Category

Articles

Apr 17
0

HITRUST Assessments: Relying on the work of others

By | Articles

HITRUST has been a trusted framework since it was founded in 2007. It was created to champion programs that safeguard sensitive information and manage information risk. Intraprise Health is one of the first certified HITRUST assessors and is 100% healthcare focused.  We know the importance of ensuring organizations are secure in the highly regulated healthcare arena. With two seats on the HITRUST Assessor Council and one on the Quality Assurance Subcommittee, we work closely with HITRUST to ensure your organization receives an assessment and reporting option that is ‘rely-able’ for all stakeholders.

HITRUST recently released updated guidance for placing reliance on the results of previously performed audits, assessments, and inspections. These policy and methodology updates create opportunities for greater assessment efficiency and customer cost savings.

Read More

Apr 07
0

Healthcare Payers: Scalability and Risk Management-Based Prioritization

By | Articles

April 2020

As healthcare payers surge to meet the increasing needs of their members and health system partners, their IT and security teams are gleaning some timely reminders that scalability and adoption of a risk management framework are critically important in times of crisis.

Scalability is a “muscle” that all security teams will need to strengthen throughout their enterprise security program because as the COVID-19 pandemic has shown we don’t know when or what aspect(s) of the program will be tested and to what degree. Scalability may not be as important during a one-time event, like a breach or malware attack – an organization can often address a specific issue head on. However, when there is sustained pressure or a fundamental shift that increases scope, it becomes critical that the organization have scalable processes and tools.

Read More

Apr 02
0

Focused Security Risk Assessments: Remote Work for Healthcare Organizations in the Age of COVID-19

By | Articles, Home Page Top, Home Page Recent

May 2020

As the reality of working from home sinks in, many remote workers and their employers are seeing the appeal fade quickly. We all know that remote work is not quite as simple as it sounds. Technical, operational, and communication challenges are quickly presenting themselves when workforce members overload remote access systems, can’t perform their duties, and don’t know the best channels for reporting their issues and incidents.

Are we prepared for the information security and cybersecurity challenges specific to this new paradigm: remote work in the age of COVID-19? Read More

Mar 20
0
cybersecurity resources for healthcare

Resources for Healthcare Organizations During COVID-19 Pandemic

By | Articles, Home Page Recent

As COVID-19 changes the way many healthcare organizations are operatingIntraprise Health has been compiling a list of resources that we think will be useful to your organization.  Our team of cybersecurity experts has been fielding questions from clients on many of these topics Links to resources such as securing your work from home force, to newly relaxed HIPAA privacy rules and guidance from the Department of Homeland Security are included. 

We hope you find this information useful and will continue to update this list as our team adds more resources.   Read More

Mar 03
0
Penetration Testing - why you need it

When Requesting a Penetration Test- Do You Know What to Ask For?

By | Articles

As we continue to rely on the interoperability of our computer systems in our everyday lives, we must remember this interconnectivity comes with a priceThe ability to access devices remotely over the internet has created a new world of ease and freedom which can be manipulated by malicious actorsIt’s quite eye-opening in its simplicityIf a device is exposed on the internet it has the possibility of being compromised   Read More

Sep 16
0

What You Need to Know About Split Tunneling

By | Articles

Today’s modern networks require flexibility to allow workers to work from multiple locations.  One of the most common methods to achieve remote network access is a Virtual Private Network (VPN).  VPN’s can come in all shapes and sizes, from hosted to on-premises, to in the cloud, and can be built to fit all needs.  However, one topic that is often overlooked is whether or not to allow VPN users to utilize split tunneling. Webopedia defines split tunneling as “The process of allowing a remote VPN user to access a public network, most commonly the Internet, at the same time that the user is allowed to access resources on the VPN.” The idea is a user has a tunnel to the corporate network to access any apps or shared drives through the VPN connection while still utilizing the local internet connection of the remote user for access to the web or local resources.
Read More

Aug 26
0

Intraprise Health Appointed to 2 Seats on HITRUST CSF Assessor Council

By | Articles

Council Members Provide Expertise on Various Security and Privacy Programs of Interest to Healthcare Industry

Intraprise Health is pleased to announce that Ryan Patrick and Melissa Hawkins have been appointed to the HITRUST CSF Assessor Council. In its second year, the HITRUST CSF Assessor Council includes members representing a broad range of experience in information security and privacy. Appointees work closely with HITRUST to ensure and evolve HITRUST’s integrity, effectiveness and efficiency. Read More

Jun 18
0

Zero Trust Architecture and the Future of Networking

By | Articles
By Joshua Perri

In today’s networks, having a strong defense at the perimeter-points is not sufficient to keep your data safe. The IT landscape moves very quickly and so do the threats that we face. Strong networks will implement additional defenses to protect the internal boundary points. These additional defenses will ideally vary in strength and type between segments, which house varying sensitivity levels of data. The Healthcare industry has been slowly adopting stricter network segmentation and role-based access throughout the entirety of its networks.

Have a question? Speak with one of our cybersecurity experts Read More

May 13
0

Tabletop Exercises: Unappreciated and Underutilized

By | Articles

Value for healthcare security – Not just a government planning tool

Government defense and response agencies from the Pentagon to FEMA, from state government to the EPA, have been conducting tabletop exercises (TTXs) for years. Why? In a word: they work. Cybersecurity attacks have been increasing in numbers and complexity against our government’s critical infrastructures and led to the development of cybersecurity exercises as a strategic way for an organization to test their detection and response actions, and as well as their response to information security threats and vulnerabilities in a real-time environment. Read More