How Can SD-WAN Augment your Compliance Posture?


Healthcare WANs have grown much more complex over the last decade. For starters, electronic health records (EHRs) were in use by 22 percent or fewer hospitals in every state in 2008, according to the Office of the National Coordinator for Health Information Technology. By 2015, adoption rates were above 65 percent in all states.

This surge in EHR uptake use has been accompanied by greater overall investment in cloud computing services, which help providers and health plans handle growing amounts of data. A 2017 HIMSS Analytics survey found that organizations were increasingly turning to IaaS to help with disaster recovery and backup.

As a result, many healthcare firms oversee hybrid environments, with significant assets on-premises and in the cloud. This complexity can raise the risk of legal exposure and also complicate regulatory compliance. Fortunately, the advancements in SD-WAN technology help address such transitional challenges.

How SD-WAN Fits into a Modern Compliance Strategy

While multiple additional security solutions and processes are necessary for full compliance, modern SD-WAN platforms can play an important part in mitigating the risk of regulatory violations. They help reduce the likelihood of issues at remote or branch office (ROBO) sites and also simplify security infrastructure.

SD-WAN and Healthcare ROBOs

There are already millions of mobile workers in healthcare, in positions such as home health worker and mobile blood drive operator. Plus, countless others operate in environments with limited IT infrastructure, such as independent physician practices or rare-disease specialists connecting via telepresence.

Many of these professionals must connect to a different network in each location and still transmit sensitive information back to data centers. At the same time, they often store some data locally on laptops and phones for quicker access, creating the risk of those devices being lost or stolen.

SD-WAN for Simpler Security Infrastructure

Though the Payment Card Industry Data Security Standards (or PCI DSS) applies to every merchant who accepts payment cards, many organizations, especially hospitals that process credit card transactions for outpatient services, lack a comprehensive understanding of what PCI is or how it’s enforced. Unfortunately, this puts these organizations at a serious disadvantage when it comes time to making decisions around PCI compliance. Two common PCI compliance misconceptions are:

1. Fiction: Infrastructure products such as servers, storage arrays, network switches, routers and SD-WAN appliances can suffice by being branded “PCI-compliant”:
Fact: These devices cannot be “PCI compliant.” Instead, their software must be designed with appropriate security measures and safeguards that follow the requirements set forth by PCI DSS in order to assist a merchant in maintaining PCI compliance.

2. Fiction: PCI compliance applies only to cardholder data stored in a data center on servers or in databases:
Fact: Cardholder data must be protected end-to-end throughout the transaction, even while data are traversing the WAN.

The Talari Failsafe SD-WAN Advantage

A Talari SD-WAN solution allows organizations to deliver a cost-effective, highly resilient business-class WAN over any infrastructure including leased line, MPLS or Internet. A key component of this solution is its ability to mitigate against WAN impediments such as loss and jitter to deliver a best-in-class SD-WAN for business-critical applications. Security is a fundamental core component, which builds on the foundation of secure, encrypted tunnels between every endpoint. While this secure overlay model protects cardholder data as they are transmitted across the WAN, it is only one of the many security measures required for an enterprise to adhere and comply to the provisions specified by PCI DSS.

Beyond securing data as it is transmitted over the WAN, a Talari SD-WAN security architecture encompasses the management plane as well by explicitly segregating all management and network traffic. This enables organizations to use known hardened applications to protect the appliance’s management and configuration features. This division also means that the SD-WAN data path cannot be compromised through management applications with known or unknown exploits or standard probing techniques as the data path is not required to monitor, respond to or forward management application traffic. Finally, Talari can easily integrate with 3rd party solutions, such as Zscaler’s Cloud Security and Palo Alto Networks’ similar platform, to introduce incremental services designed to prevent data loss and stop data exfiltration.

To learn more about failsafe SD-WAN options in healthcare, set up a demo today or click the banner below.

Categories: Uncategorized