ABC Healthcare S Technical Security Recommendations

Technical Security Recommendations for ABC Healthcare IT Infrastructures ABC Healthcare has been facing a multitude of challenges ranging from the security of the IT infrastructures to the compliance of regulatory policies. In the United States, the lawmakers are increasing putting more restrictive in the regulatory environment because there have been more attacks in the healthcare environment, damaging the organizational information systems and using worms and virus to gain access to non-authorized sensitive data.

The issues are making the stakeholders of ABC Healthcare demand for more flexible access to their information systems. Moreover, increasing regulatory pressures within the healthcare environment with regards to the management of the information systems has made ABC Healthcare to decide to implement more prudent information systems security. The goal of ABC Healthcare is to implement good information systems to abide by regulatory policies of HIPPA and SOX (Sarbanes-Oxley).

Typically, both SOX and HIPAA mandate healthcare organizations to have good systems as well as good administration and control that will prevent threats to the system and allow a continuity of business operations. The objective of this project is to provide technical recommendations for ABC Healthcare that will assist them implementing effective security systems to protect their information systems and abide by the SOX and HIPAA regulatory policies. 1.

Technical Recommendations for Security Requirements and System Design A protection of ABC Healthcare of network and information systems are very critical to comply with the SOX and HIPAA regulatory policies. The study recommends that ABC Healthcare should use the internal LAN (Local Area Network) using the private IP (internet protocol) to segregate from the untrusted network using the firewall to filter untrusted network. ABC Health should use three GIAC networks to connect to the internet and remote entities such as partners, customers, suppliers, and employees.

ABC Healthcare should use the server-based network that allows all users having access to the network resources. Moreover, the server-based network allows users to share data and easy backup of data. In the server-based system, users have one username and password that allow them to log into the server to share the data over the network resources. Typically, server operating system will assist ABC Healthcare to handle a load of multiple users who are having access to the server-based resources.

The benefit of the server-based model is its ability to manage all printers and other hardware. The system is also scalable because it can be adjusted based on an increase in the load system. The hardware to design the network-based network infrastructures for the ABC Healthcare is as follows: Operating system: 64 bit Windows Server 2012 R2. Moreover, the Microsoft Net Framework should be installed. Language: English Memory: 8 G Ram Processor: 2 CPU Sockets with a minimum of quad core. Server class processor with @1.8GHz minimum.

Hard Disk Storage: System Drive (C:) that requires available 20GB. Install Drive will require available 80GB. Network Interface Card: Minimum of 10/100BASE-T that supports the TCP/IP in a Microsoft Windows networking environment. The configuration of the systems will assist the company to establish the effective network systems. However, an integration of different security systems is essential to assist the company to enhance confidentiality and integrity of the network systems.

Electronic Medical Records: The company will also need to develop the EMR (Electronic Medical Records) database to store patient and provider's information. The study recommends different security systems for the internet and network securities that should be used to prevent, deter, detect and correct eventual security violations during the transmission of information. Application of computer security is also needed to protect the company hardware, software, data and another information system.

The integration of the SSL (Secure Socket Layer) is the first security protocol to secure the network systems and provide security between TCP and applications. The company website header should start with HTTPS, which combines HTTP with SSL to achieve a secure communication between a Web server and a Web browser. Encryption technique is another security measure recommended for ABC healthcare. In the network system, the TCP/IP is a set of communication protocol over the internet that defines the route communication.

Since information can be hijacked by a third party over the internet, the study recommends the integration of the encryption system that allows data to be unreadable by a non-authorized individual. When the encryption software is installed in the network system, all data transferred over the network systems will be changed to nonsense texts, and only an authorized person with a decrypted key will be able to read the data. The strategy will prevent illegal activities such as eavesdropping, and information hijacking from the server.

An access control is another security method for the company network system. Typically, access control is the security strategy that prevents an unauthorized use of the information resources to enhance data confidentiality. The study suggests using the digital signature that involves the use of the cryptographic technique to enhance data integrity and prevent data forgery. The company should also use a user authentication to limit the access to the web server.

