Nov 22, 2017
Healthcare organizations haven’t always provided their Information Technology (IT) infrastructure, mainly their networks, with the necessary attention to ensure optimal performance and network cybersecurity. The issue is the lack of focus on one instrumental component: network maintenance. Network maintenance involves proactively managing and overseeing your organization’s network to prevent issues. It encompasses testing, troubleshooting, monitoring, asset management, documentation, backups, operating system updates, patching, and lifecycle replacement. This process aims to ensure smooth network operations and prevent potential problems before they arise. Network management are foundational aspects of cybersecurity. Unfortunately, they often come under the ‘set it and forget it’ management path with limited resources.
Organizations should consider and evaluate their security devices and assess improvements to elevate their cybersecurity posture. Additionally, network management that includes ongoing maintenance needs to be part of the organization’s daily cybersecurity operations and reviewed before adding new devices such as intrusion detection and prevention systems (IDS/IPS) and the like. It isn’t that the capabilities or benefits of incorporating devices such as an IDS or IPS aren’t necessary; rather, the fundamental problem is that ongoing oversight is necessary to maximize your infrastructure investment and ensure the health of your cybersecurity controls. Suppose network maintenance isn’t properly performed on devices currently in the environment—what is most likely to happen when new equipment and technologies are introduced? They will likely fall to the same neglect or, worse, become an attack vector due to delayed vulnerability management, a big part of network maintenance.
Let’s consider this in a context critical to every organization’s operations: money. A healthcare organization purchases firewalls for its main hospital data center. However, they connect to an older core switch with an uptime of 4 years. It has not been restarted or turned off in over four years. This uptime also lets the network administrator know that the operating system (OS) has not been updated in 4 years. The new firewalls are installed, and everything seems to be running as expected. It is decided that a small configuration change needs to be implemented in the core switch. The change is made, and the core switch, which provides connections to all aspects of the data center, locks up, preventing data from flowing as intended. The administrator first troubleshoots to see if it is just the connection, realizes it’s the switch, makes their way to the data center, locates the device, must power cycle it and then waits for it to come fully online.
To make matters worse, there is no redundancy. So, a failover to an adjacent switch is not feasible. It takes 30 minutes from the time the switch froze to it coming back online and becoming fully operational.
If this occurs during the hospital’s main service hours, that is, 30 minutes, during which the hospital cannot take new patients or create appointments and must delay patient care. Each minute of downtime to a hospital averages approximately $7,900 in lost revenue, that’s $237,000. Incorporating and conducting preventative maintenance could have reduced or even eliminated this cost.
The failure of a core switch that costs hundreds of thousands of dollars to a hospital is a valid risk and a risk that arises when proper management has lapsed.
Posted in: