Healthcare mobile device security 101—solving modernization risk factors

Many of these devices aren’t designed for business use, which is another cause for concern. According to Sorin Mustaca, CSSLP, Security+, Project+, owner of Sorin Mustaca IT Security Consulting, “Most of these devices are taken from the consumer world and quickly adapted to use in healthcare. For this reason, these devices are not always properly secured, making the threat landscape pretty much unknown.”

Mustaca agreed, adding that recognizing the dangers is paramount and includes dealing with risks, such as lost or stolen devices, and installing antivirus solutions on all devices (including the gateway). Other considerations or recommended best practices for mobile devices and their users include:

  • Keeping your mobile operating systems up to date.
  • Only downloading apps from the official app store. Third-party app stores are more likely to have malware.
  • Not connecting to free Wi-Fi networks, and if you must, avoiding sensitive business tasks.

Learn from healthcare mobile device security infrastructure

In terms of infrastructure considerations, mobile device management (MDM) is essential. Mustaca insists on the use of encryption on all network connections and storage, even if open networks make admin tasks easier. He also stated that, for hospital Wi-Fi networks, IT administrators should have a multi-stage process for authorization and authentication rather than a single-stage solution.

“Set up passwords for the devices, so that not just anybody can access them,” advised Mustaca. “After the device is secured, create accounts for each user who needs to access data from the back end. This way, even if a disgruntled employee tries to steal a device and access the data, you can still block access to sensitive data.”


© Copyright 2017 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity
Check www.mustaca.com for the IT Consulting services I offer.

About the Author

Sorin Mustaca
Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since year 2000 in the IT Security industry and worked between 2003-2014 for Avira as Product Manager for the known products used by over 100 million users world-wide. Today he is an independent IT Security Consultant focusing on Cybersecurity, secure software development and security for IoT and Automotive. He is also running his personal blog Sorin Mustaca on Cybersecurity and is the author of the free eBook Improve your security .

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close