|
|
| Industry Review |
 prev | index | next  |
 |
| Healthcare |
|
Healthcare providers operate in an environment under siege. Effective service delivery is constantly under threat from rising costs, emerging epidemics, insufficient infrastructure and increased regulations. Central to the survivability of any healthcare provider is the availability and protection of its newest most distinguished asset, information. In today's age information refers not only to the expert know-how of professional staff but also the company's electronic records, including financial, technical, HR as well as patient's personal and financial details. 'Information' further includes the interconnected software applications inherent in the provider's many computer and critical life support systems.
Adequate IT infrastructure enabling reliable and secure information flow is therefore of critical concern to the provider as failure to perform can mean competitive loss, legal penalties and even loss of stakeholder lives.
|
Industry drivers causing rapid change in IT infrastructure
With the widespread adoption of Internet technologies for business communication the healthcare industry has found new challenges to survival. By making patient information - everything from private medical records to financial payment data - available on the Internet, healthcare providers are exposing their customers to a host of threats ranging from identity theft to potential blackmail and worse. In an industry where privacy and confidentiality are the foundation of the doctor/patient relationship, such risks are unacceptable and have spawned Government regulation to ensure national standards.
Regulations - HIPAA
One of the biggest drivers of IT change in the Healthcare industry is HIPAA, the Health Insurance Portability and Accountability Act of 1996. While introduced in 1996 its compliance requirements are vast and demanding such that, despite successive extensions, many leading healthcare organizations are still either building new implementations or responding to bruising audit reports on their shortcomings. Essentially HIPPA sets new standards for the privacy and security of patient's sensitive information requiring Healthcare institutions to invest heavily in new infrastructure for information availability, redundancy, monitoring and security. Failure to comply with Federal HIPAA regulations can result in heavy penalties, even jail time for healthcare managers in violation.
Regulations - SOX
Another significant driver of IT change in healthcare institutions is the Sarbanes-Oxley Act of 2002 (SOX). Affecting all public companies traded on US stock exchanges SOX primarily focuses on IT security and requires companies to assess any risk associated with information technology or the internal process that may impact the accurate and timely reporting of financial information. Similar to HIPAA this regulation is a major driver of new Corporate level sensitivity to IT infrastructural change in this industry.
Issues moving from today's reality to compliance
Whatever approach companies adopt to compliance the issues affecting new architecture implementations are similar for all. These include the following:
- Costs
New infrastructure includes mass storage, higher bandwidth networks, datacenter consolidation, redundancy and security. On SOX alone, it is estimated that companies will spend two percent of their total revenue on compliance - up to $2 million per every $100 million company. This level of expenditure requires that the company ensure maximum transparency and leverage the ROI potential.
- Time
Too often the actual implementation time falls outside the allowed time for compliance. While extensions are given end users are more often forced to meet punishing deadlines that department and senior level execs, as well as auditors, are rarely patient with.
- Managing convergence across multiple regions
While HIPAA is ultimately intended to standardize the processes and make portable the patient's information across all US healthcare institutions the process for each healthcare company in achieving this standard is more challenging for some than others. Technology convergence requires widespread change to IT architectures. This process is made significantly worse when the organization is international and each region's IT department is autonomous. Changes for these companies tend to affect the organization on multiple levels.
Other ongoing reasons for structural change in IT deployments include integration of networks resulting from Mergers and Acquisitions activity in a continuing trend toward globalization. The affects of this are felt by IT managers who now find the implementation of upgrades, transitions and convergences more difficult to manage than before.
The question that vendors must answer for the healthcare industry is how implementation of compliance and other structural changes to the monitoring infrastructure can be made pervasive at price levels that are affordable!
VSS monitoring is a leader in network monitoring because it is enabling total visibility throughout the network while reducing deployment costs of the monitoring infrastructure by up to 80%. On the next page we'll see how.
Healthcare providers rely on critical systems for life support and emergency response. Of essential importance to their IT infrastructure is the right equipment to monitor the network, without which, the privacy, security and performance of the system can not be known or kept track of. A lack of adequate monitoring would invariably produce below expectation results for ROI and other key objectives of the system enhancements. Information availability and redundant infrastructure is impossible to troubleshoot and keep safe without sufficient real time visibility with the right equipment distributed across critical locations.
VSS monitoring through its network taps and distributed solutions ensure that the network monitoring process achieves total visibility stealth and security so as to maximize.
While many enterprises and financial institutions require IT services back online within minutes, healthcare providers typically require emergency response immediately. Hence the need for a secure and efficient network that includes redundancy and monitoring where online data is captured in real time in both the production and backup environments. In order to monitor the network effectively and comply with relevant regulations Healthcare organizations implement a combination of the following tools:
IDS Deployments(Intrusion Detection System)
An intrusion detection device enables detection of most types of malicious traffic that cannot normally be detected by firewalls. Traditionally located in the gateway and DMZ, IDS tools are essential for capturing and analyzing signature, protocol and anomaly based attacks where in the past such attacks have wreaked havoc and cost industry billions of dollars. Previously attacks included Code Red, Nimda, DDoS, Super Worms while new threats are continually emerging.
An IDS is most effectively deployed using a network tap where that tap is fail-safe, maintains stealth and ensures maximum visibility to each packet. Real-time detection and being able to take immediate action significantly improves the odds of successfully terminating intrusions as well as tracing intrusion attempts to their source.
As up to 70% of all attacks occur from within the company IDS tools are more often required in various network locations other than just the perimeter. This therefore requires the IT professional to investigate cost effective deployment techniques that do not hinder performance. This is where VSS monitoring's distributed solution creates outstanding value opportunities for the organization - where IT professionals did not before expect possible.
Analyzer Deployments
Analyzers assist the network management process by enabling time sensitive troubleshooting as well as performance measurement of both the network and the information / applications running above it.
Specifically, analyzers or 'sniffers' are used to intercept and decode all packets passing over the network so as to determine problems, network usage, new statistics, reporting and debugging client-server communications.
Having access to patient information 24 hours a day is essential in the healthcare environment. Hence when a system goes down or the network performance suddenly slows to critical levels then being able to speedily point the analyzer to the affected location and troubleshoot the application and/or network performance is an essential tool in maintaining the system upkeep.
VSS monitoring's taps enable expansive coverage of distributed networks to a single analyzer providing unprecedented cost savings in both the deployment as well as operational costs of Analyzers. In addition the VSS Distributed Taps enable immediate response times through simple point and select HTTP controls.
Forensics Deployments
Typical Network Forensics tools enable packet capture and long term storage as well as deep postmortem analysis of traffic patterns. These tools capture and record network traffic to look back-in-time to examine performance, observe traffic trends, isolate anomalies, perform deep packet analysis and generate summary reports.
The resulting benefits include being able to pinpoint the root causes of complex performance problems as well as being able to determine the extent of damage caused by a malicious intrusion. This is not only useful in base-lining the network but is an invaluable tool when trying to recover from a devastating attack
Network Taps & Distributed Solutions
VSS monitoring's distributed data collection tools are changing the architecture of network monitoring. The deployment of these tools enables inline monitoring as well as capture of all available data from span ports throughout the core and distribution networks. This enables a distributed data collection systems that centralizes the monitoring servers creating widespread network visibility while reducing the cost of those server deployments. Analyzers, IDS and Forensics tools are especially expensive when deployed in the distributed architecture suggested by those vendors. These costs are experienced through hardware, software licenses and annual maintenance of each. The VSS monitoring distributed taps enable the convergence and simultaneous usage of these tools while radically reducing their costs.
Considering the extent to which critical systems in the healthcare network need to be fail safe and always secure, the choice of data collection system (VSS network taps) over any other data collection system is of critical importance.
The above sketch shows a distributed healthcare network being monitored in central locations to achieve deployment/operating cost reductions as well as immediate response times to incidents on critical systems. |
|
|
| |
|
