SlideShare a Scribd company logo

Roadmap to Healthcare HIPAA Compliance and Mobile Security for BYOD

Sierraware
Sierraware

Simplifying BYOD deployments while satisfying HIPAA and other healthcare regulations. Virtual Mobile Infrastructure with strong biometric authentication and 4096-bit encryption. Android-based VDI for mobile security.

Technology
1 of 29
Download to read offline
Your Roadmap to Healthcare Security and BYOD
Healthcare Security Checklist Protect PHI  Mitigate BYOD risks  Apply dual factor authentication  Encrypt PHI data Develop repeatable processes for compliance Implement procedures and technologies
Healthcare Security Risks 96% of healthcare providers had one or more data breaches in the past 2 years1 1 Dell Secureworks 2 2014 Healthcare Breach Report. Data Loss 68% of healthcare breaches are due to lost or stolen mobile devices or files2 Impact of BYOD
BYOD: A Reality for Healthcare Providers  Healthcare IT is already rolling out mobile apps to improve productivity and patient care – 2 out of 5 doctors already use mobile devices during consultations1  Yet mobility also presents a threat… – 3.1M smartphones were stolen in the U.S. in 20131 Source: Dell SecureWorks
Top Mobile Risks for Healthcare Lost mobile devices Stolen mobile devices Downloading of viruses and malware Unintentional disclosure to unauthorized users Unsecure Wi-fi networks Source: HealthIT.gov, Mobile Devices: Know the Risks
5 Pillars of Healthcare Security Technical safeguards defined by the U.S. Department of Health & Human Services Access Control Audit Control Transmission Security Integrity Person or Entity Authentication 1.Access Control: Limit users rights to business need-to-know – Unique User Identification – Emergency Access Procedure – Automatic Logoff – Encryption and Decryption
Access Control Audit Control 2. Audit Control: Implement hardware, software, or procedural mechanisms that record and examine access to ePHI 5 Pillars of Healthcare Security Technical safeguards defined by the U.S. Department of Health & Human Services Transmission Security Integrity Person or Entity Authentication
5 Pillars of Healthcare Security Technical safeguards defined by the U.S. Department of Health & Human Services Access Control Audit Control Transmission Security Integrity Person or Entity Authentication 3. Integrity: Implement policies and procedures to protect ePHI from improper alteration or destruction
5 Pillars of Healthcare Security Technical safeguards defined by the U.S. Department of Health & Human Services Access Control Audit Control Transmission Security Integrity Person or Entity Authentication 4. Person or Entity Authentication: Verify that users seeking access to ePHI are who they say they are – Biometric, smartcard, pin/passcode, token
5 Pillars of Healthcare Security Technical safeguards defined by the U.S. Department of Health & Human Services Access Control Audit Control Transmission Security Integrity Person or Entity Authentication 5. Transmission Security: Prevent unauthorized access to ePHI that is being transmitted over a network. – Integrity: Prevent modification or tampering of ePHI data in transit – Encryption: Encrypt ePHI whenever appropriate
BYOD Challenges the 5 Pillars of Security Transmission Security Person or Entity Authentication Audit ControlAccess Control Integrity Difficult to audit mobile activity since doctors may share PHI with patients via email or text messaging apps Every app may have different authentication methods; they may not support biometric or PIN/passcode methods Mobile apps may not use stringent SSL ciphers or even encrypt data at all IT must define distinct policies for different users, mobile apps and devices—a management nightmare Controls must be applied to prevent accidental deletion or alteration of PHI from mobile devices
Risks of Uncontrolled Devices Weak Encryption No support for strong authentication Unpatched application Stores PHI on phone No auditing of user access Unpatched phone OS In violation of HIPAA compliance requirements
IT Management and Training  IT will likely need to help doctors install mobile apps – They may also need to assist users through upgrades  If apps vary by device, IT will need to provide separate app training for Apple, Android, Microsoft or HTML5 users
Mobile Device Management Not Working 20% of enterprise BYOD programs will fail due to MDM measures that are too restrictive.1 1 2014 MDM research report by ESG 2 2014 Employee BYOD Survey by Zixcorp 3 Gartner 2014 Mobility Predictions; original quote spelled out BYOD and MDM. For IT TeamsFor Employees 43% worry that employers could access personal data2 30% are concerned their employer could control their personal device2 30% say MDM is more difficult to use than they anticipated1
VDI Isn’t the Solution for BYOD Expensive VDI Shortcomings – Not designed for touch – No multimedia redirection – No access to camera, printer, video, GPS Total cost for Microsoft VDI, Citrix, and hardware is $1,000+ per user1 Not designed for cellular edge, 3G networks 1 Microsoft Desktop OS $187 per user, Citrix $300/user Requires High Bandwidth Designed for Windows
Virtual Mobile Infrastructure The Roadmap for Healthcare Security Requires…
Virtual Mobile Infrastructure (VMI) VMI is a service that hosts mobile apps or full operating systems on remote servers Provide remote access to:  Android, Apple iOS and Windows Phone with client apps  Any HTML 5-enabled device Centralize app management to:  Eliminate need to install and upgrade apps on every device
VMI Benefits for Healthcare Providers Stop data loss by preventing users from downloading data to their device Lower IT costs by eliminating mobile app management per device Extend mobile access to all users and devices with a HTML5 browser Meet compliance by monitoring data access
SierraVMI Keeps PHI Data Safe SierraVMI Shields Healthcare Data 4096-bit ECDHE Encryption Dual factor authentication SierraVMI: • Records healthcare app access • Stores app data securely in the data center • IT can centrally upgrade mobile apps Medical professional
SierraVMI Deployment SierraVMI hosted in Secure Data Center Authentication Server Laptop Tablet Phone Databases with PHI data
Mobile App Virtualization Architecture Android VM Kernel Multi-User Android Runtime VMI Security Gateway Pharma App Patient Messaging App PHI App Clients Authentication Server Benefits  Very high density  Apps can share resources like CPU  Easy to manage  No need for expensive storage Firefall containerFirefall containerFirefall container
Monitor User and Application Activity  Dashboard of system status  Detailed logs of user activity  Geo-tracking
User Monitoring  Record user sessions for forensics  Allow admins to view up to 8 active sessions
Prevent Data Loss  Watermarking deters users from photographing screens – Watermark all content including documents, video, pictures with no additional overhead  Anti-screen capture prevents users from taking screenshots  With VMI, no data is downloaded to the phone – Users cannot copy and paste text
Strong Authentication Prevent unauthorized access with: – Client certificates – One-time password (sent via text message) – Restricting access based on geographic location – Brute force login protection Ensure only legitimate users access your data
Single Sign-on to Streamline Management  Integrate with LDAP, Active Directory or SAML  Access email, calendar, contacts, and business apps without needing to re- authenticate  Automate app provisioning  Reduce IT helpdesk calls due to forgotten passwords  Improve user experience by eliminating extra login steps IT Cost ReductionDirectory Services Integration
 Centralized data storage  Prevent data loss from device theft  Centralized patch management  Eliminate concerns of devices with vulnerable or unpatched software  Regularly scan Android server for viruses and vulnerabilities Simplify and Secure Mobile App Management
SierraVMI Benefits for Healthcare Compliance: Ensure privacy and prevent data loss Security: Strong authentication, 4096-bit encryption Scalability: High user density, high performance
www.sierraware.com Click now to view SierraVMI

