Health Care Endpoint Hygiene: A Post-WannaCry Call to Action
More so than in any other industry, the recent WannaCry attack caused health care organizations to rethink processes for keeping systems current and secure. Although Microsoft patched the very vulnerabilities WannaCry exploited over three months ago, many organizations are still struggling to find and patch relevant computers and systems.
The Hidden Complexities of Endpoint Hygiene
According to the Ponemon Institute’s “Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data,” 79 percent of health care organizations suffered from two or more data breaches in the past two years. This number is even more alarming when you consider that cyberattacks against health care organizations could literally put lives at risk. When a hospital’s systems are compromised, patients suffer along with the organization experiencing the breach.
In today’s data-reliant environment, if recovery times to these breaches are being measured in days or even hours, the damage can be catastrophic. The idea of employing basic endpoint hygiene, then, seems logical. So why has WannaCry been so damaging? The answer may lie in the hidden complexities of effective patch management.
Simplifying Patch Management
Most endpoint tools are insufficient to address these kinds of ransomware attacks because they lack visibility and exhibit sporadic endpoint hygiene. Fortunately, there are ways to tackle these complications.
IBM BigFix simplifies patch management with a comprehensive solution built for highly distributed, heterogeneous environments, including low-speed networks and internet-facing computers. BigFix can help organizations see, change, enforce and report on patch compliance status in real time, on a global scale and through a single console.
To learn more, attend the June 28 webinar, “Security Hygiene for Health Care — Avoid Being the Next Ransomware Victim.” In this sessionm Connie Lamicela, CTO of ESM Technology, will join me to discuss effective patch management and offer advice to help you identify, prioritize and remediate threats through process automation — before they disrupt your operations.