You’ve seen this act before. A famous street magician stops an unexpecting passerby and asks the individual to participate in a magic trick. The magician places a playing card in each of the participant’s hands. He grabs the participant’s wrists and waves it back and forth—promising that the cards will switch from one hand to the other. However, nothing happens. Moments later, to the surprise of this individual, the magician pulls out of his pocket, a wristwatch he had stealthily taken from the unsuspecting participant.
Much like this individual, healthcare provider organizations may not know their systems and applications have been breached and that data has been stolen. In fact, a recent article suggested the healthcare industry holds the second highest number of days to discover a breach; second to the entertainment industry. Even worse, breaches are often identified only when the stolen data is discovered for sale on the darknet rather than through their own detection.
For these reasons, it is essential that healthcare providers leverage identity governance to determine and control three critical elements of any effective cybersecurity strategy:
• Who has access to health data
•Who should have access to health data
•How is that access being used
This basic yet profound concept enables organizations to confidently and securely determine information access rights for digital identities throughout their health system. That said, healthcare is ever evolving. Its user population remains dynamic and diverse. The number of access points is growing. The care continuum is expanding and collaboration is increasing. These and other challenges continue to add layers of complexity to an already complex environment.
Identity Evolves with Artificial Intelligence
To help address these issues, identity platforms are evolving to incorporate artificial intelligence/machine learning techniques, allowing healthcare provider organizations to ingest vast amounts of identity data and combine it with real-time activity to provide contextual insights. This gives IT administrators and data owners much deeper visibility and insight into who is interacting with what applications and data files, and how these interactions are taking place. The information can then be synthesized to address risky and anomalous behavior, even before a breach occurs.
Furthermore, deploying ‘intelligent identity’ can drive efficiencies and reduce the workload of already overworked IT and security teams. For instance, because ‘intelligent’ identity provides deeper insights regarding users, data owners and IT administrators can make more effective decision in review processes and reduce certification/approval fatigue.
To better understand how identity is evolving into an intelligent platform to increase efficiency and reduce risk, join SailPoint for a live presentation during the HIMSS 19 annual conference, on Wednesday, February 13th at 4:45 pm – 5:05 pm at Theatre B in the Cybersecurity Pavilion. Or book a private visit while at HIMSS.