Choosing the right two-factor authentication solution for healthcare

Similar documents
A Quick Guide to EPCS. What You Need to Know to Implement Electronic Prescriptions for Controlled Substances

DigitalPersona for Healthcare Organizations

Imprivata 2014 Desktop Virtualisation Trends in Europe Report

hidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION

EBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS

WHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD

A HOLISTIC APPROACH TO IDENTITY AND AUTHENTICATION. Establish Create Use Manage

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

Passwords Are Dead. Long Live Multi-Factor Authentication. Chris Webber, Security Strategist

The Benefits of EPCS Beyond Compliance August 15, 2016

mhealth SECURITY: STATS AND SOLUTIONS

white paper SMS Authentication: 10 Things to Know Before You Buy

Adaptive Authentication Adapter for Citrix XenApp. Adaptive Authentication in Citrix XenApp Environments. Solution Brief

Next Generation Authentication

TECHNOLOGY LEADER IN GLOBAL REAL-TIME TWO-FACTOR AUTHENTICATION

PULSE TAKING THE PHYSICIAN S

2018 GLOBAL CHANNEL PARTNER SURVEY THYCOTIC CHANNEL PARTNER SURVEY REPORT

Compliant. Secure. Dependable.

Keep the Door Open for Users and Closed to Hackers

Yubico with Centrify for Mac - Deployment Guide

Introduction. SecureAuth Corporation Tel: SecureAuth Corporation. All Rights Reserved.

ADAPTIVE AUTHENTICATION ADAPTER FOR IBM TIVOLI. Adaptive Authentication in IBM Tivoli Environments. Solution Brief

Overview. Premium Data Sheet. DigitalPersona. DigitalPersona s Composite Authentication transforms the way IT

Dissecting NIST Digital Identity Guidelines

Crash course in Azure Active Directory

WHITEPAPER. How to secure your Post-perimeter world

New Paradigms of Digital Identity:

Challenges and. Opportunities. MSPs are Facing in Security

Using Biometric Authentication to Elevate Enterprise Security

Ten ways Imprivata Cortext adds HIPAA compliance to text messaging

Authlogics for Azure and Office 365

VAM. Epic epcs Value-Added Module (VAM) Deployment Guide

Securing Office 365 with Symantec

Addressing Cybersecurity in Infusion Devices

The Role of the CMIO in Advancing Cybersecurity

Two-Factor Authentication over Mobile: Simplifying Security and Authentication

Protect Yourself Against VPN-Based Attacks: Five Do s and Don ts

Adaptive Authentication Adapter for Juniper SSL VPNs. Adaptive Authentication in Juniper SSL VPN Environments. Solution Brief

RSA Solution Brief. Providing Secure Access to Corporate Resources from BlackBerry. Devices. Leveraging Two-factor Authentication. RSA Solution Brief

A Practical Step-by-Step Guide to Managing Cloud Access in your Organization

HIPAA Compliance is not a Cybersecurity Strategy

Best Practices in Securing Your Customer Data in Salesforce, Force.com & Chatter

Cybersecurity Survey Results

Secure Government Computing Initiatives & SecureZIP

Executive Insights. Protecting data, securing systems

White Paper. The North American Electric Reliability Corporation Standards for Critical Infrastructure Protection

Five Reasons It s Time For Secure Single Sign-On

Related Labs: Introduction to Universal Access and F5 SAML IDP (Self-paced)

Today s workforce is Mobile. Cloud and SaaSbased. are being deployed and used faster than ever. Most applications are Web-based apps

EPCS in the State of New York

IDENTITY AND THE NEW AGE OF ENTERPRISE SECURITY BEN SMITH CISSP CRISC CIPT RSA FIELD CTO

Securing Your Most Sensitive Data

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

WHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365

Virtual Machine Encryption Security & Compliance in the Cloud

How Next Generation Trusted Identities Can Help Transform Your Business

HIPAA Regulatory Compliance

SECURING PATIENT DATA

AUTOMATE THE DEPLOYMENT OF SECURE DEVELOPER VPCs

Solution. Imagine... a New World of Authentication.

ips.insight.com/healthcare Identifying mobile security challenges in healthcare

AN IPSWITCH WHITEPAPER. The Definitive Guide to Secure FTP

Healthcare mobility: selecting the right device for better patient care

Remote Access to a Healthcare Facility and the IT professional s obligations under HIPAA and the HITECH Act

2016 Survey: A Pulse on Mobility in Healthcare

CipherCloud CASB+ Connector for ServiceNow

BlackBerry 2FA. Datasheet. BlackBerry 2FA

How to Align Information Security and Safety in Healthcare

Anticipating the wider business impact of a cyber breach in the health care industry

INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.1 SUCCESS AKAMAI SOLUTIONS BRIEF INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.

HEALTHCARE IT NETWORK SURVEY REPORT

IBM Security Access Manager

How your network can take on the cloud and win. Think beyond traditional networking toward a secure digital perimeter

A Government Health Agency Trusts Tenable to Protect Patient Data and Manage Expanding Attack Surface

Make security part of your client systems refresh

Healthcare Security Success Story

Mobile Field Worker Security Advocate Series: Customer Conversation Guide. Research by IDC, 2015

White Paper. Enabling Mobile Users and Staying Compliant. How Healthcare Organizations Manage Both

Information Governance, the Next Evolution of Privacy and Security

Access Management Handbook

Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers

ADTRAN: Real Solutions. Healthcare

EXPERIENCE SIMPLER, STRONGER AUTHENTICATION

Paper. Delivering Strong Security in a Hyperconverged Data Center Environment

Monarch General Capabilities Overview EMPOWERING ENABLING CONNECTING

ICE CLEAR EUROPE DMS GLOBAL ID CREATION USER GUIDE VERSION 1.0

Securing Health Data in a BYOD World

TechValidate Survey Report: SaaS Application Trends and Challenges

CYBERSECURITY IN THE POST ACUTE ARENA AGENDA

Identity Management as a Service

Teradata and Protegrity High-Value Protection for High-Value Data

The Device Has Left the Building

IBM Internet Security Systems Proventia Management SiteProtector

Mobile Data Security Essentials for Your Changing, Growing Workforce

Single Sign-On. Introduction

How to Evaluate a Next Generation Mobile Platform

Keys to a more secure data environment

Unlocking Office 365 without a password. How to Secure Access to Your Business Information in the Cloud without needing to remember another password.

THE ROLE OF ADVANCED AUTHENTICATION IN CYBERSECURITY FOR CREDIT UNIONS AND BANKS

Adaptacyjny dostęp do aplikacji wszędzie i z każdego urządzenia

Transcription:

Choosing the right two-factor authentication solution for healthcare

The healthcare industry s transition from paper to electronic records has introduced significant security risk from hackers around the globe, and care providers find themselves in the midst of a cybersecurity war to protect patient health information. In 2015, more than 80% of healthcare organizations reported they had been compromised by a cyberattack in the previous two years, and only half believe they are adequately prepared for future attacks 1. The U.S. Department of Health and Human Services documented that hackers accessed more than 110 million patient health records in 56 major cybersecurity attacks in 2015 alone 2. Many of these successful breaches use social engineering techniques to obtain access to networks, applications, and information. Phishing and similar attacks, for example, leverage cleverly disguised requests for login credentials to dupe unsuspecting employees into entering their usernames and passwords, and have emerged as the top security threat facing healthcare organizations 3. To address these threats, organizations continue to adopt two-factor authentication as a best practice for secure access, requiring users to submit a combination of two of the following to authenticate: Something you are Something you have Something you know FIPScompliant fingerprint biometrics FIPScompliant Hands Free Authentication or push token notification Password Two-factor authentication can significantly improve security, and according to the Annual Report to Congress on the Federal Information Security Management Act, up to 65% of cybersecurity incidents could have been prevented with strong, two-factor authentication 4. 1. 2015 KPMG Healthcare Cybersecurity Survey, August 26, 2015, http://advisory.kpmg.us/content/dam/kpmg-advisory/pdfs/ ManagementConsulting/2015/KPMG-2015-Cyber-Healthcare-Survey.pdf 2. 2015 KPMG Healthcare Cybersecurity Survey, August 26, 2015, http://advisory.kpmg.us/content/dam/kpmg-advisory/pdfs/ ManagementConsulting/2015/KPMG-2015-Cyber-Healthcare-Survey.pdf 3. 2015 HIMSS Cybersecurity Survey, June 30, 2015, http://www.himss.org/2015-cybersecurity-survey 4. Annual Report to Congress: Federal Information Security Management Act, February 27, 2015, https://www.whitehouse.gov/sites/default/files/omb/ assets/egov_docs/final_fy14_fisma_report_02_27_2015.pdf

