
Rhinoplasty raju ppt full
 
Eye injuries and illnesses- Third year mbbs Ophthalmology
Eye injuries and illnesses- Third year mbbs OphthalmologyEye injuries and illnesses- Third year mbbs Ophthalmology
Eye injuries and illnesses- Third year mbbs Ophthalmology
 
Pharmacotherapeutics in obstetrics
Pharmacotherapeutics in obstetricsPharmacotherapeutics in obstetrics
Pharmacotherapeutics in obstetrics
 
звукови модели
звукови модели звукови модели
звукови модели
 

Similar to Carestream white paper_cloud-security 2016

Cloud Security
Cloud SecurityCloud Security
Cloud Security
Pyingkodi Maran
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
Falgun Rathod
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computing
Prince Chandu
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
Pyingkodi Maran
 
CLOUD COMPUTING.pdf
CLOUD COMPUTING.pdfCLOUD COMPUTING.pdf
CLOUD COMPUTING.pdf
Protelion
 
CLOUD COMPUTING.pdf
CLOUD COMPUTING.pdfCLOUD COMPUTING.pdf
CLOUD COMPUTING.pdf
Protelion
 
Cloud computing in healthcare
Cloud computing in healthcareCloud computing in healthcare
Cloud computing in healthcare
Mithisar Basumatary
 
Enhanced Data Partitioning Technique for Improving Cloud Data Storage Security
Enhanced Data Partitioning Technique for Improving Cloud Data Storage SecurityEnhanced Data Partitioning Technique for Improving Cloud Data Storage Security
Enhanced Data Partitioning Technique for Improving Cloud Data Storage Security
Editor IJMTER
 
Whitepaper: Security of the Cloud
Whitepaper: Security of the CloudWhitepaper: Security of the Cloud
Whitepaper: Security of the Cloud
CloudSmartz
 
Security of the Cloud
Security of the CloudSecurity of the Cloud
Security of the Cloud
Epoch Universal, Inc.
 
Security Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdfSecurity Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdf
Ciente
 
Can You Trust Cloud Security In Public Cloud?
Can You Trust Cloud Security In Public Cloud?Can You Trust Cloud Security In Public Cloud?
Can You Trust Cloud Security In Public Cloud?
Intelligentia IT Systems Pvt. Ltd.
 
3 Types of Cloud Computing
3 Types of Cloud Computing3 Types of Cloud Computing
3 Types of Cloud Computing
CentriLogic
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommuters
Rishabh Gupta
 
Manage Risk By Protecting the Apps and Data That Drive Business Productivity
Manage Risk By Protecting the Apps and Data That Drive Business ProductivityManage Risk By Protecting the Apps and Data That Drive Business Productivity
Manage Risk By Protecting the Apps and Data That Drive Business Productivity
Citrix
 
Manage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data InfographicManage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data Infographic
Citrix
 
Research Report on Preserving Data Confidentiality & Data Integrity in ...
Research Report on Preserving Data Confidentiality & Data Integrity in ...Research Report on Preserving Data Confidentiality & Data Integrity in ...
Research Report on Preserving Data Confidentiality & Data Integrity in ...
Manish Sahani
 
Data storage security in cloud computing
Data storage security in cloud computingData storage security in cloud computing
Data storage security in cloud computing
Sonali Jain
 
SECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESSECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKES
Happiest Minds Technologies
 
Secure File SharingSecure File Sharing Using Access Contro.docx
Secure File SharingSecure File Sharing Using Access Contro.docxSecure File SharingSecure File Sharing Using Access Contro.docx
Secure File SharingSecure File Sharing Using Access Contro.docx
jeffreye3
 

Similar to Carestream white paper_cloud-security 2016 (20)

Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computing
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
CLOUD COMPUTING.pdf
CLOUD COMPUTING.pdfCLOUD COMPUTING.pdf
CLOUD COMPUTING.pdf
 
CLOUD COMPUTING.pdf
CLOUD COMPUTING.pdfCLOUD COMPUTING.pdf
CLOUD COMPUTING.pdf
 
Cloud computing in healthcare
Cloud computing in healthcareCloud computing in healthcare
Cloud computing in healthcare
 
Enhanced Data Partitioning Technique for Improving Cloud Data Storage Security
Enhanced Data Partitioning Technique for Improving Cloud Data Storage SecurityEnhanced Data Partitioning Technique for Improving Cloud Data Storage Security
Enhanced Data Partitioning Technique for Improving Cloud Data Storage Security
 
Whitepaper: Security of the Cloud
Whitepaper: Security of the CloudWhitepaper: Security of the Cloud
Whitepaper: Security of the Cloud
 
Security of the Cloud
Security of the CloudSecurity of the Cloud
Security of the Cloud
 
Security Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdfSecurity Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdf
 
Can You Trust Cloud Security In Public Cloud?
Can You Trust Cloud Security In Public Cloud?Can You Trust Cloud Security In Public Cloud?
Can You Trust Cloud Security In Public Cloud?
 
3 Types of Cloud Computing
3 Types of Cloud Computing3 Types of Cloud Computing
3 Types of Cloud Computing
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommuters
 
Manage Risk By Protecting the Apps and Data That Drive Business Productivity
Manage Risk By Protecting the Apps and Data That Drive Business ProductivityManage Risk By Protecting the Apps and Data That Drive Business Productivity
Manage Risk By Protecting the Apps and Data That Drive Business Productivity
 
Manage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data InfographicManage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data Infographic
 
Research Report on Preserving Data Confidentiality & Data Integrity in ...
Research Report on Preserving Data Confidentiality & Data Integrity in ...Research Report on Preserving Data Confidentiality & Data Integrity in ...
Research Report on Preserving Data Confidentiality & Data Integrity in ...
 
