- +49 89 578 361 400
- kontakt@saytec.eu
- Mon - Fr: 8:00 - 17:00
IT security for hospitals and care facilities
The corona pandemic is now – as one would expect – massively influencing the selection of targets and methods by hackers and cybercriminals. Although a few groups “officially” announced that they would not attack medical facilities and hospitals until the end of the Covid 19 crisis, IT security managers shoud by no means rely on this “hacker codex”, but rather enormously strenghten their defensive measures in view of the overall very tense situation. This offers a broad perspective, which above all does not neglect the “human factor” …
Overview of the risk situation
Hospitals, nursing homes and research institutes have long been in the crosshairs of hackers, cyber-blackmailers and organizations that deal with Internet sabotage. On the one hand, interest is focused on the very sought-after customer, patient, research and patent data, on the other hand, institutions and hospitals are simply blackmailed again and again. It is not uncommon for the ransom demands to be tacitly addressed in order to avoid the catastrophic consequences of a complete IT blackout. If these goals cannot complain about a lack of challenges, even in “normal” times, the situation will deteriorate dramatically in view of the current global exceptional situation. In our opinion, the resulting shift in the hazard situation is as follows:
Increasing stress at all levels
People who are under stress make more mistakes. Both medical and administrative staff have been working in the red zone for weeks – or far beyond. Risk awareness in dealing with IT systems also decreases accordingly. It is not for nothing that the authors of phishing e-mails switch from personals, supposedly harmless product information and the typical inheritance information to e-mails that offer the much sought-after protective masks at amazingly affordable prices. Anyone who clicks wrong here out of professional interest and / or pure despair can open the door to cyber criminals for highly sensitive patient, company or research data. Furthermore, the utilization of the IT systems as a whole also increases, so that DDoS attacks that target the overloading and collapse of the digital infrastructure require significantly less bandwidth. Research institutes that have to collect, process and forward corona-relevant data on a large scale are facing an increasing threat and should not compromise on security even under high political and social pressure.
Risk factor teleworking & home office
In order to cut contagion paths and prevent further spreading of the corona pathogen, a large number of people are currently working in the home office – of course also in the healthcare, medical and research sectors. However, you can only work effectively and productively from home if you can easily access all the necessary data – and if there are also trustworthy video conferencing solutions available. The provision of high-security, high-performance and user-friendly applications and connections is therefore one of the most urgent and most demanding tasks of company and institute-internal IT departments. To make matters worse, all countries, industries and areas of life currently have to switch to virtual alternatives. However, due to the large number of remote workplaces, the risk increases significantly. Each remote site is a further risk element for the data, applications and network infrastructures to be protected.
All over the world, IT managers are facing unanticipated challenges. But how can this enormous task be mastered permanently and farsighted, especially in the medical and health sector?
- IT managers need technologies that can be installed, configured and rolled out centrally. In particular, private computers in the home office should be safe to use without installation. This only works if no traces or connection information that can be used for attacks are left on the private computer and the link.
- Improve know-how, refresh risk awareness
On the one hand, of course, the classic must be brought under control: human error can only be overcome with continuous information and further training. New technologies are required here, e.g. Plug and play solutions that protect working environments from the client computer and the user, and which also provide inexperienced users with familiar working environments easily and at the highest security level. Even – and especially – when the general stress level is already at its heights. - Upgrate IT infrastructure – and especially external connections – up to date
But the IT infrastructure must also strike a balance between resilient technology and the most intuitive operation possible. Here, technologies are available that work beyond commercially available VPN solutions, which avoids known compatibility and integration problems, skillfully shift communication to the application level and at the same time provide a simple user interface. Rounded off with the protection of corporate applications and resources at the weakest link in the communication chain – the client PC.
sayTEC technologies for the effective protection of hospital IT
sayTEC offers solutions for two of the biggest IT security problems of our time: Secure network access and reliable backup & restore. In this way, we also ensure that data protection and high data availability work for companies in the healthcare sector.
Network protection
Say No to Hacks – sayYES to sayTRUST
Network access with high security function
Finally simpler instead of more complicated: sayTRUST VPSC (Virtual Private Secure Communication) technology optimizes the previously common VPN, closes critical security gaps and is completely user-friendly. Data traces in unsafe environments are a thing of the past, you remain in full control: sayTRUST secures all information where it belongs – even on mobile interaction and worldwide access – on the protected sayTRUST server behind your firewall. The mobile bodyguard for sensitive company data is only as big as a USB-Stick (better: as big as a pen or the size of a pen) and fits comfortably in any pocket.
Maximum cyber security with minimal effort
Find out in the white paper how our customers benefit from sayTRUST and why you are eventually safe with the new VPSC technology!
Exclusive white paper: Five reasons for IT managers with remote connections to significantly increase security
Backup & Restore
sayFUSE on - risk off
The comprehensive solution for data availability
Tape backup or disk backup? Disaster recovery or business continuity? With sayFUSE (Fast Universal Storage Engine) you no longer have to make a selection, you get the complete package on one platform. sayFUSE makes backup and restore within a single appliance safer, faster, more efficient and scalable. The complexity of the IT infrastructure is reduced and the failure and availability security is increased. The system is much easier to operate than with previous solutions, the space requirement is lower and the operating costs are lower.
sayFUSE for relaxed data security
Patented security concept
impresses with storage and backup.
Find out in the white paper how our customers benefit from sayFUSE!
Exclusive white paper: How you can not only survive data loss but to be able to tick off the topic completely relaxed
Measures for the security of IT systems
- Access control: No access to data processing systems for unauthorized persons,
- Organizational control: consideration of data protection requirements in the design of the internal organization,
- Data carrier control: Secure the data carrier against unauthorized reading, copying, changing or deleting,
- Storage control: Prevent personal data from being entered by unauthorized persons and stored personal data from being read, changed or deleted without authorization,
- User control: prevention of unauthorized use of automated data processing systems by means of data transmission devices
- Transport control: Avoiding that the data can be read, copied, changed or deleted without authorization when transferring personal data and when transporting data carriers.
- Access control: Ensure that the use of automated data processing systems executed solely by access authorizations,
- Transfer control: determine, check and track where personal data has been or can be transferred or made available with the help of data transfer facilities,
- Input control: ensuring that it can be checked and detected at any time who entered which personal data into automated data processing systems,
- Restore: Ensure that backups can be restored from secure archives in the event of a fault,
- Reliability: Regular monitoring all the IT infrastructure functions of availability and reporting of malfunctions that occur,
- Data integrity: protection against damage to stored personal data due to system malfunctions,
- Order control: The guarantee of the processing of personal data, which are processed in the order, only in accordance with the instructions of the person responsible.
