Lockdown Network Access Control — Healthcare Solutions
HIPAA's compliance mandates place a demanding load on stretched healthcare IT departments. But that doesn't mean all aspects of HIPAA compliance need to be excessively complex or costly.
Lockdown network access control (NAC) provides essential technologies required to automate HIPAA security practices, providing valuable audit trails, and easing passage of compliance audits.
Overview
Healthcare organizations rely on network and computing resources to ensure the health and wellbeing of patients – no–stop, around–the–clock.
Advances in technology have allowed care providers to use electronic records and increase efficiency, so they can focus on their core responsibility – patient care. Meeting standards for safeguarding sensitive information such as patient records and to prevent fraud and abuse is mandated in Title II of HIPAA, the Health Insurance Portability and Accountability Act. The "Security Rule" outlines administrative, physical, and technical safeguards including policies, reporting, access control and authentication amongst many others.
Lockdown network access control ensures these controls can be effectively enforced and automated, without putting patients at risk.
How It Works
Lockdown's application in healthcare environments revolves around crafting policies to control access to the network, using identity and device health as primary access criteria.
- Lockdown network access control works with existing authentication systems to provide signle sign–on access to networks. However, unlike traditional authentication, Lockdown isolated devices from the network until unauthorized user to bypass authentication systems.
- Lockdown network access control allows IT administrators to create sophisticated rule sets to white–list devices such as servers or life support equipment, either auditing them and using notification instead of enforcement, or bypassing them completely.
- Lockdown network access controls Precision Policy Engine can apply policies specific to each user group. So for a given compliance lapse, physicians would receive email notification and remediation directions, while administrative staff could be quarantined for user–based remediation.
- Non–authenticated users, such as patients, guest or vendors, can be automatically put on a guest network for their convenience, without compromising security. And with sophisticated guest registration capabilities, Lockdown also simplifies the process of registering users and devices for temporary access to public or restricted networks.
For Network integrations, Lockdown network access control is particulary well–suited to healthcare environments because:
- Lockdown Enforcer™ works with multi–vendor switching, wireless and routing infrastructure, enforcing access decisions using VLANs on key network control points, moving enforcement as close–to–the–edge as possible.
- Lockdown Commander™ assures a seamless and fast roaming experience for mobile users, a critical consideration when staff has to move throughout a facility, yet have rapid access to network resources.
- The Lockdown network access control Precision Policy Engine can apply policies specific to each user group. So for a given compliance lapse, physicians would receive email notification and remediation directions, while administrative staff can be quarantined for user–based remediation.
- Many healthcare organizations employ physicians and medical staff members in remote and urgent care locations. The facilities are geographically seperated from the main campus of the hospital and employ fewer professionals. Lockdown Sentry™ is an economical solution to deploying full–power network access control in these smaller, remote locations.
- Guests on hospital networks, such as patients, vendors, visiting physicians, etc, require access to the Internet. Lockdown provides admin or user creation of guest accounts, and device registration services. Lockdown can automatically route these unmanaged devices to appropriate guest or production networks, and ensures they present no threat to the network.
- Hospitals and other health care facilities mission–critical computing resources, such as life support systems than cannot be taken offline, or even assessed for vulnerabilities. Lockdown network access control allows IT administrators to control what tests apply to which devices, and to analyze data from numerous inputs to make intelligent access decisions specific to each user, device, and connection method or health status. Lockdown networks access control can white–list mission critical devices and notify IT administrators with compliance violations instead of quarantining these devices for remediation, or even just ignore them completely. This allows administrators to schedule change management and service devices when it's appropriate.
- Consolidations in the healthcare industry create incredibly heterogeneous computing environments. Lockdown networks access control integrated with exisiting infrastructure regardless of vendor – no upgrades – so you can benefit from network access control today, even on top of complex post–merger networks.