Security vs Compliance in Healthcare
Offered By: YouTube
Course Description
Overview
Explore the critical distinction between security and compliance in healthcare IT during this 47-minute conference talk from the Central Ohio InfoSec Summit 2016. Delve into common attack vectors, risks associated with shared accounts and kiosk systems, and the potential consequences of unsecured medical environments. Learn about various authentication options, including smart cards and managed PKI providers, and discover essential security measures such as application whitelisting, removable media restrictions, and internet communication controls. Gain insights into emerging trends like VDI (Virtual Desktop Infrastructure) and their impact on healthcare security. Walk away with a deeper understanding of how to balance regulatory compliance with robust security practices in the healthcare sector.
Syllabus
Intro
Disclaimer
Background
The session is not secure
Plenty of time
Attack vectors
What can someone do with alone time?
Why would someone do that?
Kiosk accounts are everywhere
Risky business
Shared accounts provide no accountability
Current authentication options
Contact smart cards/CIV Cards
Managed PKI providers
Restrict removable media
Application Whitelisting
Restrict internet communications
Other critical controls
The new big trend: VDI
Conclusion
References
Related Courses
Citrix Virtual Apps and Desktops (CVAD): Explore Advanced ManagementPluralsight Windows Server 2016: Active Directory Certificate Services
LinkedIn Learning Hardware Authentication Tokens - Nate Graff
White Hat Cal Poly via YouTube Authz is the New Authn - Trust Elevation with UMA and OpenID Connect
LASCON via YouTube From Workstation to Domain Admin - Why Secure Administration Isn't Secure and How to Fix It
WEareTROOPERS via YouTube