Recommended

Intelligent Document Processing in Healthcare. Choosing the Right Solutions.
Intelligent Document Processing in Healthcare. Choosing the Right Solutions.Intelligent Document Processing in Healthcare. Choosing the Right Solutions.
Intelligent Document Processing in Healthcare. Choosing the Right Solutions.
Provectus
 
FintechOS Corporate Deck 20.2
FintechOS Corporate Deck 20.2FintechOS Corporate Deck 20.2
FintechOS Corporate Deck 20.2
Mariyan Dimitrov
 
Advanced analytics
Advanced analyticsAdvanced analytics
Advanced analytics
Shankar R
 
Transforming compliance and audit management with ServiceNow
Transforming compliance and audit management with ServiceNowTransforming compliance and audit management with ServiceNow
Transforming compliance and audit management with ServiceNow
Iceberg Networks Corporation
 
What positive impact Artificial Intelligence can bring to CRM
What positive impact Artificial Intelligence can bring to CRM What positive impact Artificial Intelligence can bring to CRM
What positive impact Artificial Intelligence can bring to CRM
Cynoteck Technology Solutions Private Limited
 
Microsoft: Digital Transformation Slides
Microsoft: Digital Transformation SlidesMicrosoft: Digital Transformation Slides
Microsoft: Digital Transformation Slides
VMware Tanzu
 
Building Value - Understanding the TCO and ROI of Apache Kafka & Confluent
Building Value - Understanding the TCO and ROI of Apache Kafka & ConfluentBuilding Value - Understanding the TCO and ROI of Apache Kafka & Confluent
Building Value - Understanding the TCO and ROI of Apache Kafka & Confluent
confluent
 
Modernizing our data platform
Modernizing our data platformModernizing our data platform
Modernizing our data platform
accenture
 

Recommended

Intelligent Document Processing in Healthcare. Choosing the Right Solutions.
Intelligent Document Processing in Healthcare. Choosing the Right Solutions.Intelligent Document Processing in Healthcare. Choosing the Right Solutions.
Intelligent Document Processing in Healthcare. Choosing the Right Solutions.
Provectus
 
FintechOS Corporate Deck 20.2
FintechOS Corporate Deck 20.2FintechOS Corporate Deck 20.2
FintechOS Corporate Deck 20.2
Mariyan Dimitrov
 
Advanced analytics
Advanced analyticsAdvanced analytics
Advanced analytics
Shankar R
 
Transforming compliance and audit management with ServiceNow
Transforming compliance and audit management with ServiceNowTransforming compliance and audit management with ServiceNow
Transforming compliance and audit management with ServiceNow
Iceberg Networks Corporation
 
What positive impact Artificial Intelligence can bring to CRM
What positive impact Artificial Intelligence can bring to CRM What positive impact Artificial Intelligence can bring to CRM
What positive impact Artificial Intelligence can bring to CRM
Cynoteck Technology Solutions Private Limited
 
