Securing your Network (Part III): Endpoint Protection Systems
What is Endpoint Protection?
Endpoint protection refers to the process of protecting a business network by securing the various endpoints connected to the network. An endpoint is a device that connects to your internal network such as a laptop, smartphone, tablet, or a server in a data center.
What is the Difference Between Endpoint Protection and Anti-virus?
To put it simply, anti-virus is one of the many components of endpoint protection. Anti-virus software is meant to protect a device whereas endpoint protection secures an entire network. Endpoint security software is installed on network servers, allowing an organization to secure the whole network, without the need for installing the software on individual devices.
Common features of endpoint security software include:
- Data loss prevention detects and monitors sensitive information ensuring that unauthorized users do not have access. In the event of a data breach, data is protected from theft or loss.
- Disk, endpoint, and email encryption is the process of protecting your data from theft or corruption by making data illegible.
- Network access control restricts which devices are allowed to connect to a network.
- Endpoint detection and response monitors and responds to security threats.
- Insider threat protection prevents internal threats to a network by those who have inside information such as employees or former employees.
- Application whitelisting or control is a system that determines which software applications are accessible from a network. Applications that are deemed harmful will not be accessible.
- Data classification identifies important information to make it easy to retrieve and use.
- Privileged user control is a user authorized to access features that other users cannot such as security functions.
The most essential features of an effective endpoint security software are application control and endpoint encryption. These features prevent unauthorized users from accessing data. While endpoint encryption hides sensitive data, application control prevents employees from downloading malicious applications that could give unauthorized users access to a network.
Why is Endpoint Protection Important?
Failure to have endpoint protection systems in place can be detrimental to a behavioral health practice. Healthcare ransomware attacks have increased by 34% in the past few months; a ransomware attack occurs when an unauthorized party accesses a network and corrupts data, demanding payment for the return of the data.
In a recent ransomware attack, hackers accessed the medical records of Brookside ENT and encrypted their patient files. The practice’s doctors decided not to pay the ransom; as a result, the hackers deleted all of the patients’ records. The deleted files included patient contact information, appointment dates/times, and medical history.
Since the doctors were unable to contact patients and view appointments, they were forced to sit in their offices and wait for patients to show up. In addition, their standard of care decreased significantly as patients were unable to receive follow-up care.
Brookside ENT has since had to close their practice, if they had endpoint protection measures in place, they could have avoided the ransomware attack.
This is Part III of the XI-part blog series. You can also read Parts I and II below:
Behavioral health practices handle protected health information (PHI) regularly, and as such, must take precautions to safeguard the sensitive information. The Department of Health and Human Services (HHS) recommends ten practices that anyone handling PHI needs to implement, the second of which is endpoint protection systems. (Each one of these XI HIPAA outlined practices will be examined in its own article, labeled Part I-XI for your convenience. This current article is Part III of that XI-part series.)
- Phishing Emails and Why Encryption Software is Warranted
- Using Clinical Email (Part II): Secured Email Protection Systems