What Healthcare Organizations Need To Know About Cloud Drift

Cloud Computing has modernized the way healthcare and life sciences infrastructures and applications are built, operated and managed, helping healthcare professionals quickly deliver or reduce the resources needed to meet the growing demand for new workloads for healthcare applications. However, if you work in a cloud environment, it can be difficult to verify the security status of multiple workloads while meeting the increasing number of requirements of the Health Insurance Portability and Accountability Act (HIPAA).  Many hospitals, clinics, nursing homes and other healthcare providers have turned to cloud-based Safe Posture Management (SPM) for help in their public cloud environment.

Monitoring the safe position of the cloud is important, but what is it?

CSPM is a relatively new concept in the world of security capabilities. In recent years the KSPM method has become popular because more and more organizations have adopted the cloud method. KSPM enables an organization to monitor security risks in the public cloud and automatically resolve certain security issues.  Simply put: It manages the cloud environment and alerts the team to potential problems and risks.

As your public cloud grows, it’s always important to detect sensitive data and protect it from configuration errors. But as your public cloud grows, so does the complexity of identity and data management within your organization. Organizations can use CSPM to consolidate potential configuration errors and to provide end-to-end insight into information transfer. With the KSPM, a healthcare organization can integrate itself into structures such as HIPAA, SOC2, PHI, HiTrust and CIS.

The KSPM can detect problems such as missing encryption, mismanagement of encryption keys, additional account authorisations and other problems such as configuration changes.

Configuration of floating clouds

The use of cloud-based applications and services is common to every healthcare organization. As with all technologies, new functions need to be added and existing functions need to be updated. With each change or configuration, holes may form and accumulate over time, resulting in a change of configuration. Without effective detection of configuration drifts, the impact on the business can be enormous, whether it’s configuration drifts in micro-services, DevOps or cloud security.

During the implementation, the infrastructure of your healthcare organization is mapped, so that the DevOps or Cloud Computing team understands all aspects of the infrastructure. When changes are made, either for strategic reasons such as improving patient experience, or for tactical reasons such as adding or consolidating databases, team members may not be aware of these changes. As a result, this new infrastructure differs from the original security base and these undiscovered and unknown changes mean that the team no longer has full visibility across the entire cloud.

Configuration drift can have a number of consequences for identities, roles, systems, databases, access, etc. throughout the organization. With declining resources, there is a need for effective resource allocation, operational support, streamlined cooperation and coordination between the different teams and management. Lack of visibility only aggravates these problems over time.

An error may occur

As the system moves away from its original state, critical changes to key operational groups, whether DevOps, CloudOps or other infrastructure management groups, may go unnoticed. But what does this actually mean for IT managers, users, patients and the healthcare organisation in general?

As the changes remain unnoticed and uncontrollable, the number of adjustments to the public cloud increases over time. Failure to understand how the security system evolves can lead to a number of problems affecting operational efficiency, security, access and a number of other critical functions.

Below are some basic examples of how configuration changes can occur in a healthcare organisation on a daily basis.

Usual drift: Evolution of resources

The user adds an example of AWS EC2 that affects the organization’s compliance with cloud computing regulations. This change is contrary to your organization’s internal safety framework and HIPAA regulations. Ideally, you need a tool that identifies the EC2 instance as unsuitable and corrects the problem.

Usual drift: Employee error

It’s Friday and the funds will be promoted through a special project. Your employees don’t need long resources, so they accidentally lost the AWS S3 protection? Without protection, the information stored in Amazon S3’s open buckets can be accessed using scripts and other tools. As the information in the bucket can be confidential, this is a crucial security risk.

Usual drift: Human error

One of your developers uses the Lambda console to configure function parameters and to add triggers to another service that integrates the Lambda console such as DynamoDB. To set up a serverless service, developers must define the components to be used (i.e. lambda code, API, DNS, databases, static web pages etc.) and define a permission policy for the way these components interact. However, developers want to make rapid progress and make a mistake by defining policies for resource- and execution-based roles that make all actions possible for everyone. This is an easy way for serverless components to communicate with each other, but it has created a clear security hole.

Forest configuration drift control

The idea of a drifting configuration may seem surprising, but the good news is that the configuration drift can be managed effectively. All measures taken by the company to keep track of changes in the system help to reduce some of the headaches that can occur.

In addition to solving problems arising from configuration drift, management can also influence other areas. Effective drift management can ensure that infrastructure meets safety or regulatory requirements and that cloud resources are properly managed, especially in a multi-cloud environment. Drift management also ensures correct and efficient use of available resources by giving teams more opportunities for collaboration and coordination, both face-to-face and remotely, resulting in a better experience for both internal customers and external stakeholders.

Regardless of management’s primary concern – compliance and risk or impact on the patient experience – a solution that can address a drifting configuration as soon as it is detected will reduce the overall impact on your business.

To learn more about KSPM for healthcare and how to effectively manage cloud and configuration drift, attend our next webinar. In this webinar, presented by Dan Woods, technology analyst and founder of Early Adopter Research, and Eric Kedrosky, director of Cloud Security Research and CISO at Sonrai Security, we discuss how healthcare organizations secure their modern application workloads in the cloud while maintaining control over cloud compliance and position.

The contribution that health organisations need to know about cloud writing has been published for the first time on the Sonrai Security website.

*** This is the syndicate Blog Security Bloggers Network of Blog – Sonrai Security, written by Eric Kedrosky. The original message can be found at https://sonraisecurity.com/blog/what-healthcare-organizations-need-to-know-about-cloud-drift/.

You May Also Like