Microsoft: Digital Transformation Slides
Microsoft: Digital Transformation SlidesMicrosoft: Digital Transformation Slides
Microsoft: Digital Transformation Slides
VMware Tanzu
 
Building Value - Understanding the TCO and ROI of Apache Kafka & Confluent
Building Value - Understanding the TCO and ROI of Apache Kafka & ConfluentBuilding Value - Understanding the TCO and ROI of Apache Kafka & Confluent
Building Value - Understanding the TCO and ROI of Apache Kafka & Confluent
confluent
 
Modernizing our data platform
Modernizing our data platformModernizing our data platform
Modernizing our data platform
accenture
 
Digital grid: Disruptive digital technologies
Digital grid: Disruptive digital technologiesDigital grid: Disruptive digital technologies
Digital grid: Disruptive digital technologies
Accenture the Netherlands
 
8 Pillars of Demand Generation Infographic
8 Pillars of Demand Generation Infographic8 Pillars of Demand Generation Infographic
8 Pillars of Demand Generation Infographic
Scott Levine
 
Customer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer ExperiencesCustomer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer Experiences
Informatica
 
Variable Recurring Payments (VRP): The Latest Open Banking Development in the UK
Variable Recurring Payments (VRP): The Latest Open Banking Development in the UKVariable Recurring Payments (VRP): The Latest Open Banking Development in the UK
Variable Recurring Payments (VRP): The Latest Open Banking Development in the UK
accenture
 
Digital Euro: Implications for the Financial System
Digital Euro: Implications for the Financial SystemDigital Euro: Implications for the Financial System
Digital Euro: Implications for the Financial System
accenture
 
Marlabs Capabilities: Healthcare and Life Sciences
Marlabs Capabilities: Healthcare and Life SciencesMarlabs Capabilities: Healthcare and Life Sciences
Marlabs Capabilities: Healthcare and Life Sciences
Marlabs
 
Sustainable IT
Sustainable ITSustainable IT
Sustainable IT
Dr. Salem Baidas
 
Digital Transformation Frameworks
Digital Transformation FrameworksDigital Transformation Frameworks
Digital Transformation Frameworks
Operational Excellence Consulting
 
Digital Transformation: Step-by-step Implementation Guide
Digital Transformation: Step-by-step Implementation GuideDigital Transformation: Step-by-step Implementation Guide
Digital Transformation: Step-by-step Implementation Guide
Operational Excellence Consulting
 
Digital Twin: A radical new approach to IoT
Digital Twin: A radical new approach to IoTDigital Twin: A radical new approach to IoT
Digital Twin: A radical new approach to IoT
Dimitri Volkmann
 
Top Trends in Retail Banking: 2020
Top Trends in Retail Banking: 2020Top Trends in Retail Banking: 2020
Top Trends in Retail Banking: 2020
Capgemini
 
Emerging Trends in Data Architecture – What’s the Next Big Thing?
Emerging Trends in Data Architecture – What’s the Next Big Thing?Emerging Trends in Data Architecture – What’s the Next Big Thing?
Emerging Trends in Data Architecture – What’s the Next Big Thing?
DATAVERSITY
 
Digitizing Business Services
Digitizing Business ServicesDigitizing Business Services
Digitizing Business Services
accenture
 
Reinventing the client journey
Reinventing the client journeyReinventing the client journey
Reinventing the client journey
accenture
 
Creating an Enterprise AI Strategy
Creating an Enterprise AI StrategyCreating an Enterprise AI Strategy
Creating an Enterprise AI Strategy
AtScale
 
Service now IT operations management
Service now IT operations managementService now IT operations management
Service now IT operations management
Jade Global
 
Global Payment Reference Architecture
Global Payment Reference ArchitectureGlobal Payment Reference Architecture
Global Payment Reference Architecture
Ramadas MV
 
business analytics.ppt
business analytics.pptbusiness analytics.ppt
business analytics.ppt
Renu Lamba
 
Prediction of Heart Disease using Machine Learning Algorithms: A Survey
Prediction of Heart Disease using Machine Learning Algorithms: A SurveyPrediction of Heart Disease using Machine Learning Algorithms: A Survey
Prediction of Heart Disease using Machine Learning Algorithms: A Survey
rahulmonikasharma
 
Why do the majority of Data Science projects never make it to production?
Why do the majority of Data Science projects never make it to production?Why do the majority of Data Science projects never make it to production?
Why do the majority of Data Science projects never make it to production?
Itai Yaffe
 
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
Sierraware
 
Mobile Security for Banking and Finance
Mobile Security for Banking and FinanceMobile Security for Banking and Finance
Mobile Security for Banking and Finance
Sierraware
 

More Related Content

What's hot

Digital grid: Disruptive digital technologies
Digital grid: Disruptive digital technologiesDigital grid: Disruptive digital technologies
Digital grid: Disruptive digital technologies
Accenture the Netherlands
 
8 Pillars of Demand Generation Infographic
8 Pillars of Demand Generation Infographic8 Pillars of Demand Generation Infographic
8 Pillars of Demand Generation Infographic
Scott Levine
 
