Securing Network Closets in Healthcare Facilities

Greetings and welcome back.  In today’s blog we look at a subject that is all-too-often overlooked in hospitals, doctors offices, and other medical facilities: Securing Network Closets in Healthcare Facilities.  The fact is, healthcare records have the largest value of any type of record in the black market for Personally Identifiable Information (PII).  Because of this, healthcare facilities will always be prime targets for data thieves and network closets are one of the most poorly secured part of most healthcare facilities.

In a study of all network closets in a large university, this excellent paper published by East Tennessee State University by Nathan Timbs shows that there were, on average, more than 1 threat, hazard or vulnerability for each of the 82 network closets surveyed.  Not surprisingly, data thieves have become very accomplished at using vulnerabilities in the cyber/physical security of wiring closets to steal large quantities of valuable data.  Another excellent paper published online by Towson State University shows how easily a person can gain physical access to a network closet to place an eavesdropping device into most any network.  This device – which can be a simple switch that is converted to their own nefarious purposes – then sends data offsite to their data capture system, completing the theft process.

This process, known as a man-in-the-middle attack system, is surprisingly fast and easy to add to any network closet.  In fact, some of the largest data thefts recorded have been accomplished by cyber/physical man-in-the-middle attacks such as those discussed by these two excellent papers.   This creates a significant challenge to healthcare facilities because HIPAA requires security of all your Physical, Cyber and Operational assets as is shown in the following graphic and, network closets are definitely a key to being secure and HIPAA Compliant.

Securing Network Closets in Healthcare Facilities

 

Because of these issues, it is vital that Physical, Cyber and Operational security need to be addressed in the network closet, preferably with a single unified solution.  RackGuardian was build from the ground-up to be a system that provides full physical and cybersecurity to your network closets and all of the equipment within them.

RackGuardian does all the following:

  • Interfaces and securely manages any Wiegand-Based Access Card System
  • Interfaces and protects any SNMP-based computer, network or power system
  • Provides full physical and operational monitoring of the network closet

Please think about this and take a look at RackGuardian.  We would be happy to confidentially discuss the security of your network closets for your facility.

Until Next Time,

Be Well!

Network Closet Vulnerabilities – Cybersecurity

Greetings and welcome back!  In today’s blog we will look at the problem of cybersecurity in network closets and small server rooms.  This is of particular importance to those who fall under the requirements of HIPAA, PCI-DSS or Gramm Leach Bliley as they make no distinction in where the data is located or the size of the data room.  In fact, while larger data centers often have layers of physical and cybersecurity, smaller network closets and server rooms have little, and in some cases no meaningful physical or cybersecurity.

There are a large group of smaller network rooms whose only cybersecurity is an inexpensive firewall box, which is easily evaded by a hacker.  Hackers or professional cyber criminals do not like to leave a trail to follow so, once they enter a network they often look for a device in which to hide-out while they explore the network and look for targets from which to steal data.  We have found that a favorite place to hide for these criminals in inside the network card of a Rack UPS or Power Distribution Unit (PDU).  In fact, one of the most spectacular data thefts in the past couple of years was executed through the Rack PDU of a cloud service provider.  This excellent article shows how the Rack PDU’s were used as a jumping-off-point into the servers in order to steal data.

In addition to using a Rack UPS or PDU as a hiding place from which to launch an attack on the servers within that rack, these networked power units can also be used to shut down servers and even to destroy the data in the servers.  The widely-publicized Ukrainian Power Plant hack was an excellent example of how a UPS system can be used to shut down and then wreak havoc on servers.  In this case, Malware was used to program two UPS units to shut down at exactly the same time, cutting power to all critical servers and desk tops in the power plant.

If your systems are covered under security regulations, they must have backup power systems and, if they have backup power systems, they also must be protected from hackers.  It is wishful thinking to assume all cyberattacks on a server will be from the front-door.  In today’s world of increasingly sophisticated bad guys, back doors to servers – such as those offered by UPS and PDU systems – make perfect cover for a data thief.

Fortunately, RackGuardian was designed from the ground-up to both monitor your network/server room power and environment and to provide full firewall protection at the same time.  That’s because RackGuardian includes a private network port on which to query any SNMP or Modbus system securely in its own cyber-safe envelope.  The RackGuardian seals-off all units that it monitors because its second network port pushes data to the cloud but it will not accept ANY attempts to connect with it.  All of your SNMP and Modbus systems that are being monitored by RackGuardian are invisible to the outside world because there is no way to get through the RackGuardian to see them.

If you have network closets and server rooms that need to be protected, please don’t just protect the front-door of your servers, protect the back door of your UPS and PDU units and keep the bad-guys at bay!

Until Next Time,

Be Well!