Data storage security in cloud computing
Data storage security in cloud computingData storage security in cloud computing
Data storage security in cloud computing
 
SECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESSECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKES
 
Secure File SharingSecure File Sharing Using Access Contro.docx
Secure File SharingSecure File Sharing Using Access Contro.docxSecure File SharingSecure File Sharing Using Access Contro.docx
Secure File SharingSecure File Sharing Using Access Contro.docx
 

More from Carestream

Affordable Digital Upgrade for Medical Imaging - the Benefits and the Return ...
Affordable Digital Upgrade for Medical Imaging - the Benefits and the Return ...Affordable Digital Upgrade for Medical Imaging - the Benefits and the Return ...
Affordable Digital Upgrade for Medical Imaging - the Benefits and the Return ...
Carestream
 
Digital Tomosynthesis: Theory of Operation
Digital Tomosynthesis: Theory of OperationDigital Tomosynthesis: Theory of Operation
Digital Tomosynthesis: Theory of Operation
Carestream
 
Tube and Line and Pneumothorax Visualization Software
Tube and Line and Pneumothorax Visualization SoftwareTube and Line and Pneumothorax Visualization Software
Tube and Line and Pneumothorax Visualization Software
Carestream
 
EVP Plus Software delivers state-of-the-art image processing for CR and DR sy...
EVP Plus Software delivers state-of-the-art image processing for CR and DR sy...EVP Plus Software delivers state-of-the-art image processing for CR and DR sy...
EVP Plus Software delivers state-of-the-art image processing for CR and DR sy...
Carestream
 
Dose Efficient Dual Energy Subtraction Radiography - Theory of Operations
Dose Efficient Dual Energy Subtraction Radiography - Theory of OperationsDose Efficient Dual Energy Subtraction Radiography - Theory of Operations
Dose Efficient Dual Energy Subtraction Radiography - Theory of Operations
Carestream
 
Smart Noise Cancellation Processing: New Level of Clarity in Digital Radiography
Smart Noise Cancellation Processing: New Level of Clarity in Digital RadiographySmart Noise Cancellation Processing: New Level of Clarity in Digital Radiography
Smart Noise Cancellation Processing: New Level of Clarity in Digital Radiography
Carestream
 
Special Report: Challenges and Solutions in Pediatric X-ray
Special Report: Challenges and Solutions in Pediatric X-raySpecial Report: Challenges and Solutions in Pediatric X-ray
Special Report: Challenges and Solutions in Pediatric X-ray
Carestream
 
Special Report: Getting the Optimal Return on X-ray Equipment
Special Report: Getting the Optimal Return on X-ray EquipmentSpecial Report: Getting the Optimal Return on X-ray Equipment
Special Report: Getting the Optimal Return on X-ray Equipment
Carestream
 
The Pursuit of Excellence in Image Quality
The Pursuit of Excellence in Image QualityThe Pursuit of Excellence in Image Quality
The Pursuit of Excellence in Image Quality
Carestream
 
Whitepaper: Healthcare Data Migration - Top 10 Questions
Whitepaper: Healthcare Data Migration - Top 10 Questions Whitepaper: Healthcare Data Migration - Top 10 Questions
Whitepaper: Healthcare Data Migration - Top 10 Questions
Carestream
 
Whitepaper: Image Quality Impact of SmartGrid Processing in Bedside Chest Ima...
Whitepaper: Image Quality Impact of SmartGrid Processing in Bedside Chest Ima...Whitepaper: Image Quality Impact of SmartGrid Processing in Bedside Chest Ima...
Whitepaper: Image Quality Impact of SmartGrid Processing in Bedside Chest Ima...
Carestream
 
Using Carbon Nano-Tube Field Emitters to Miniaturize X-Ray Tubes
Using Carbon Nano-Tube Field Emitters to Miniaturize X-Ray TubesUsing Carbon Nano-Tube Field Emitters to Miniaturize X-Ray Tubes
Using Carbon Nano-Tube Field Emitters to Miniaturize X-Ray Tubes
Carestream
 
Guia obsolescencia seram
Guia obsolescencia seramGuia obsolescencia seram
Guia obsolescencia seram
Carestream
 
Cloud Security
Cloud Security Cloud Security
Cloud Security
Carestream
 
Sunway Medical Centre Installs CARESTREAM Vue PACS to Streamline Imaging Proc...
Sunway Medical Centre Installs CARESTREAM Vue PACS to Streamline Imaging Proc...Sunway Medical Centre Installs CARESTREAM Vue PACS to Streamline Imaging Proc...
Sunway Medical Centre Installs CARESTREAM Vue PACS to Streamline Imaging Proc...
Carestream
 
White Paper: The Benefits of Mobile X-rays in Thoracic and Cardiac Care
White Paper: The Benefits of Mobile X-rays in Thoracic and Cardiac CareWhite Paper: The Benefits of Mobile X-rays in Thoracic and Cardiac Care
White Paper: The Benefits of Mobile X-rays in Thoracic and Cardiac Care
Carestream
 
Study: University Clinic, Regensburg, Evaluates Smart Flow in Ultrasound
Study: University Clinic, Regensburg, Evaluates Smart Flow in UltrasoundStudy: University Clinic, Regensburg, Evaluates Smart Flow in Ultrasound
Study: University Clinic, Regensburg, Evaluates Smart Flow in Ultrasound
Carestream
 
Financial Implications for Integrating Carestream OnSight 3D Extremity System...
Financial Implications for Integrating Carestream OnSight 3D Extremity System...Financial Implications for Integrating Carestream OnSight 3D Extremity System...
Financial Implications for Integrating Carestream OnSight 3D Extremity System...
Carestream
 
Whitepaper: Enterprise Access Viewer Connecting technologies, physicians, and...
Whitepaper: Enterprise Access Viewer Connecting technologies, physicians, and...Whitepaper: Enterprise Access Viewer Connecting technologies, physicians, and...
Whitepaper: Enterprise Access Viewer Connecting technologies, physicians, and...
Carestream
 
Evaluating Enterprise Clinical Data-Management Systems at RSNA 2016
Evaluating Enterprise Clinical Data-Management Systems at RSNA 2016Evaluating Enterprise Clinical Data-Management Systems at RSNA 2016
Evaluating Enterprise Clinical Data-Management Systems at RSNA 2016
Carestream
 

More from Carestream (20)

Affordable Digital Upgrade for Medical Imaging - the Benefits and the Return ...
Affordable Digital Upgrade for Medical Imaging - the Benefits and the Return ...Affordable Digital Upgrade for Medical Imaging - the Benefits and the Return ...
Affordable Digital Upgrade for Medical Imaging - the Benefits and the Return ...
 
Digital Tomosynthesis: Theory of Operation
Digital Tomosynthesis: Theory of OperationDigital Tomosynthesis: Theory of Operation
Digital Tomosynthesis: Theory of Operation
 
Tube and Line and Pneumothorax Visualization Software
Tube and Line and Pneumothorax Visualization SoftwareTube and Line and Pneumothorax Visualization Software
Tube and Line and Pneumothorax Visualization Software
 
EVP Plus Software delivers state-of-the-art image processing for CR and DR sy...
EVP Plus Software delivers state-of-the-art image processing for CR and DR sy...EVP Plus Software delivers state-of-the-art image processing for CR and DR sy...
EVP Plus Software delivers state-of-the-art image processing for CR and DR sy...
 
Dose Efficient Dual Energy Subtraction Radiography - Theory of Operations
Dose Efficient Dual Energy Subtraction Radiography - Theory of OperationsDose Efficient Dual Energy Subtraction Radiography - Theory of Operations
Dose Efficient Dual Energy Subtraction Radiography - Theory of Operations
 
Smart Noise Cancellation Processing: New Level of Clarity in Digital Radiography
Smart Noise Cancellation Processing: New Level of Clarity in Digital RadiographySmart Noise Cancellation Processing: New Level of Clarity in Digital Radiography
Smart Noise Cancellation Processing: New Level of Clarity in Digital Radiography
 
Special Report: Challenges and Solutions in Pediatric X-ray
Special Report: Challenges and Solutions in Pediatric X-raySpecial Report: Challenges and Solutions in Pediatric X-ray
Special Report: Challenges and Solutions in Pediatric X-ray
 
Special Report: Getting the Optimal Return on X-ray Equipment
Special Report: Getting the Optimal Return on X-ray EquipmentSpecial Report: Getting the Optimal Return on X-ray Equipment
Special Report: Getting the Optimal Return on X-ray Equipment
 
The Pursuit of Excellence in Image Quality
The Pursuit of Excellence in Image QualityThe Pursuit of Excellence in Image Quality
The Pursuit of Excellence in Image Quality
 
Whitepaper: Healthcare Data Migration - Top 10 Questions
Whitepaper: Healthcare Data Migration - Top 10 Questions Whitepaper: Healthcare Data Migration - Top 10 Questions
Whitepaper: Healthcare Data Migration - Top 10 Questions
 
Whitepaper: Image Quality Impact of SmartGrid Processing in Bedside Chest Ima...
Whitepaper: Image Quality Impact of SmartGrid Processing in Bedside Chest Ima...Whitepaper: Image Quality Impact of SmartGrid Processing in Bedside Chest Ima...
Whitepaper: Image Quality Impact of SmartGrid Processing in Bedside Chest Ima...
 
Using Carbon Nano-Tube Field Emitters to Miniaturize X-Ray Tubes
Using Carbon Nano-Tube Field Emitters to Miniaturize X-Ray TubesUsing Carbon Nano-Tube Field Emitters to Miniaturize X-Ray Tubes
Using Carbon Nano-Tube Field Emitters to Miniaturize X-Ray Tubes
 
Guia obsolescencia seram
Guia obsolescencia seramGuia obsolescencia seram
Guia obsolescencia seram
 
Cloud Security
Cloud Security Cloud Security
Cloud Security
 
Sunway Medical Centre Installs CARESTREAM Vue PACS to Streamline Imaging Proc...
Sunway Medical Centre Installs CARESTREAM Vue PACS to Streamline Imaging Proc...Sunway Medical Centre Installs CARESTREAM Vue PACS to Streamline Imaging Proc...
Sunway Medical Centre Installs CARESTREAM Vue PACS to Streamline Imaging Proc...
 