Customer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer ExperiencesCustomer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer Experiences
Informatica
 
Variable Recurring Payments (VRP): The Latest Open Banking Development in the UK
Variable Recurring Payments (VRP): The Latest Open Banking Development in the UKVariable Recurring Payments (VRP): The Latest Open Banking Development in the UK
Variable Recurring Payments (VRP): The Latest Open Banking Development in the UK
accenture
 
Digital Euro: Implications for the Financial System
Digital Euro: Implications for the Financial SystemDigital Euro: Implications for the Financial System
Digital Euro: Implications for the Financial System
accenture
 
Marlabs Capabilities: Healthcare and Life Sciences
Marlabs Capabilities: Healthcare and Life SciencesMarlabs Capabilities: Healthcare and Life Sciences
Marlabs Capabilities: Healthcare and Life Sciences
Marlabs
 
Sustainable IT
Sustainable ITSustainable IT
Sustainable IT
Dr. Salem Baidas
 
Digital Transformation Frameworks
Digital Transformation FrameworksDigital Transformation Frameworks
Digital Transformation Frameworks
Operational Excellence Consulting
 
Digital Transformation: Step-by-step Implementation Guide
Digital Transformation: Step-by-step Implementation GuideDigital Transformation: Step-by-step Implementation Guide
Digital Transformation: Step-by-step Implementation Guide
Operational Excellence Consulting
 
Digital Twin: A radical new approach to IoT
Digital Twin: A radical new approach to IoTDigital Twin: A radical new approach to IoT
Digital Twin: A radical new approach to IoT
Dimitri Volkmann
 
Top Trends in Retail Banking: 2020
Top Trends in Retail Banking: 2020Top Trends in Retail Banking: 2020
Top Trends in Retail Banking: 2020
Capgemini
 
Emerging Trends in Data Architecture – What’s the Next Big Thing?
Emerging Trends in Data Architecture – What’s the Next Big Thing?Emerging Trends in Data Architecture – What’s the Next Big Thing?
Emerging Trends in Data Architecture – What’s the Next Big Thing?
DATAVERSITY
 
Digitizing Business Services
Digitizing Business ServicesDigitizing Business Services
Digitizing Business Services
accenture
 
Reinventing the client journey
Reinventing the client journeyReinventing the client journey
Reinventing the client journey
accenture
 
Creating an Enterprise AI Strategy
Creating an Enterprise AI StrategyCreating an Enterprise AI Strategy
Creating an Enterprise AI Strategy
AtScale
 
Service now IT operations management
Service now IT operations managementService now IT operations management
Service now IT operations management
Jade Global
 
Global Payment Reference Architecture
Global Payment Reference ArchitectureGlobal Payment Reference Architecture
Global Payment Reference Architecture
Ramadas MV
 
business analytics.ppt
business analytics.pptbusiness analytics.ppt
business analytics.ppt
Renu Lamba
 
Prediction of Heart Disease using Machine Learning Algorithms: A Survey
Prediction of Heart Disease using Machine Learning Algorithms: A SurveyPrediction of Heart Disease using Machine Learning Algorithms: A Survey
Prediction of Heart Disease using Machine Learning Algorithms: A Survey
rahulmonikasharma
 
Why do the majority of Data Science projects never make it to production?
Why do the majority of Data Science projects never make it to production?Why do the majority of Data Science projects never make it to production?
Why do the majority of Data Science projects never make it to production?
Itai Yaffe
 

What's hot (20)

Digital grid: Disruptive digital technologies
Digital grid: Disruptive digital technologiesDigital grid: Disruptive digital technologies
Digital grid: Disruptive digital technologies
 
8 Pillars of Demand Generation Infographic
8 Pillars of Demand Generation Infographic8 Pillars of Demand Generation Infographic
8 Pillars of Demand Generation Infographic
 
Customer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer ExperiencesCustomer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer Experiences
 
Variable Recurring Payments (VRP): The Latest Open Banking Development in the UK
Variable Recurring Payments (VRP): The Latest Open Banking Development in the UKVariable Recurring Payments (VRP): The Latest Open Banking Development in the UK
Variable Recurring Payments (VRP): The Latest Open Banking Development in the UK
 
Digital Euro: Implications for the Financial System
Digital Euro: Implications for the Financial SystemDigital Euro: Implications for the Financial System
Digital Euro: Implications for the Financial System
 
Marlabs Capabilities: Healthcare and Life Sciences
Marlabs Capabilities: Healthcare and Life SciencesMarlabs Capabilities: Healthcare and Life Sciences
Marlabs Capabilities: Healthcare and Life Sciences
 
Sustainable IT
Sustainable ITSustainable IT
Sustainable IT
 
Digital Transformation Frameworks
Digital Transformation FrameworksDigital Transformation Frameworks
Digital Transformation Frameworks
 
Digital Transformation: Step-by-step Implementation Guide
Digital Transformation: Step-by-step Implementation GuideDigital Transformation: Step-by-step Implementation Guide
Digital Transformation: Step-by-step Implementation Guide
 
Digital Twin: A radical new approach to IoT
Digital Twin: A radical new approach to IoTDigital Twin: A radical new approach to IoT
Digital Twin: A radical new approach to IoT
 
Top Trends in Retail Banking: 2020
Top Trends in Retail Banking: 2020Top Trends in Retail Banking: 2020
Top Trends in Retail Banking: 2020
 
Emerging Trends in Data Architecture – What’s the Next Big Thing?
Emerging Trends in Data Architecture – What’s the Next Big Thing?Emerging Trends in Data Architecture – What’s the Next Big Thing?
Emerging Trends in Data Architecture – What’s the Next Big Thing?
 
Digitizing Business Services
Digitizing Business ServicesDigitizing Business Services
Digitizing Business Services
 
Reinventing the client journey
Reinventing the client journeyReinventing the client journey
Reinventing the client journey
 
Creating an Enterprise AI Strategy
Creating an Enterprise AI StrategyCreating an Enterprise AI Strategy
Creating an Enterprise AI Strategy
 
Service now IT operations management
Service now IT operations managementService now IT operations management
Service now IT operations management
 
Global Payment Reference Architecture
Global Payment Reference ArchitectureGlobal Payment Reference Architecture
Global Payment Reference Architecture
 
business analytics.ppt
business analytics.pptbusiness analytics.ppt
business analytics.ppt
 
Prediction of Heart Disease using Machine Learning Algorithms: A Survey
Prediction of Heart Disease using Machine Learning Algorithms: A SurveyPrediction of Heart Disease using Machine Learning Algorithms: A Survey
Prediction of Heart Disease using Machine Learning Algorithms: A Survey
 
Why do the majority of Data Science projects never make it to production?
Why do the majority of Data Science projects never make it to production?Why do the majority of Data Science projects never make it to production?
Why do the majority of Data Science projects never make it to production?
 

Similar to Roadmap to Healthcare HIPAA Compliance and Mobile Security for BYOD

SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
Sierraware
 
Mobile Security for Banking and Finance
Mobile Security for Banking and FinanceMobile Security for Banking and Finance
Mobile Security for Banking and Finance
Sierraware
 
Securing Mobile Healthcare Application
Securing Mobile Healthcare ApplicationSecuring Mobile Healthcare Application
Securing Mobile Healthcare Application
CitiusTech
 
Guide Preview: Ensuring your enterprise image-viewer if fully secure
Guide Preview: Ensuring your enterprise image-viewer if fully secureGuide Preview: Ensuring your enterprise image-viewer if fully secure
Guide Preview: Ensuring your enterprise image-viewer if fully secure
Calgary Scientific Inc.
 
Bring Your Own Device 2014 TeamMate User Conference Palm Desert California
Bring Your Own Device 2014 TeamMate User Conference Palm Desert CaliforniaBring Your Own Device 2014 TeamMate User Conference Palm Desert California
Bring Your Own Device 2014 TeamMate User Conference Palm Desert California
Jim Kaplan CIA CFE
 
Accellion - The European Information Security Summit, London
Accellion - The European Information Security Summit, LondonAccellion - The European Information Security Summit, London
Accellion - The European Information Security Summit, London
Proofpoint
 
IRJET - Human Identification using Major and Minor Finger Knuckle Pattern
IRJET - Human Identification using Major and Minor Finger Knuckle PatternIRJET - Human Identification using Major and Minor Finger Knuckle Pattern
IRJET - Human Identification using Major and Minor Finger Knuckle Pattern
IRJET Journal
 
IRJET- Human Identification using Major and Minor Finger Knuckle Pattern
IRJET- Human Identification using Major and Minor Finger Knuckle PatternIRJET- Human Identification using Major and Minor Finger Knuckle Pattern
IRJET- Human Identification using Major and Minor Finger Knuckle Pattern
IRJET Journal
 
Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)
Radhakrishnan Govindan
 
Ms810 assignment viruses and malware affecting moblie devices
Ms810 assignment viruses and malware affecting moblie devicesMs810 assignment viruses and malware affecting moblie devices
Ms810 assignment viruses and malware affecting moblie devicesrebelreg
 
A case study on BFSI and healthcare
A case study on BFSI and healthcare A case study on BFSI and healthcare
A case study on BFSI and healthcare
Anubhuti Pandey
 
Security for Healthcare Devices - Will Your Device Be Good Enough?
Security for Healthcare Devices - Will Your Device Be Good Enough?Security for Healthcare Devices - Will Your Device Be Good Enough?
Security for Healthcare Devices - Will Your Device Be Good Enough?
Rio Valdes
 
Security for Healthcare Devices – Will Your Device Be Good Enough?
Security for Healthcare Devices – Will Your Device Be Good Enough?Security for Healthcare Devices – Will Your Device Be Good Enough?
Security for Healthcare Devices – Will Your Device Be Good Enough?
Walt Maclay
 
"Case Studies from the Field: Putting Cyber Security Strategies into Action" ...
"Case Studies from the Field: Putting Cyber Security Strategies into Action" ..."Case Studies from the Field: Putting Cyber Security Strategies into Action" ...
"Case Studies from the Field: Putting Cyber Security Strategies into Action" ...
Health IT Conference – iHT2
 