The site administrator should create a user certificate for each user, which will be checked automatically by the server to verify the user's identity. The use of cryptographic techniques is also recommended to prevent data forgery and impersonation of a legitimate user. Moreover, ABC Healthcare should install the IDS (intrusion detection system) and IPS intrusion prevention system to detect and prevent any suspicious activities in the system.

Typically, the IDS assists in monitoring the network systems for a policy violation and malicious activities in the system, which are automatically reported to the administrator. The IDS should be located at the internal LAN off the firewall interface to assist in monitoring the passing traffic. Similarly, the IPS is a security or network threat prevention system that examines the network traffic detecting and preventing the malicious activities from the systems. The IPS supplemented with the firewall technology provides the complementary protection for the system.

Additionally, ABC Healthcare should install the firewall system to monitor the company network traffic and block a suspicious traffic from the system. The company should use the Cisco PIX 535 firewalls to block the untrusted network. However, a combination Cisco PIX 535 firewall and Cisco 1760 router are recommended because the router will define the IP that will be authorized to pass through the company network system.

However, the most sophisticated threat to the computer system is the threat from the malicious software or malware capable of infecting the systems and steal sensitive information. An example of malware is a worm that has the ability to replicate itself thereby send its copies from one computer to the other. Moreover, virus, logic bomb, Trojan horse, downloader, and spammer programs are other examples of malware. The malware countermeasures are prevention, detection, identification and removal.

ABC Healthcare should scan their system every month with a malware scanner to detect any eventual malware in the system. Moreover, the company should use an advanced antivirus software such as the GD (Generic decryption) to assist the antivirus program to detect and remove most sophisticated viruses or malware from the system while maintaining its fast scanning speed. ABC Healthcare can use also the Digital Immune System to protect the system against virus. 2.Method to Address Requirements for System Logging, Monitoring, Auditing, and Complying Legal Regulations.

In the contemporary health environment, both SOX and HIPAA requires healthcare companies to meet logging and monitoring requirements. For example, the HIPAA audit requirements mandate a company to implement a continuous monitoring and logging of all systems that store health private information. However, SOX mandates an entity to perform an internal control. Thus, this paper recommends that ABC Healthcare use the following control mechanisms: Host-based and network intrusion prevention and detection systems Data loss prevention software Active Directory Audit policies; Event and security management information system.

The active auditing policies are useful to detect the troubleshooting issues and respond the potential incidents.

However, the strategy can create too much administrative overhead, thus, the paper suggests concentrating on auditing the high-risk areas and enable audit policies such as: Logon failure; Logon success; Logoff success; Logoff / Logon Events failure and success Process creation success; Credential validation success; Audit policy change Account lockout success, and Authentication policy change The event and security information management combined with security management solutions will provide an easily manageable interface that allows a real-time analysis and monitoring of the systems.

By using the event and security management system, ABC Healthcare will be able to collect the audit logs, which will assist in changing the software configurations and hardware assets, mailbox archives, application debugging network and web traffic. By choosing the Event Monitor or Solar Winds, ABC Healthcare will be able to comply with the SOX and HIPAA requirements for their system logging, monitoring, logging, and auditing. However, the SolarWinds package is more cost effective for the ABC Healthcare since the company aims to reduce the cost of system security implementation.

Moreover, the network-based IDS is integrated into the SolarWinds thus, ABC may not require a separate network-based IDS to detect suspicious activities. The paper also recommends the Cisco IPS to prevent unwanted activities from the system. Typically, the IPS is effective in preventing an active attack in the system. However, the IPS enabled firewall is effective in detecting and blocking unwanted packets from the systems.

However, ABC Healthcare needs to provide maximum protection for health information, thus, the company needs to install the data prevention software to protect the company health information locally via web or data stored on the removable media. 3. Identification and Authentication of all the Users accessing ABC Healthcare Information Resources Protecting organizational asset and complying with SOX and HIPPA regulations can be challenging for healthcare organizations. The study recommends the Imprivata foolproof strong authentication technology to protect the company resources from an unauthorized access.