White Paper: The Benefits of Mobile X-rays in Thoracic and Cardiac Care
White Paper: The Benefits of Mobile X-rays in Thoracic and Cardiac CareWhite Paper: The Benefits of Mobile X-rays in Thoracic and Cardiac Care
White Paper: The Benefits of Mobile X-rays in Thoracic and Cardiac Care
 
Study: University Clinic, Regensburg, Evaluates Smart Flow in Ultrasound
Study: University Clinic, Regensburg, Evaluates Smart Flow in UltrasoundStudy: University Clinic, Regensburg, Evaluates Smart Flow in Ultrasound
Study: University Clinic, Regensburg, Evaluates Smart Flow in Ultrasound
 
Financial Implications for Integrating Carestream OnSight 3D Extremity System...
Financial Implications for Integrating Carestream OnSight 3D Extremity System...Financial Implications for Integrating Carestream OnSight 3D Extremity System...
Financial Implications for Integrating Carestream OnSight 3D Extremity System...
 
Whitepaper: Enterprise Access Viewer Connecting technologies, physicians, and...
Whitepaper: Enterprise Access Viewer Connecting technologies, physicians, and...Whitepaper: Enterprise Access Viewer Connecting technologies, physicians, and...
Whitepaper: Enterprise Access Viewer Connecting technologies, physicians, and...
 
Evaluating Enterprise Clinical Data-Management Systems at RSNA 2016
Evaluating Enterprise Clinical Data-Management Systems at RSNA 2016Evaluating Enterprise Clinical Data-Management Systems at RSNA 2016
Evaluating Enterprise Clinical Data-Management Systems at RSNA 2016
 

Recently uploaded

CANSA support - Caring for Cancer Patients' Caregivers
CANSA support - Caring for Cancer Patients' CaregiversCANSA support - Caring for Cancer Patients' Caregivers
CANSA support - Caring for Cancer Patients' Caregivers
CANSA The Cancer Association of South Africa
 
chatgptfornlp-230314021506-2f03f614.pdf. 21506-2f03f614.pdf
chatgptfornlp-230314021506-2f03f614.pdf. 21506-2f03f614.pdfchatgptfornlp-230314021506-2f03f614.pdf. 21506-2f03f614.pdf
chatgptfornlp-230314021506-2f03f614.pdf. 21506-2f03f614.pdf
marynayjun112024
 
PrudentRx: A Resource for Patient Education and Engagement
PrudentRx: A Resource for Patient Education and EngagementPrudentRx: A Resource for Patient Education and Engagement
PrudentRx: A Resource for Patient Education and Engagement
PrudentRx Program
 
Time line.ppQAWSDRFTGYUIOPÑLKIUYTREWASDFTGY
Time line.ppQAWSDRFTGYUIOPÑLKIUYTREWASDFTGYTime line.ppQAWSDRFTGYUIOPÑLKIUYTREWASDFTGY
Time line.ppQAWSDRFTGYUIOPÑLKIUYTREWASDFTGY
DianaRodriguez639773
 
一比一原版(EUR毕业证)鹿特丹伊拉斯姆斯大学毕业证如何办理
一比一原版(EUR毕业证)鹿特丹伊拉斯姆斯大学毕业证如何办理一比一原版(EUR毕业证)鹿特丹伊拉斯姆斯大学毕业证如何办理
一比一原版(EUR毕业证)鹿特丹伊拉斯姆斯大学毕业证如何办理
gjsma0ep
 
Letter to MREC - application to conduct study
Letter to MREC - application to conduct studyLetter to MREC - application to conduct study
Letter to MREC - application to conduct study
Azreen Aj
 
Vicarious movements or trick movements_AB.pdf
Vicarious movements or trick movements_AB.pdfVicarious movements or trick movements_AB.pdf
Vicarious movements or trick movements_AB.pdf
Arunima620542
 
Bringing AI into a Mid-Sized Company: A structured Approach
Bringing AI into a Mid-Sized Company: A structured ApproachBringing AI into a Mid-Sized Company: A structured Approach
Bringing AI into a Mid-Sized Company: A structured Approach
Brian Frerichs
 
Tips for Pet Care in winters How to take care of pets.
Tips for Pet Care in winters How to take care of pets.Tips for Pet Care in winters How to take care of pets.
Tips for Pet Care in winters How to take care of pets.
Dinesh Chauhan
 
FACIAL NERVE
FACIAL NERVEFACIAL NERVE
FACIAL NERVE
aditigupta1117
 
Professional Secrecy: Forensic Medicine Lecture
Professional Secrecy: Forensic Medicine LectureProfessional Secrecy: Forensic Medicine Lecture
Professional Secrecy: Forensic Medicine Lecture
DIVYANSHU740006
 
Can Allopathy and Homeopathy Be Used Together in India.pdf
Can Allopathy and Homeopathy Be Used Together in India.pdfCan Allopathy and Homeopathy Be Used Together in India.pdf
Can Allopathy and Homeopathy Be Used Together in India.pdf
Dharma Homoeopathy
 
DR SHAMIN EABENSON - JOURNAL CLUB - NEEDLE STICK INJURY
DR SHAMIN EABENSON - JOURNAL CLUB - NEEDLE STICK INJURYDR SHAMIN EABENSON - JOURNAL CLUB - NEEDLE STICK INJURY
DR SHAMIN EABENSON - JOURNAL CLUB - NEEDLE STICK INJURY
SHAMIN EABENSON
 
Luxurious Spa In Ajman Chandrima Massage Center
Luxurious Spa In Ajman Chandrima Massage CenterLuxurious Spa In Ajman Chandrima Massage Center
Luxurious Spa In Ajman Chandrima Massage Center
Chandrima Spa Ajman
 
MBC Support Group for Black Women – Insights in Genetic Testing.pdf
MBC Support Group for Black Women – Insights in Genetic Testing.pdfMBC Support Group for Black Women – Insights in Genetic Testing.pdf
MBC Support Group for Black Women – Insights in Genetic Testing.pdf
bkling
 
Champions of Health Spotlight On Leaders Shaping Germany's Healthcare.pdf
Champions of Health Spotlight On Leaders Shaping Germany's Healthcare.pdfChampions of Health Spotlight On Leaders Shaping Germany's Healthcare.pdf
Champions of Health Spotlight On Leaders Shaping Germany's Healthcare.pdf
eurohealthleaders
 
Can coffee help me lose weight? Yes, 25,422 users in the USA use it for that ...
Can coffee help me lose weight? Yes, 25,422 users in the USA use it for that ...Can coffee help me lose weight? Yes, 25,422 users in the USA use it for that ...
Can coffee help me lose weight? Yes, 25,422 users in the USA use it for that ...
nirahealhty
 
Gemma Wean- Nutritional solution for Artemia
Gemma Wean- Nutritional solution for ArtemiaGemma Wean- Nutritional solution for Artemia
Gemma Wean- Nutritional solution for Artemia
smuskaan0008
 
Innovative Minds France's Most Impactful Healthcare Leaders.pdf
Innovative Minds France's Most Impactful Healthcare Leaders.pdfInnovative Minds France's Most Impactful Healthcare Leaders.pdf
Innovative Minds France's Most Impactful Healthcare Leaders.pdf
eurohealthleaders
 
NKTI Annual Report - Annual Report FY 2022
NKTI Annual Report - Annual Report FY 2022NKTI Annual Report - Annual Report FY 2022
NKTI Annual Report - Annual Report FY 2022
nktiacc3
 

Recently uploaded (20)

CANSA support - Caring for Cancer Patients' Caregivers
CANSA support - Caring for Cancer Patients' CaregiversCANSA support - Caring for Cancer Patients' Caregivers
CANSA support - Caring for Cancer Patients' Caregivers
 
chatgptfornlp-230314021506-2f03f614.pdf. 21506-2f03f614.pdf
chatgptfornlp-230314021506-2f03f614.pdf. 21506-2f03f614.pdfchatgptfornlp-230314021506-2f03f614.pdf. 21506-2f03f614.pdf
chatgptfornlp-230314021506-2f03f614.pdf. 21506-2f03f614.pdf
 
PrudentRx: A Resource for Patient Education and Engagement
PrudentRx: A Resource for Patient Education and EngagementPrudentRx: A Resource for Patient Education and Engagement
PrudentRx: A Resource for Patient Education and Engagement
 
Time line.ppQAWSDRFTGYUIOPÑLKIUYTREWASDFTGY
Time line.ppQAWSDRFTGYUIOPÑLKIUYTREWASDFTGYTime line.ppQAWSDRFTGYUIOPÑLKIUYTREWASDFTGY
Time line.ppQAWSDRFTGYUIOPÑLKIUYTREWASDFTGY
 
一比一原版(EUR毕业证)鹿特丹伊拉斯姆斯大学毕业证如何办理
一比一原版(EUR毕业证)鹿特丹伊拉斯姆斯大学毕业证如何办理一比一原版(EUR毕业证)鹿特丹伊拉斯姆斯大学毕业证如何办理
一比一原版(EUR毕业证)鹿特丹伊拉斯姆斯大学毕业证如何办理
 
Letter to MREC - application to conduct study
Letter to MREC - application to conduct studyLetter to MREC - application to conduct study
Letter to MREC - application to conduct study
 
Vicarious movements or trick movements_AB.pdf
Vicarious movements or trick movements_AB.pdfVicarious movements or trick movements_AB.pdf
Vicarious movements or trick movements_AB.pdf
 
Bringing AI into a Mid-Sized Company: A structured Approach
Bringing AI into a Mid-Sized Company: A structured ApproachBringing AI into a Mid-Sized Company: A structured Approach
Bringing AI into a Mid-Sized Company: A structured Approach
 
Tips for Pet Care in winters How to take care of pets.
Tips for Pet Care in winters How to take care of pets.Tips for Pet Care in winters How to take care of pets.
Tips for Pet Care in winters How to take care of pets.
 
FACIAL NERVE
FACIAL NERVEFACIAL NERVE
FACIAL NERVE
 
Professional Secrecy: Forensic Medicine Lecture
Professional Secrecy: Forensic Medicine LectureProfessional Secrecy: Forensic Medicine Lecture
Professional Secrecy: Forensic Medicine Lecture
 
Can Allopathy and Homeopathy Be Used Together in India.pdf
Can Allopathy and Homeopathy Be Used Together in India.pdfCan Allopathy and Homeopathy Be Used Together in India.pdf
Can Allopathy and Homeopathy Be Used Together in India.pdf
 
DR SHAMIN EABENSON - JOURNAL CLUB - NEEDLE STICK INJURY
DR SHAMIN EABENSON - JOURNAL CLUB - NEEDLE STICK INJURYDR SHAMIN EABENSON - JOURNAL CLUB - NEEDLE STICK INJURY
DR SHAMIN EABENSON - JOURNAL CLUB - NEEDLE STICK INJURY
 
Luxurious Spa In Ajman Chandrima Massage Center
Luxurious Spa In Ajman Chandrima Massage CenterLuxurious Spa In Ajman Chandrima Massage Center
Luxurious Spa In Ajman Chandrima Massage Center
 
MBC Support Group for Black Women – Insights in Genetic Testing.pdf
MBC Support Group for Black Women – Insights in Genetic Testing.pdfMBC Support Group for Black Women – Insights in Genetic Testing.pdf
MBC Support Group for Black Women – Insights in Genetic Testing.pdf
 
Champions of Health Spotlight On Leaders Shaping Germany's Healthcare.pdf
Champions of Health Spotlight On Leaders Shaping Germany's Healthcare.pdfChampions of Health Spotlight On Leaders Shaping Germany's Healthcare.pdf
Champions of Health Spotlight On Leaders Shaping Germany's Healthcare.pdf
 
Can coffee help me lose weight? Yes, 25,422 users in the USA use it for that ...
Can coffee help me lose weight? Yes, 25,422 users in the USA use it for that ...Can coffee help me lose weight? Yes, 25,422 users in the USA use it for that ...
Can coffee help me lose weight? Yes, 25,422 users in the USA use it for that ...
 
Gemma Wean- Nutritional solution for Artemia
Gemma Wean- Nutritional solution for ArtemiaGemma Wean- Nutritional solution for Artemia
Gemma Wean- Nutritional solution for Artemia
 
Innovative Minds France's Most Impactful Healthcare Leaders.pdf
Innovative Minds France's Most Impactful Healthcare Leaders.pdfInnovative Minds France's Most Impactful Healthcare Leaders.pdf
Innovative Minds France's Most Impactful Healthcare Leaders.pdf
 
NKTI Annual Report - Annual Report FY 2022
NKTI Annual Report - Annual Report FY 2022NKTI Annual Report - Annual Report FY 2022
NKTI Annual Report - Annual Report FY 2022
 