Health Informatics- Module 5-Chapter 1.pptx
Health Informatics- Module 5-Chapter 1.pptxHealth Informatics- Module 5-Chapter 1.pptx
Health Informatics- Module 5-Chapter 1.pptx
Arti Parab Academics
 
Module 6.Security in Evolving Technology
Module 6.Security in Evolving TechnologyModule 6.Security in Evolving Technology
Module 6.Security in Evolving Technology
Sitamarhi Institute of Technology
 
Symantec Mobile Security
Symantec Mobile SecuritySymantec Mobile Security
Symantec Mobile SecurityArrow ECS UK
 
Mobile monday mhealth
Mobile monday mhealthMobile monday mhealth
Mobile monday mhealthJoe Drumgoole
 

Similar to Roadmap to Healthcare HIPAA Compliance and Mobile Security for BYOD (20)

SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
SierraVMI Virtual Mobile Infrastructure (VMI). Android-based VDI.
 
Mobile Security for Banking and Finance
Mobile Security for Banking and FinanceMobile Security for Banking and Finance
Mobile Security for Banking and Finance
 
Securing Mobile Healthcare Application
Securing Mobile Healthcare ApplicationSecuring Mobile Healthcare Application
Securing Mobile Healthcare Application
 
Guide Preview: Ensuring your enterprise image-viewer if fully secure
Guide Preview: Ensuring your enterprise image-viewer if fully secureGuide Preview: Ensuring your enterprise image-viewer if fully secure
Guide Preview: Ensuring your enterprise image-viewer if fully secure
 
Bring Your Own Device 2014 TeamMate User Conference Palm Desert California
Bring Your Own Device 2014 TeamMate User Conference Palm Desert CaliforniaBring Your Own Device 2014 TeamMate User Conference Palm Desert California
Bring Your Own Device 2014 TeamMate User Conference Palm Desert California
 
Accellion - The European Information Security Summit, London
Accellion - The European Information Security Summit, LondonAccellion - The European Information Security Summit, London
Accellion - The European Information Security Summit, London
 
IRJET - Human Identification using Major and Minor Finger Knuckle Pattern
IRJET - Human Identification using Major and Minor Finger Knuckle PatternIRJET - Human Identification using Major and Minor Finger Knuckle Pattern
IRJET - Human Identification using Major and Minor Finger Knuckle Pattern
 
IRJET- Human Identification using Major and Minor Finger Knuckle Pattern
IRJET- Human Identification using Major and Minor Finger Knuckle PatternIRJET- Human Identification using Major and Minor Finger Knuckle Pattern
IRJET- Human Identification using Major and Minor Finger Knuckle Pattern
 
Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)
 
Ms810 assignment viruses and malware affecting moblie devices
Ms810 assignment viruses and malware affecting moblie devicesMs810 assignment viruses and malware affecting moblie devices
Ms810 assignment viruses and malware affecting moblie devices
 
A case study on BFSI and healthcare
A case study on BFSI and healthcare A case study on BFSI and healthcare
A case study on BFSI and healthcare
 
Security for Healthcare Devices - Will Your Device Be Good Enough?
Security for Healthcare Devices - Will Your Device Be Good Enough?Security for Healthcare Devices - Will Your Device Be Good Enough?
Security for Healthcare Devices - Will Your Device Be Good Enough?
 
Security for Healthcare Devices – Will Your Device Be Good Enough?
Security for Healthcare Devices – Will Your Device Be Good Enough?Security for Healthcare Devices – Will Your Device Be Good Enough?
Security for Healthcare Devices – Will Your Device Be Good Enough?
 
MobileSecurity WhitePaper
MobileSecurity WhitePaperMobileSecurity WhitePaper
MobileSecurity WhitePaper
 
"Case Studies from the Field: Putting Cyber Security Strategies into Action" ...
"Case Studies from the Field: Putting Cyber Security Strategies into Action" ..."Case Studies from the Field: Putting Cyber Security Strategies into Action" ...
"Case Studies from the Field: Putting Cyber Security Strategies into Action" ...
 
Health Informatics- Module 5-Chapter 1.pptx
Health Informatics- Module 5-Chapter 1.pptxHealth Informatics- Module 5-Chapter 1.pptx
Health Informatics- Module 5-Chapter 1.pptx
 
Module 6.Security in Evolving Technology
Module 6.Security in Evolving TechnologyModule 6.Security in Evolving Technology
Module 6.Security in Evolving Technology
 
Module 6.pdf
Module 6.pdfModule 6.pdf
Module 6.pdf
 
Symantec Mobile Security
Symantec Mobile SecuritySymantec Mobile Security
Symantec Mobile Security
 
Mobile monday mhealth
Mobile monday mhealthMobile monday mhealth
Mobile monday mhealth
 

More from Sierraware

Sierraware browser isolation
Sierraware browser isolationSierraware browser isolation
Sierraware browser isolation
Sierraware
 
Cloud gaming
Cloud gamingCloud gaming
Cloud gaming
Sierraware
 
Sierraware virtual phone
Sierraware virtual phoneSierraware virtual phone
Sierraware virtual phone
Sierraware
 
Trustzone secure os tee for mips
Trustzone secure os tee for mipsTrustzone secure os tee for mips
Trustzone secure os tee for mips
Sierraware
 
Moving Beyond MDM: Why Legacy Mobile Security Products Don't Work
Moving Beyond MDM: Why Legacy Mobile Security Products Don't WorkMoving Beyond MDM: Why Legacy Mobile Security Products Don't Work
Moving Beyond MDM: Why Legacy Mobile Security Products Don't Work
Sierraware
 
Your Shortcut to BYOD Success
Your Shortcut to BYOD SuccessYour Shortcut to BYOD Success
Your Shortcut to BYOD Success
Sierraware
 
Mobile App Virtualization 101
Mobile App Virtualization 101Mobile App Virtualization 101
Mobile App Virtualization 101
Sierraware
 
Cut BYOD Costs Using Virtual Mobile Infrastructure - VMI
Cut BYOD Costs Using Virtual Mobile Infrastructure - VMICut BYOD Costs Using Virtual Mobile Infrastructure - VMI
Cut BYOD Costs Using Virtual Mobile Infrastructure - VMI
Sierraware
 
Sierraware ARM hypervisor
Sierraware ARM hypervisor Sierraware ARM hypervisor
Sierraware ARM hypervisor
Sierraware
 

More from Sierraware (9)

Sierraware browser isolation
Sierraware browser isolationSierraware browser isolation
Sierraware browser isolation
 
Cloud gaming
Cloud gamingCloud gaming
Cloud gaming
 
Sierraware virtual phone
Sierraware virtual phoneSierraware virtual phone
Sierraware virtual phone
 
Trustzone secure os tee for mips
Trustzone secure os tee for mipsTrustzone secure os tee for mips
Trustzone secure os tee for mips
 
Moving Beyond MDM: Why Legacy Mobile Security Products Don't Work
Moving Beyond MDM: Why Legacy Mobile Security Products Don't WorkMoving Beyond MDM: Why Legacy Mobile Security Products Don't Work
Moving Beyond MDM: Why Legacy Mobile Security Products Don't Work
 
Your Shortcut to BYOD Success
Your Shortcut to BYOD SuccessYour Shortcut to BYOD Success
Your Shortcut to BYOD Success
 
Mobile App Virtualization 101
Mobile App Virtualization 101Mobile App Virtualization 101
Mobile App Virtualization 101
 
Cut BYOD Costs Using Virtual Mobile Infrastructure - VMI
Cut BYOD Costs Using Virtual Mobile Infrastructure - VMICut BYOD Costs Using Virtual Mobile Infrastructure - VMI
Cut BYOD Costs Using Virtual Mobile Infrastructure - VMI
 
Sierraware ARM hypervisor
Sierraware ARM hypervisor Sierraware ARM hypervisor
Sierraware ARM hypervisor
 

Recently uploaded

Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
Bhaskar Mitra
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
Fwdays
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
CatarinaPereira64715
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 

Recently uploaded (20)

Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 

Roadmap to Healthcare HIPAA Compliance and Mobile Security for BYOD

  • 1. Your Roadmap to Healthcare Security and BYOD
  • 2. Healthcare Security Checklist Protect PHI  Mitigate BYOD risks  Apply dual factor authentication  Encrypt PHI data Develop repeatable processes for compliance Implement procedures and technologies
  • 3. Healthcare Security Risks 96% of healthcare providers had one or more data breaches in the past 2 years1 1 Dell Secureworks 2 2014 Healthcare Breach Report. Data Loss 68% of healthcare breaches are due to lost or stolen mobile devices or files2 Impact of BYOD
  • 4. BYOD: A Reality for Healthcare Providers  Healthcare IT is already rolling out mobile apps to improve productivity and patient care – 2 out of 5 doctors already use mobile devices during consultations1  Yet mobility also presents a threat… – 3.1M smartphones were stolen in the U.S. in 20131 Source: Dell SecureWorks
  • 5. Top Mobile Risks for Healthcare Lost mobile devices Stolen mobile devices Downloading of viruses and malware Unintentional disclosure to unauthorized users Unsecure Wi-fi networks Source: HealthIT.gov, Mobile Devices: Know the Risks
  • 6. 5 Pillars of Healthcare Security Technical safeguards defined by the U.S. Department of Health & Human Services Access Control Audit Control Transmission Security Integrity Person or Entity Authentication 1.Access Control: Limit users rights to business need-to-know – Unique User Identification – Emergency Access Procedure – Automatic Logoff – Encryption and Decryption
  • 7. Access Control Audit Control 2. Audit Control: Implement hardware, software, or procedural mechanisms that record and examine access to ePHI 5 Pillars of Healthcare Security Technical safeguards defined by the U.S. Department of Health & Human Services Transmission Security Integrity Person or Entity Authentication
  • 8. 5 Pillars of Healthcare Security Technical safeguards defined by the U.S. Department of Health & Human Services Access Control Audit Control Transmission Security Integrity Person or Entity Authentication 3. Integrity: Implement policies and procedures to protect ePHI from improper alteration or destruction
  • 9. 5 Pillars of Healthcare Security Technical safeguards defined by the U.S. Department of Health & Human Services Access Control Audit Control Transmission Security Integrity Person or Entity Authentication 4. Person or Entity Authentication: Verify that users seeking access to ePHI are who they say they are – Biometric, smartcard, pin/passcode, token
  • 10. 5 Pillars of Healthcare Security Technical safeguards defined by the U.S. Department of Health & Human Services Access Control Audit Control Transmission Security Integrity Person or Entity Authentication 5. Transmission Security: Prevent unauthorized access to ePHI that is being transmitted over a network. – Integrity: Prevent modification or tampering of ePHI data in transit – Encryption: Encrypt ePHI whenever appropriate
  • 11. BYOD Challenges the 5 Pillars of Security Transmission Security Person or Entity Authentication Audit ControlAccess Control Integrity Difficult to audit mobile activity since doctors may share PHI with patients via email or text messaging apps Every app may have different authentication methods; they may not support biometric or PIN/passcode methods Mobile apps may not use stringent SSL ciphers or even encrypt data at all IT must define distinct policies for different users, mobile apps and devices—a management nightmare Controls must be applied to prevent accidental deletion or alteration of PHI from mobile devices
  • 12. Risks of Uncontrolled Devices Weak Encryption No support for strong authentication Unpatched application Stores PHI on phone No auditing of user access Unpatched phone OS In violation of HIPAA compliance requirements
  • 13. IT Management and Training  IT will likely need to help doctors install mobile apps – They may also need to assist users through upgrades  If apps vary by device, IT will need to provide separate app training for Apple, Android, Microsoft or HTML5 users
  • 14. Mobile Device Management Not Working 20% of enterprise BYOD programs will fail due to MDM measures that are too restrictive.1 1 2014 MDM research report by ESG 2 2014 Employee BYOD Survey by Zixcorp 3 Gartner 2014 Mobility Predictions; original quote spelled out BYOD and MDM. For IT TeamsFor Employees 43% worry that employers could access personal data2 30% are concerned their employer could control their personal device2 30% say MDM is more difficult to use than they anticipated1
  • 15. VDI Isn’t the Solution for BYOD Expensive VDI Shortcomings – Not designed for touch – No multimedia redirection – No access to camera, printer, video, GPS Total cost for Microsoft VDI, Citrix, and hardware is $1,000+ per user1 Not designed for cellular edge, 3G networks 1 Microsoft Desktop OS $187 per user, Citrix $300/user Requires High Bandwidth Designed for Windows
  • 16. Virtual Mobile Infrastructure The Roadmap for Healthcare Security Requires…
  • 17. Virtual Mobile Infrastructure (VMI) VMI is a service that hosts mobile apps or full operating systems on remote servers Provide remote access to:  Android, Apple iOS and Windows Phone with client apps  Any HTML 5-enabled device Centralize app management to:  Eliminate need to install and upgrade apps on every device
  • 18. VMI Benefits for Healthcare Providers Stop data loss by preventing users from downloading data to their device Lower IT costs by eliminating mobile app management per device Extend mobile access to all users and devices with a HTML5 browser Meet compliance by monitoring data access
  • 19. SierraVMI Keeps PHI Data Safe SierraVMI Shields Healthcare Data 4096-bit ECDHE Encryption Dual factor authentication SierraVMI: • Records healthcare app access • Stores app data securely in the data center • IT can centrally upgrade mobile apps Medical professional
  • 20. SierraVMI Deployment SierraVMI hosted in Secure Data Center Authentication Server Laptop Tablet Phone Databases with PHI data
  • 21. Mobile App Virtualization Architecture Android VM Kernel Multi-User Android Runtime VMI Security Gateway Pharma App Patient Messaging App PHI App Clients Authentication Server Benefits  Very high density  Apps can share resources like CPU  Easy to manage  No need for expensive storage Firefall containerFirefall containerFirefall container
  • 22. Monitor User and Application Activity  Dashboard of system status  Detailed logs of user activity  Geo-tracking
  • 23. User Monitoring  Record user sessions for forensics  Allow admins to view up to 8 active sessions
  • 24. Prevent Data Loss  Watermarking deters users from photographing screens – Watermark all content including documents, video, pictures with no additional overhead  Anti-screen capture prevents users from taking screenshots  With VMI, no data is downloaded to the phone – Users cannot copy and paste text
  • 25. Strong Authentication Prevent unauthorized access with: – Client certificates – One-time password (sent via text message) – Restricting access based on geographic location – Brute force login protection Ensure only legitimate users access your data
  • 26. Single Sign-on to Streamline Management  Integrate with LDAP, Active Directory or SAML  Access email, calendar, contacts, and business apps without needing to re- authenticate  Automate app provisioning  Reduce IT helpdesk calls due to forgotten passwords  Improve user experience by eliminating extra login steps IT Cost ReductionDirectory Services Integration
  • 27.  Centralized data storage  Prevent data loss from device theft  Centralized patch management  Eliminate concerns of devices with vulnerable or unpatched software  Regularly scan Android server for viruses and vulnerabilities Simplify and Secure Mobile App Management
  • 28. SierraVMI Benefits for Healthcare Compliance: Ensure privacy and prevent data loss Security: Strong authentication, 4096-bit encryption Scalability: High user density, high performance