Health Care Endpoint Hygiene: A Post-WannaCry Call to Action

June 22, 2017
| |
< 1 min read

More so than in any other industry, the recent WannaCry attack caused health care organizations to rethink processes for keeping systems current and secure. Although Microsoft patched the very vulnerabilities WannaCry exploited over three months ago, many organizations are still struggling to find and patch relevant computers and systems.

The Hidden Complexities of Endpoint Hygiene

According to the Ponemon Institute’s “Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data,” 79 percent of health care organizations suffered from two or more data breaches in the past two years. This number is even more alarming when you consider that cyberattacks against health care organizations could literally put lives at risk. When a hospital’s systems are compromised, patients suffer along with the organization experiencing the breach.

In today’s data-reliant environment, if recovery times to these breaches are being measured in days or even hours, the damage can be catastrophic. The idea of employing basic endpoint hygiene, then, seems logical. So why has WannaCry been so damaging? The answer may lie in the hidden complexities of effective patch management.

Simplifying Patch Management

Most endpoint tools are insufficient to address these kinds of ransomware attacks because they lack visibility and exhibit sporadic endpoint hygiene. Fortunately, there are ways to tackle these complications.

IBM BigFix simplifies patch management with a comprehensive solution built for highly distributed, heterogeneous environments, including low-speed networks and internet-facing computers. BigFix can help organizations see, change, enforce and report on patch compliance status in real time, on a global scale and through a single console.

Mark Phinick
Worldwide Business Unit Executive
Mark Phinick is a contributor for SecurityIntelligence.