The Future of Data Security Requires Preparing Today for Tomorrow’s Disaster
Data security and disaster recovery are two hot topics in the IT industry, but they are traditionally viewed as separate issues and approached from different perspectives. Physical and logical data securities are top-of-mind for CIOs concerned with potential data security breaches and identity theft. Meanwhile, disaster recovery planning is typically a reactive consideration. It’s time for a paradigm shift in this thinking. The bottom line is data security and disaster recovery (DR) planning are inextricably linked and should be planned and implemented proactively and concurrently.
Between identifying theft by hackers, aging IT infrastructure and more extreme weather due to climate change, healthcare IT professionals are faced with more potential security risks and loss of data than ever before. The recent security breach at Anthem, estimated to impact up to 80 million Americans, is a prime example of the damage caused by targeted hacking, while 2012’s Hurricane Sandy and the recent record-breaking snow storms exemplify how inclement weather can put IT infrastructure at risk of power outages and other damage.
Given the stringent regulatory compliance requirements for personal healthcare information (PHI), implementing a comprehensive DR plan is an industry standard best practice and should be considered a security measure.
In a recent report by MeriTalk, 82% of healthcare IT executives who responded to a survey underwritten by EMC Corporation indicated that their organizations are not prepared for the unexpected. The connection between information security and disaster recovery is undeniable, but IT professionals at healthcare organizations of all sizes – from small practices to statewide hospital systems - typically must overcome four perceived barriers in the process of virtualizing their IT environments to ensure the safety and availability of information.
Four Perceived Barriers:
Perceived Security Barrier #1: “I don’t need additional security services because I already have firewalls.”
Reality: Your firewall is a critical part of your security solution but harmful traffic can penetrate a firewall. Additional security protection can analyze traffic over time to detect threats that your firewall may not stop and helps you update firewall settings for better security.
Perceived Security Barrier #2: “I don’t have the expert security staff to manage and maintain these products.”
Reality: You don’t need the expertise in-house as there are services that offer 24x7x365 coverage from top security experts.
Perceived Barrier #3: “My existing IT infrastructure is built on legacy systems that don’t run the same applications.”
Reality: The best disaster recovery solutions are designed to meet the needs of hybrid network infrastructures, providing replication and recovery between different storage and server technologies, ultimately extending the life of older assets.
Perceived Barrier #4: “We already have redundant data center sites, one of which is just for storage, so we should be fine.”
Reality: When it comes to business continuity, not all businesses have the same DR needs.
Effective business continuity and disaster recovery requires more than site redundancy; it requires geographically diverse sites to ensure that they can’t be knocked out by the same event
With less than 20% of today’s healthcare IT executives feeling that they are prepared for disasters – it’s time for a change. HIMSS15 will offer a multitude of educational opportunities to learn how to be better prepared for disaster-related security issues. Be sure to put it on your attendee checklist.