Healthcare needs a two-factor authentication platform that extends to all workflows Since 2010, the number of U.S. hospitals using two-factor authentication has increased by 53% to address threats from outside the firewall as well as to secure high-value clinical workflows inside the hospital 5. Healthcare delivery organizations across the country are faced with meeting DEA requirements for two-factor authentication for electronic prescribing of controlled substances (EPCS), and there are a number of other clinical workflows where additional authentication is critical to ensuring quality of care. For example, within EpicCare alone, there are more than 40 clinical workflows that may require users to authenticate. These include witnessing medication wasting, blood administration, anesthesia attestation, and others. 65% of cybersecurity incidents could have been prevented with strong authentication Adding these layers of security has the potential to create inefficiencies, so there are a number of factors healthcare organizations must consider when selecting an authentication platform to ensure they do not frustrate users, impede workflows, or create barriers to patient care. These considerations include: Extensibility to meet all present and future authentication needs, inside and outside the hospital Security balanced with convenience to enable not impede patient care through: Embedded authentication workflows that tightly integrate with your EHR and other applications, medical devices, remote access gateways, virtual desktop platforms, and other systems Flexible, comprehensive portfolio of authentication methods Compliance with the highest standards regulating care, such as the DEA requirements for EPCS A platform built specifically for healthcare and its unique workflow needs Imprivata is proud to be the healthcare IT security leader, with more than 1,500 customers and 4 million clinicians using our technology to provide the security that healthcare requires with the convenience that providers need to deliver high-quality care. We have built our solutions from the ground up to meet the unique security and efficiency requirements for healthcare workflows. 5. ONC Data Brief: State and National Trends of Two-Factor Authentication for Non-Federal Acute Care Hospitals, November 2015, https://www.healthit. gov/sites/default/files/briefs/oncdatabrief32_two-factor_authent_trends.pdf.

Imprivata Confirm ID offers the widest range of authentication modalities and workflows for healthcare Imprivata Confirm ID - The comprehensive, enterprise-wide multifactor authentication platform Imprivata Confirm ID is the comprehensive identity and multifactor authentication platform for fast, secure authentication workflows across the healthcare enterprise, and is purpose-built to meet healthcare s unique requirements for solutions that balance security with convenience. Through an unrivaled ecosystem of EHR integrations and the broadest range of innovative, convenient, and DEA-compliant authentication options, Imprivata Confirm ID gives healthcare organizations a complete solution for improving enterprise-wide security without impacting workflow efficiency both on premise and outside the hospital. This eliminates the need for multiple authentication methods from different vendors, increases efficiency for users, improves security and compliance, and reduces total cost of IT ownership. Seamless workflow integration Imprivata Confirm ID offers the most comprehensive ecosystem of direct, productized API-level integrations with leading VPNs and remote access gateways, EHRs and other clinical applications, desktop virtualization platforms, and medical devices. This makes it easy and convenient for users to authenticate within existing workflows and eliminates the need for different authentication solutions for different applications. Instead, users have an easy, fast, and consistent authentication experience across all workflows. Fastest, convenient authentication methods Imprivata Confirm ID offers the broadest range of innovative and convenient authentication options to meet the requirements of all healthcare workflows and individual user preferences. The fast-paced and increasingly mobile nature of care delivery necessitates convenient and flexible two-factor authentication options that can be used inside and outside of the hospital. Imprivata Confirm ID gives users the ability to leverage the methods that best meet their workflow needs. Users are only prompted for the authentication methods that are available and allowed, which further streamlines authentication and improves efficiency.

DEA-compliant two-factor authentication methods Imprivata Confirm ID offers a wide array of DEA-compliant authentication options to help organizations meet the two-factor authentication requirements for EPCS. While most security vendors offer standard one-time password (OTP) tokens to satisfy DEA compliance, Imprivata understands the need to make physician workflows fast, seamless, and convenient. Imprivata Confirm ID offers Hands Free Authentication, push token notification, and fingerprint biometrics to overcome the challenges of manual OTP tokens, improve EPCS efficiency, and drive adoption. The following table provides an overview of the unmatched breadth of innovative, convenient, and DEA-compliant authentication options offered by Imprivata Confirm ID: As a trusted, strategic IT security partner, Imprivata can help you evaluate your requirements for twofactor authentication Selecting the best two-factor authentication platform for your organization As a trusted, strategic IT security partner, Imprivata can help you evaluate your requirements for two-factor authentication, including which authentication methods are best-suited to meet your various workflow requirements. Below is a summary checklist to help you evaluate the best solution for your healthcare enterprise needs. Seamless workflow integration Traditional token vendors VPN integrations Embedded EHR integrations Virtual desktop infrastructure integration Medical Device integrations Fast, Convenient Authentication methods Fingerprint biometrics Hands Free Authentication DEA-compliant push notification Extensible platform for healthcare Centralized authentication management Holistic policy enforcement SSO integration

About Imprivata Imprivata, the healthcare IT security company, enables healthcare globally to access, communicate, and transact patient information, securely and conveniently. The Imprivata platform addresses critical compliance and security challenges while improving productivity and the patient experience. For further information please contact us at 1 781 674 2700 or visit us online at www.imprivata.com Offices in Lexington, MA USA Uxbridge, UK Melbourne, Australia Nuremberg, Germany The Hague, Netherlands Copyright 2017 Imprivata, Inc. All rights reserved. Imprivata and Confirm id are registered trademarks of Imprivata, Inc. in the U.S. and other countries. All other trademarks are the property of their respective owners. CID-WP-2FA-0517

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback