Greetings and welcome back. In today’s blog we look at a subject that is all-too-often overlooked in hospitals, doctors offices, and other medical facilities: Securing Network Closets in Healthcare Facilities. The fact is, healthcare records have the largest value of any type of record in the black market for Personally Identifiable Information (PII). Because of this, healthcare facilities will always be prime targets for data thieves and network closets are one of the most poorly secured part of most healthcare facilities.
In a study of all network closets in a large university, this excellent paper published by East Tennessee State University by Nathan Timbs shows that there were, on average, more than 1 threat, hazard or vulnerability for each of the 82 network closets surveyed. Not surprisingly, data thieves have become very accomplished at using vulnerabilities in the cyber/physical security of wiring closets to steal large quantities of valuable data. Another excellent paper published online by Towson State University shows how easily a person can gain physical access to a network closet to place an eavesdropping device into most any network. This device – which can be a simple switch that is converted to their own nefarious purposes – then sends data offsite to their data capture system, completing the theft process.
This process, known as a man-in-the-middle attack system, is surprisingly fast and easy to add to any network closet. In fact, some of the largest data thefts recorded have been accomplished by cyber/physical man-in-the-middle attacks such as those discussed by these two excellent papers. This creates a significant challenge to healthcare facilities because HIPAA requires security of all your Physical, Cyber and Operational assets as is shown in the following graphic and, network closets are definitely a key to being secure and HIPAA Compliant.
Because of these issues, it is vital that Physical, Cyber and Operational security need to be addressed in the network closet, preferably with a single unified solution. RackGuardian was build from the ground-up to be a system that provides full physical and cybersecurity to your network closets and all of the equipment within them.
RackGuardian does all the following:
- Interfaces and securely manages any Wiegand-Based Access Card System
- Interfaces and protects any SNMP-based computer, network or power system
- Provides full physical and operational monitoring of the network closet
Please think about this and take a look at RackGuardian. We would be happy to confidentially discuss the security of your network closets for your facility.
Until Next Time,