security

Application Workloads in Healthcare: How Zero Trust Protects Them – HealthTech Magazine


Zero-Trust Network Access Can Strengthen Application Workloads

To bolster the security of application workloads, networks must verify every user before they receive permission to access critical resources, Newton says. Network administrators then log the access for later analysis or auditing.

“This verification applies regardless of whether the user is trying to access those resources remotely or is already within the network perimeter, helping to ensure a higher security posture for organizations, and it is especially powerful for organizations with a hybrid workforce,” Newton says.

Health systems can use a type of IT security solution called zero-trust network access (ZTNA), which delivers secure remote access to a health system’s applications according to an organization’s specific access control policies.

“ZTNA takes the principles of zero trust and applies them to application access,” Newton says. “Its per-session controls mean that users and devices are authenticated and monitored every time they seek to access an application, effectively closing security gaps that can arise from things like unattended devices.”

DISCOVER: Zero trust lessons health IT teams can learn from the federal government.

Automation helps health organizations integrate security systems with applications, says Greenberg.

“Once the security is attached to the application and knows the application, it’s much easier for you to implement a zero-trust approach because there is a symbiotic relationship between the application and the security,” Greenberg says. “If the security is detached from the workload, then everything needs to be configured manually, and that’s not a good practice, and not even viable in the digital world.”

Readers Also Like:  How access management helps protect identities in the cloud - VentureBeat

In addition, healthcare systems must understand how applications operate within their environment, Gregory notes.

He adds that a key strategy entails vetting application workloads. “That, to me, is the critical step toward identifying the controls and the security policies needed to achieve zero-trust principles,” Gregory says.



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.