The Imprivata OneSign authentication technology is an effective security tool that alleviates the costs and complexity associated with authentication management. Typically, the Imprivata OneSign authentication provides a single authentication solution that enforces a secure access to the network systems. The Imprivata OneSign also provides different authentication options that include password authentication, fingerprint biometrics, and smart cards. Thus, this document suggests that ABC Healthcare should use the combination of these authentication options depending on the type of information to be accessed. Fig 1 reveals the authentication login screen for ABC Healthcare.

After installation of Onesign, the login interface will reveal password authentication, fingerprint authentication, ID Token authentication and Swipe card authentication. Depending on the sensitivity of the information stored in the database, ABC Healthcare can disable the password authentication and make all users to choose at least one authentication method to access the data in the database. Fig 1: Healthcare Authentication Login Screen Fingerprint Authentication ABC Healthcare can also use the fingerprint authentication option as an added security option for the electronic health record.

OneSign fingerprint verification is the fingerprint biometric authentication that matches the user fingerprint. However, all users should go through a fingerprint identification process to verify the credentials of all users. After the verification, the finger biometric that matches the algorithm will be established. "OneSign Fingerprint Verification lets users enter their login credentials while adding a layer of security by verifying their identity through a fingerprint swipe. This is a "one-to-one" verification as OneSign checks the fingerprint against the credentials provided by the user." (Imprivata, 2014 p 3).

Smartcard Authentication ABC Healthcare can also use the smartcard authentication that allows users having access to the company network. "Smart cards provide two-factor authentication by combining a user PIN with a pre-programmed smart card or USB token. Smart cards are good until the expiration date of the digital certificate on the card, normally valid for two or more years." (Imprivata, 2014 p 7). Typically, the smart card operation resembles ATM card operation.

After inserting the smart card, the system will ask for the associated PIN to allow a user getting access to the system. Fig 2 and Fig 3 provide the configuration of the authentication options for ABC Healthcare. As being revealed in fig 2, the configuration will consist of OneSign PIN authentication method that consists of the combination of numeric PIN password and fingerprint authentication. Fig 2: Configuration of OneSign Pin Authentication Alternatively, ABC Healthcare can use the two-factor authentication to strengthen the IT security as being revealed in Fig 3.

The authentication strategy is a two-factor authentication that combines the fingerprint identification with a password authentication. Another option is to combine the swap card with fingerprint biometrics or password as a second factor. Fig 3: Two-factor Authentication Configuration Thus, Imprivata OneSign software assists in identifying and authenticating all users attempting getting access to the ABC Healthcare resources. The Imprivata Onesign offers a SSO (single sign solution) that will assist ABC health providers to use lesser time in accessing the patients' information.

Moreover, the SSO technology will allow the providers to have a quick access to a secured administrative and clinical information to enhance a streamlined clinical workflow. One of the benefits of the SSO is that it provides effective security for the company database. Moreover, the Imprivata SSO uses the automation password generator to provide a strong password that meets the HIPPA requirement for the providers. Moreover, the technology set the password that meets the organizational requirements.

Typically, the SSO technology provides a strong authentication using the badge or fingerprint to get access to the system, the strategy will assist the ABC Healthcare to prevent an unauthorized access into the system. Moreover, the Imprivata SSO will allow the provider to use their badge cards to get access to the data from any workstation thereby get access to an authorized application or documents. 4.

Method System shall recover from Failures, Attacks, and Accidents In the contemporary IT environment, natural disasters such as tornadoes, flood, volcanic eruption, cyclonic storms, electrical storm, fire, snow slide, and thunderstorm can cause immense damage to the IT infrastructures, and disrupt business operations. Moreover, a man-made disaster such as theft, attacks, accidents, power failures, system failures, sabotage, power outrage, and terrorism can erode the data leading to a loss of patient's information. Natural disasters can be a security problem to a health care organization. (Kizza, 2015).

Since many healthcare organizations depend on data for an effective business operation, a loss of data through failures, attacks, and accidents can cause an immense damage to the business operations. The best method that ABC Healthcare can employ to recover their data from the attack is to adopt a policy of data backup. Kizza (2015) argue that 93% of businesses do not back up their data exposing their business to a greater risk. Thus, ABC Healthcare should implement disaster mitigating plan that will consist of disaster prevention, response, and recovery.

The best strategy to recover the system from failure is to backup all data.