Carestream white paper_cloud-security 2016

  • 1. White Paper | Cloud-Based Security Technical Brief Series How to Evaluate the Data Security Capabilities of Cloud-Based Services Executive Summary When evaluating cloud-based services, no issue is more critical than data security. Cloud-based services today can be compared to internet banking. Consumers were initially afraid that online banking would make them more vulnerable to fraud or identity theft. But as online security technologies and processes have improved, online banking is now actually safer than getting paper statements in the mail. Likewise, using a cloud-based service supplier instead of operating your own internal system can be a major step toward becoming liberated from serious security issues. However, you must choose your provider wisely. Suppliers must demonstrate that they have the optimal technologies, infrastructures and processes in place to ensure the security of your data. And each healthcare facility needs to require evidence that health information is protected at all levels and stages of the workflow – from duplicate disaster recovery copies and physical protection of the data center to data transmission, storage and user access. It’s important to understand the four key components of data security: availability, integrity, confidentiality and traceability. Availability ensures continuous access to data even in the event of a natural or man-made disaster or events such as fires or power outages. Integrity ensures that the data is maintained in its original state and has not been intentionally or accidentally altered. Confidentiality means information is available or disclosed only to authorized individuals, entities or IT processes. Traceability is the ability to verify the history, location or application of an item by means of documented recorded identification. All components of data security must be maintained at the following three levels: 1. The physical infrastructure of the data center. 2. The hosted application that manages data. 3. The policies and procedures to maintain continuous security in the cloud. 1. Physical Security at the Data Center The data center must supply a secure physical hosting environment. This typically includes: • Redundant utilities, particularly power supply and air conditioning. • Protection against fire with appropriate extinguishers in each computer room, as well as emergency power-off switches. • Specially equipped ventilating and air conditioning systems. While temperature is an important factor, equipment must also be protected from external heavy pollution such as smoke from a nearby fire. • Windowless rooms for servers and storage equipment. • Access control to enter the data center. This includes access monitoring through methods such as badge- based entry in tandem with a security guard or biometric identification system, strictly controlled visits, a single entrance to the most sensitive area of the data center, and surveillance cameras around the building and at each entrance. Extra authentication should be required to access sensitive areas where patient data is stored. Ask to see the supplier’s security policy and find out how employees’ online access to data is monitored.
  • 2. White Paper | Cloud-Based Security 2 Data center designs can be broken down into four tiers. Most hospital data centers are at Tier 1 or Tier 2. For Tier 3 and Tier 4, cloud service providers are best equipped to make the significant investment required to guarantee higher security. Tier Level Requirements 1 • Single non-redundant distribution path serving the IT equipment • Non-redundant capacity components • Basic site infrastructure that guarantees 99.671% availability 2 • Fulfills all Tier 1 requirements • Redundant site infrastructure capacity components that guarantee 99.741% availability 3 • Fulfills all Tier 1 and Tier 2 requirements • Multiple independent distribution paths serving the IT equipment • All IT equipment must be dual-powered and fully compatible with the topology of a site’s architecture • Concurrently maintainable site infrastructure that guarantees 99.982% availability 4 • Fulfills all Tier 1, Tier 2 and Tier 3 requirements • All cooling equipment is independently dual- powered, including chillers and heating, ventilating and air-conditioning (HVAC) systems • Fault-tolerant site infrastructure with electrical power storage and distribution facilities that guarantee 99.995% availability 2. Application-Level Security Design Application-Level Availability Any application should start with a secure and reliable storage mechanism: • The cloud service provider maintains at least two copies of ingested data, thus reducing the risk of data loss. One of the two copies should reside in a backup data center at a separate location in case a disaster impacts the main data center. The system should ensure that the two copies are permanently synchronized. • Database is stored on RAID-10 (1+0) disk system. RAID-10 provides high availability and performance when there is a need to reconstruct data in the case of disk failure. • Data is stored on RAID-6. While this type of RAID is slower to reconstruct in case of disk failure, it offers excellent reliability with a higher ratio of usable storage to physical storage. One of the often-overlooked areas of data security is authentication procedures. It is not enough to maintain two copies of patient data. The cloud service provider must also have a validation process to ensure that each copy of the data maintains its integrity and that any damaged files can be quickly detected and reconstructed from a RAID copy. Application-Level Integrity Application-level signatures should be computed for every document and kept in the database. The encryption mechanism used to ensure confidentiality during the TCP/IP transmission includes an integrity check that prevents the risk of data corruption. The Transport Layer Security (TLS) protocol and its predecessor Secure Socket Layer (SSL) provide for privacy and data integrity in communications between two computer applications. When secured by TLS, connections between a client and server (such as the connection between a web browser and a cloud-based application) have one or more of the following properties: • The connection is private because symmetric cryptography is used to encrypt the data transmitted. The keys for this symmetric encryption are generated uniquely for each connection and are based on a shared secret negotiated at the start of the session. The server and client negotiate the details of which encryption algorithm and cryptographic keys to use before the first byte of data is transmitted. The negotiation of a shared secret is both secure and reliable. • The identity of the communicating parties can be authenticated using public-key cryptography. • The connection is reliable because each message transmitted includes a message integrity check using a message authentication code to prevent undetected loss or alteration of the data during transmission.
  • 3. White Paper | Cloud-Based Security 3 Multi-Level Data Confidentiality Data protection is required at both the application and network level. Communication between healthcare sites and the data center is performed with TSL/SSL-based encryption at the application level to ensure end-to-end protection between the service access point and the data center. This encryption ensures that none of the employees of the network provider can access data. It also prevents data from being viewed while it is being carried over the internet to an end user’s viewing software. TSL/SSL can implement several encryption algorithms, the most common being AES, 128-bit key length encryption. Access control also combines two levels of restriction: • Site-level access control defines which originating sites can access data. A default configuration specifies that data ingested by an originating site may only be accessed by the same site. Patient data can be shared between health establishments, such as a regional healthcare organization, providing that the service has been enabled under formal agreements and specific access controls are in place. Any other access, such as queries from other sites or from the web portal, must be specifically set up. This restriction applies to most imaging IT clouds that require a local server as a point of access. • A user profile specifies access to both features and data. Access rights for a given user can also be defined for patients and types of studies. Secure Connection to the Cloud Secure access requires the data center to equip its internet connection with the following: • Firewalls to control network transmissions based on a set of rules that protect networks from unauthorized access. • A demilitarized zone (DMZ), which is a physical or logical subnetwork that contains and exposes an organization’s external services to a larger untrusted network, providing security from external attacks. • Permanent updates to antivirus software with the latest virus signature databases. To guarantee secure data exchange, the connection between the data center and a customer site is usually made through a TSL/SSL-encrypted tunnel. 3. Policies and Procedures to Maintain Security Beyond physical and application-level design, proper policies and procedures are required to maintain ongoing security for cloud-based services, completing the traceability component of the security design. Establishing an Audit Trail While data privacy addresses who can access data and what a user can do, a comprehensive auditing function is needed to track all activities, warnings and failures related to patient health information (PHI) that occur in the system. A trusted cloud service provider should provide robust data that can be used for auditing and other system performance tools, supporting the security administrator in managing the system.
  • 4. White Paper | Cloud-Based Security 4 Remote, Proactive Monitoring Remote, proactive monitoring is an extremely important function offered by leading cloud-based service providers, requiring both technology and experienced personnel. Monitoring enables early detection of potential incidents, ideally before they impact users. Monitoring should be executed by a dedicated tool that permanently watches each node of the cloud infrastructure, along with access points at each customer’s location and platforms at data centers. Monitoring controls key application processes, systems and the wide area network between the service access point and the data center. An appropriate proactive monitoring infrastructure collects metrics from each device and automatically triggers alerts when a fault condition is detected. Conditions that trigger an alert can range from a failure to back up data to unauthorized attempts to access data. Depending on the severity of the incident detected, the monitoring system might send an email to the support team or open a case file and display a visible alarm at the dashboard, allowing follow- up action to be performed by the incident-management team. In addition to protecting data, monitoring activities should also ensure that systems achieve specified performance and uptime guarantees. Monitoring should be conducted 24/7, and trained personnel should investigate each incident. Defining the Appropriate Security Policy The final element in a comprehensive security system is the organization’s security policy and its support team. The security policy tracks how security is achieved through the technical and human resources aspects of the product, operations and organization. The security policy is maintained under the responsibility of a designated security officer. The security officer must be involved every time a change is performed to the infrastructure or to the services that could impact data integrity or confidentiality. This includes upgrades, new functionality or organizational changes. The security policy should address the following topics: • Security organization: The security officer ensures that the security policy is updated. Internal audits are conducted and corrective actions are identified and implemented. • Human resources: The policy lists security procedures to be used when employees are hired, resign, or move within the organization. Forms must be signed by employees, and security training must be conducted. When an employee leaves, specific network access must be disabled and equipment such as tokens must be returned. • Assets management: This section of the policy outlines procedures to ensure that patient information is identified and well-managed. It describes how data must be destroyed when required. It explains how equipment is identified (serial number, internal identification number) and where this information is stored and maintained. • Physical security: Data center security is the responsibility of the hosting company, but the list of employees allowed to enter the data center is maintained internally and communicated to the hosting company. The data center should restrict physical access and require badges to enter specific areas. Security guards prevent the removal of equipment and any unauthorized physical access. • Operations: This section defines the boundaries of responsibility of the hosting company, operations and R&D. For example, upgrades and monitoring should be performed by operations, while R&D is the only department with access to source code. The policy should describe which technical solutions are in place, and enumerate the protocol and encryption mechanisms to be used from the customer site to the data center resources. The policy should also describe how data is secured (replication, media, etc.), how changes are tracked (logs) and methods for database backup. • Access control: The policy should list how and from where sensitive data can be accessed, and restrict access to appropriate users using Secure Remote Service Access (SRSA), secure ID, authentication with login and passwords. It should also describe how servers are hardened and protected. • Security incident management: This section describes the tracking and logging of all security incidents. Depending on incident severity, the security officer may coordinate immediate corrective action and communicate with R&D (to develop a workaround), operations (to deploy), human resources (should the incident involve an employee) and the legal department (in case of a regulation or contract violation).
  • 5. White Paper | Cloud-Based Security 5 • Business continuity: This section of the policy describes the technical solutions – such as RAID, cluster, network and fiber redundancy – that ensure continuity in the event of a disruptive incident. Every healthcare organization needs to ensure that the security policy is endorsed and implemented as part of each element in a cloud-based operation. Check the Security Supplier’s Credentials When a healthcare enterprise purchases a PACS or archiving system, it is purchasing features that the user must support and protect. Purchasers of cloud-based services are investing in a high-quality service that includes not only uptime guarantees but also data security levels. Security certification provides assurance that the provider adheres to the industry’s best practices for data security. The International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) have created a standard for information security management: ISO/IEC 27001. The most trustworthy providers of hosted security services have been audited by a third-party accredited certification body and have been granted a certificate of compliance with this standard. Carestream Health’s cloud business in Europe has been certified by BSI Group (also known as the British Standards Institution) as meeting the requirements of the latest published standard, ISO/IEC 27001:2013. This certification means that BSI auditors have examined and approved of all our security processes and controls at every site, and have determined them to be in full compliance with the standard. Certification also requires a yearly surveillance audit. The certificate is valid for three years, after which the full certification process must be repeated. .
  • 6. White Paper | Cloud-Based Security 6 Carestream Delivers Secure Cloud-Based Collaboration for More Efficient, Effective Care It is cost-prohibitive for many individual healthcare systems to support investments in the equipment, technology, personnel and ongoing training required to deliver the highest level of data security. Converting to best-in-class cloud-based services allows healthcare providers to achieve industry-leading data security – including data availability, integrity, confidentiality and traceability. Carestream Health is a worldwide provider of cloud-based healthcare IT services, offering state-of-the-art technologies, infrastructures and processes to ensure healthcare data security and privacy. We currently manage 13 private and public data centers with over 12 petabytes of data replicated between multiple sites for backup, disaster recovery and business continuity. We protect health information at all levels of the workflow – including the physical infrastructure of the data center, the hosted application that manages data, and the policies and procedures that govern data access, audit trails, remote monitoring, incident management and business continuity. Our ISO/IEC 27001:2013 certification is a stamp of approval from the world’s foremost standards and certification bodies. Our flagship Clinical Collaboration Platform is designed to bring patient-centric diagnostic imaging to stakeholders across the healthcare enterprise. With anywhere/anytime image access and management – based on a unified core with extensible modules for enterprise-wide integration – it’s the ideal application for the cloud. Carestream’s Vue cloud services enhance the Clinical Collaboration Platform with: • Security that provides the highest levels of availability, integrity, confidentiality and traceability. • Protection against obsolescence, with no need to upgrade hardware and software over time. • Predictable operations and pay-as-you-go budgeting for reliable business continuity at a lower total cost. • An infinitely scalable, vendor-neutral architecture that frees administrators from infrastructure management so they can focus on clinical workflow needs. Hosted locally by the enterprise, the Clinical Collaboration Platform fosters efficiency and quality of care by providing seamless access to the collaborative imaging tools you need today, as well as the innovative tools of tomorrow. Hosted in the cloud by Carestream, it also frees your enterprise from the burden of hardware, application and security management – providing added peace of mind that your data is available only to authorized users, whenever and wherever they need it.
  • 7. White Paper | Cloud-Based Security www.carestream.com Carestream Health, Inc., 2016. CARESTREAM is a trademark of Carestream Health. Cat No: 300 1055 Appendix: Cloud Service Provider Checklist – How Secure Is Your Data? 1. Physical Security Yes/No Redundant utilities: power supply and air conditioning Fire and flood protection Ventilation: protection from temperature extremes and external pollution Windowless rooms for servers and storage Access control: biometric ID, visitor process, single entrance to sensitive areas, security cameras, auditing Scalable floor space 2a. Application Level Availability Duplicate copy of data stored at multiple sites RAID-10 database storage RAID-6 data storage 2b. Application Level Integrity Application-level signature and integrity check 2c. Multi-Level Data Confidentiality Access control at site level Access control at user level, such as SRSA, secure ID and authentication Firewall Demilitarized zone (DMZ) Antivirus continuously updated with latest virus signature databases TSL/SSL-encrypted access tunnel 3. Policy and Procedures Audit trail for activities related to patient health information (PHI) Proactive monitoring, 24/7 Well-defined security policy