Abstract

Traditional networks are designed to be hard on the outside and soft on the inside. It is this soft inside which has made the traditional perimeter model laughable to attackers, who can easily breach a network and run away with the data without even having to deal with the hardened perimeter. The zero-trust security model, created by John Kindervag in 2010, addresses the security flaws of the traditional perimeter model and asserts that all network traffic on the inside should not be trusted by default. Other core principles of zero trust include verification and continuous monitoring of all communication, as well as encryption of all data in transit and data at rest, since the goal of zero trust is to focus on protecting data. Although the zero-trust model was created in 2010, with some of the associated security practices existing even before that, many healthcare organisations are still choosing to focus primarily on securing the perimeter instead of focusing on the vulnerabilities within them. The current COVID-19 pandemic which healthcare providers are struggling with further highlights the need for improvements to security within the network perimeter, as many healthcare providers and vaccine developers are still using vulnerable, outdated legacy systems which could become compromised and indirectly have a detrimental effect on patient care. Legacy systems which are technologically limited, as well as medical devices which cannot be controlled or managed by network administrators, create boundaries to transitioning to a zero-trust architecture. It is challenges like this that have been explored during the research phase of this project in order to gain a better understanding of how a health organisation can adopt zero-trust practices despite the limitations of their current architecture. From the information gathered during this research, a framework was developed to allow a health organisation to transition to a more secure architecture based on the concept of zero-trust. Aspects of the proposed framework were tested in Cisco Modelling Labs (CML), and the results were evaluated to ensure the validity of some of the recommendations laid out in the framework. The main objective of this research was to prove that if a host within the local area network (LAN) were to be compromised, the damage would be limited to that host and would not spread throughout the rest of the network. This was successful after the qualitative research performed in CML. One of the other takeaways from testing the framework in CML was that medical devices could be secured by placing firewalls directly in front of them. This placement of firewalls may seem like an unorthodox approach and was shown to increase latency, but the blocking of all unnecessary traffic on the rest of the network will result in a performance boost and should balance it out in a real-world application.

Highlights

  • The purpose of this study was to identify the greatest problems faced by healthcare organisations when attempting to adopt a zero-trust network architecture so that a framework could be developed to present practical solutions to these problems and aid the healthcare industry in securing their networks using zero-trust practices

  • The research conducted during this study shows that there is an abundance of general guidance for adopting a zero-trust network architecture but an absence of specific guidance tailored for healthcare organisations

  • This section discusses how the hypothetical network was built in Cisco Modelling Labs (CML), along with explanations of the zero-trust concepts that were implemented in order to create a hybrid model composed of the perimeter model and the zero-trust model

Read more

Summary

Introduction

The purpose of this study was to identify the greatest problems faced by healthcare organisations when attempting to adopt a zero-trust network architecture so that a framework could be developed to present practical solutions to these problems and aid the healthcare industry in securing their networks using zero-trust practices. This study was only focused on delving into the challenges associated with the technological implementation of zero trust in an attempt to develop solutions to these challenges. While there is an abundance of network simulation software available to be used to test zero-trust designs, these applications are limited in the fact that they are only simulations. Due to these limitations, care was taken during the analysis of the results collected from these simulations. The proposed solution is intended to be appropriate for a small- to medium-sized health organisation that wishes to implement a zero-trust architecture

Objectives
Methods
Results
Discussion
Conclusion
Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.