Healthcare Mobile Security | Dell SecureWorks

Healthcare Mobile Security

Mobile device usage in healthcare facilities has increased significantly in recent years, with more than 2 out of 5 physicians already using a smartphone or tablet during patient consultations. The potential benefits to adoption of these devices are compelling, including facilitation of patient involvement in the care process, as well as increased efficiencies and cost savings for the organization. However, mobile device usage is also fraught with risks that must be carefully managed to avoid penalties and damaged reputation from breaches of Personal Health Information (PHI). With a strong demand from clinicians to use personal devices in the workplace, concerns around how to track, encrypt, and manage these devices must be balanced with processes for how they are governed, and ensure that the balance is justified by enhanced productivity of clinicians and the organization as a whole.

Dell SecureWorks mobile device security services for healthcare include:

Mobile Application Security Assessment

Dell SecureWorks offers a Mobile Application Security Assessment methodology specifically geared to mobile platforms and applications. Each engagement is based on standard, repeatable processes, but is scoped and planned individually. The testing typically combines both automated and manually testing for known vulnerabilities and undiscovered exposures. Specific techniques will vary based on mobile platform, purpose of the application(s), coding practices and quality of the application(s), and the unique deployment environment.

This assessment service is a holistic and prioritized approach to testing mobile applications which reduces your overall risks and associated remediation costs.

Learn More

Mobile Security Strategy and Roadmap

Dell SecureWorks can assist you in thinking about your overall approach to security on mobile devices, and leverage well-tested methodologies to examine how an organization is planning to move forward, how mobility will be a part of that strategic direction, and how security should be considered and integrated to support the business. The output of this engagement is a strategic plan and roadmap to help drive organizational decisions about mobility and security.

Mobile Device Use Risk Assessment

This is for Organizations that need a more granular analysis of a particular mobile solution. This service examines mobile device use cases, correlates these to data and system access, and assesses the security and compliance risk to the organization. We then provide a prioritized risk rating and recommendations specific to your organization, in order to reduce or mitigate the risks. This service is especially useful for organizations that want to determine the full costs and risks of using mobile devices. These can be existing mobile deployments, projects underway or proposed approaches. The typical customer needs for commencing a Mobile Device Use Risk Assessment are to comply with regulatory requirements, or prior to a proposed project which adds mobile access.

Regulations such as HIPAA and HITECH impose certain security and privacy controls and objectives. For these organizations, understanding the risks posed by the use of mobile devices and apps is key to understanding their compliance status. This service can answer many questions for these organizations. For example: If a healthcare provider loses their mobile tablet used to read charts, is there a requirement to notify patients or regulatory agencies?

Another common scenario for a Mobile Device Use Risk Assessment is when you’re moving from one smart phone platform or ownership model to another. For example, moving from corporate-provided Blackberry devices to a “bring your own” approach which will require supporting Android, Windows, Apple and Blackberry platforms. This is increasingly common as more individuals own smart phones and want to use their device (BYOD) to access corporate resources, rather than carrying two separate devices. Many organizations are exploring BYOD as a means of reducing telephony costs, but additional risks must be planned for and mitigated to ensure that these policies do not introduce additional threats.

Incident Response and Digital Forensics

The need for forensics and incident response around mobile devices increases as the use of these devices increases. Potential incidents can range from malware or rogue applications, to lost devices, to employee abuse. These problems are not unique to mobile devices, but to effectively manage an incident where mobile devices are involved, often requires specialized tools and knowledge.

The differences between recent mobile devices and traditional equipment means that special consideration must be taken when performing forensic analyses on the devices. Traditional forensic techniques for examining the contents of the device must be modified to acquire data from mobile devices. This requires special hardware, software and training. Dell SecureWorks has these capabilities in our Forensic Analysis service and continues to build them as more and more specialization is required.

Mobile malware represents yet another specialized area of security and risk considerations. The options for automated mobile malware detection and removal are limited on these devices. This increases the likelihood that malicious code could go undetected for long periods of time on a mobile device. However, Dell SecureWorks can provide analysis of the malware through our Incident Response Malware Analysis services.

Learn More

 

 

TESTIMONIALS

ARTICLES

Next Steps

phonepicCall Us Today
(877) 838-7947
UK +44 131 260 3044

WHITE PAPERS

SMB SOLUTIONS

Online Tools

  • Print this Page
  • Share This Resource





By completing this form you'll be opting in to receiving future communications about products and services from Dell SecureWorks.