Data security for healthcare industry

Enterprise Security Solutions by

Data SecurityFOR THE HEALTHCARE INDUSTRY

1


INTRODUCTION

Technology has touched every aspect of ourlives, be it using Google Maps to get to a newplace or getting on a quick Skype call with afamily physician.

And amidst all the benefits that technologyhas delivered, lies our personally identifiableinformation (PII). While we have started tobecome cognizant about data security, stillmost of our information remains vulnerable tocybercriminals.

And one such information is

healthcare data and records.

2


HEALTHCARE

INFORMATION IS IN HIGH

DEMAND BY

CYBERCRIMINALS.THE REASON IS OBVIOUS.

These records include:- Home addresses

- Phone number

- Email IDs

- Insurance details

- Medical history

- Driver license details

- Emergency contacts

- Credit/debit card information, etc.

ONCE CAPTURED, THIS DATA CAN BE USED

TO LAUNCH SPEAR PHISHING SCAMS,

IDENTITY THEFT, & SOCIAL ENGINEERING

FRAUDS.

3


Cyberattacks on healthcare industry have increased by 125%since 2010.

100 million healthcare records were compromised in 2015.

In 2015, healthcare was the number one target for hackers.

According to Bloomberg Business, criminal acts against healthcare industry have

increased more than two times in the past five years.

DATA BREACHES

ARE COSTING

THE

HEALTHCARE

INDUSTRY

$6 BILLION ANNUALLY.

The loss mainly includes

FINES, PENALTIES, LAWSUITS, and

DATA RECOVERY COSTS.

88% of all ransomware is detected in the healthcare industry.

Sources:- www.solutionary.com

- Ponemon Institute

- IBM

- PwC

The estimated cost of a major healthcare breach is $200 per-patient

record

2015 has been dubbed as “THE YEAR OF THE

HEALTHCARE HACK”.

4


TOP 5

HEALTHCARE

SECURITY

THREATSIN

5


#1

Sources:PhishMe

RANSOMWAR

EA malicious program that

locks an infected computer or

encrypts data stored in it, and

then demands a ransom to

unlock the system or decrypt

the data.

93%of phishing

emails contain

ransomware. The Ponemon Institute

Unplanned

downtime caused by

ransomware at

healthcare

organizations may

cost an average of

$7,900 a minute,

per incident.

“

6


WannaCry

RANSOMWARE

TERROR OF

Known as the biggest ransomware attack in history

Infected 200,000 computers in 150 countries

Over 60 NHS (National Health Service) trusts targeted

Estimated loss caused to UK business - £100

million

Spreads without human interaction

Attack begun on 12th May 2017

7


How SEQRITE

Detected and blocked exploits which were used to spread

WannaCry Ransomware

Counteracted

WannaCry

Started detecting these exploits May 5 2017 onwards

Issued an immediate security advisory to inform users about

the countermeasures to take

1,275,878 exploits blocked

Setup an emergency hotline for our customers and other

users to reach us for assistance

8


#2INSIDER

SAn insider threat could be

a current or a former

employee who is

responsible for a security

breach in an organization.

While most of these

threats are malicious,

some of them are

unintentional.

INSIDER THREATS

ARE RESPONSIBLE

FOR 90% OF

SECURITY

INCIDENTS.

Sources:Verizon 2015 Data Breach Investigations Report

Malicious

Unintentional33%

67%- Co-worker

- Disgruntled employee

- Unauthorized physician

access

- Lost/stolen device

- Bad security hygiene

- Misuse of systems

9


#3HEALTH

INFORMATION IS

WORTH 10 TIMES

AS MUCH AS

CREDIT CARDS,

ON THE ONLINE

BLACK MARKET.

Sources:Verizon 2015 Data Breach Investigations Report

ADVANCE

DPERSISTE

NTTHREATS

(APT)A malicious campaign

where the attacker

breaches a network, stays

there, and keeps

gathering intelligence

about the target. Such

campaigns sometimes

can go undetected for

months or years.

Federal Bureau of Investigation

“Likelihood of an

APT Attack.

Study conducted by ISACA on respondents

from 17 industries in 2015 (including

Healthcare) | http://www.isaca.org

52%

22%

1%

25%

Likely

Very likelyNot very

likely

Not at all likely

10


#4

Sources:Bitglasst

MOBILEDEVICESHealthcare providers are

increasingly using mobile

devices for services such

as submitting patient

data, submitting bills,

scheduling appointments,

exchanging diagnosis

details, etc. This means,

tons of patient data get

accessed everyday.

LOST/STOLEN

MOBILE DEVICE ARE

ONE OF THE

LEADING CAUSES OF

HEALTHCARE DATA

BREACH.Office for Civil Rights (OCR)

68%of healthcare security

breaches were due to

lost/stolen mobile devices.

11


EMPLOYEE

While cyberattacks are the leading

cause of data breaches in

healthcare, negligent employees

have a major role to play in several

security incidents that occur.

NEGLIGENCE

Responding to

phishing emailsUsing infected USB

drives

Clicking on

malicious ads

#5

TCS Healthcare Technologies

COMMON

EMPLOYEE

MISTAKES THAT

CAUSE DATA

BREACHES

Visiting

infected

websites

91%of data breaches

start with a

phishing attack. “

12


Helps mitigate all such security threats in healthcare with its range of

Dynamic, Scalable, and Future Ready solutions:

SEQRITE Endpoint Security

SEQRITE Unified Threat Management Solution (TERMINATOR)

SEQRITE Mobile Device Management

SEQRITE Data Loss Prevention

13


Endpoint Security FEATURES

PATCH MANAGEMENT

Enables IT administrators to check and

install missing security patches for all

applications installed on enterprise endpoints

from a centrally managed console.

WEB SECURITY

Automatically blocks websites infected with

malware or designed for phishing attacks.

APPLICATION CONTROL

Categories of applications can be authorized or

unauthorized from being executed within the

network.

DATA BACKUP AND RESTORE TOOL

Automatically and periodically (multiple times

a day), takes a backup of all important and

well-known file formats like PDF and Microsoft

Office files that are present on a computer.

RISKS MITIGATED

RANSOMWARE ATTACKS

INSIDER THREATS

CORE PROTECTION (IDS/IPS & FIREWALL)

IDS/IPS blocks threats that exploit software

vulnerabilities and Firewall thwarts malicious

attempts to access the corporate network.

BEHAVIOR DETECTION

Detects and blocks unknown viruses and

malware in real-time.

INFECTED WEBSITES

PHISHING ATTACKSINFECTED EXTERNAL DEVICES

SECURITY VULNERABILITIES

14


Data Loss Prevention

ADVANCED DEVICE CONTROL

- Configure access policies for more than 25 device

- Blocks unverified devices.

- Prevents autorun infections.

ENHANCED PRIVACY PROTECTION & COMPLIANCE

- Identifies Office documents based on their origin.

- Prevents data leakage propagated by worms, Trojans,

and other malware threats.

- Issues regular notifications to reinforce user behavior

on data security.

LOWER COMPLEXITY & COST OF DEPLOYMENT

- Easy integration with existing Seqrite EPS.

- Defines DLP security polices and reports across multiple

endpoints in scattered locations.

- Centralized management and monitoring of crucial business

data.

CONTENT AWARE PROTECTION

- Monitors all actions on confidential files.

- Instantly notifies admins about unauthorized data leakage.

- Ensures that no confidential data leaves the organization.

- Targeted Attacks

- Human Error

- Bluetooth

- USB Drives

- Web Email

- Cloud Storage

DATA LEAKAGE caused by:

RISKS MITIGATED

FEATURES

15


TERMINATOR

GATEWAY ANTIVIRUS

Scans all incoming and outgoing network traffic

at the gateway level. Augments existing virus

solutions by reducing the window of

(WoV).

FIREWALL

Admins can permit or block access for traffic

between internal and external networks

based on enterprise compliance policies.

VIRTUAL PRIVATE NETWORK

Provides IT administrators with a means for

secure communications between the

company's remote users and for building site-to-

site connections.

IDS / IPS

Scrutinizes network traffic in real-time and

prevents a broad range of DoS and DDoS

attacks before they penetrate the network.

DoS & DDoS ATTACKS

INTERNET DOWNTIME

GATEWAY MAIL PROTECTION

Scans incoming/outgoing emails or attachments

at the gateway level to block spam and phishing

emails before they enter the network.

CONTENT FILTERING

Allows blocking of non-business related websites

including streaming media sites, downloads,

instant messaging, etc., in order to reduce

unnecessary load on enterprise bandwidth.

MALICIOUS INTERNET TRAFFIC

MALICIOUS EMAILSMAN-in-the-MIDDLE ATTACKS

ADVANCED PERSISTENT THREATS

FEATURES

RISKS MITIGATED

16


MDM

APPLICATION CONTROL

Apps can be remotely managed/ installed/

blocked in order to maintain policy compliance

and productivity within the network.

VIRTUAL FENCING

Preset virtual boundaries that restrict device

usage and functionality. These boundaries can

be triggered by geolocation-based, time-based

or Wi-Fi network-based data.

UNIFIED MANAGEMENT CONSOLE

Manage and synchronize all connected devices

through a centralized graphical interface.

NETWORK DATA MONITORING

Admins can view details of Internet data used

over mobile networks or Wi-Fi. They can also

monitor all incoming and outgoing calls and

SMSs on enterprise mobile devices.

DATA THEFT FROM LOST/

STOLEN MOBILE PHONES

ANTI-THEFT

Prevents misuse of lost/stolen mobile phones by

remotely tracking and locking them. Also prevents

data breach by remotely erasing the phone’s data.

INTERNET THREATS

JAILBREAKING/ ROOTING

OF MOBILE DEVICES

MALICIOUS MOBILE APPS

SECURITY MANAGEMENT

Features such as browsing protection, web

filtering, anti-theft, and geolocation tracking

ensure the safety of enterprise devices.

MOBILE MALWARE

BAD SECURITY HYGIENE

FEATURES

RISKS MITIGATED

17

Enterprise Security Solutions by 18

COMPANY OVERVIEWQUICKHEAL Journey

• Company renamed as Quick Heal

Technologies Pvt. Ltd. from CAT

Computer Services Pvt. Ltd.

• Quick Heal sets up Technical Support

Centre at Nashik

2006 - 2007

• Quick Heal starts Radio Campaign

• Quick Heal starts its first branch in Nashik

2002 - 2004

• Private Equity Investment firm Sequoia

Capital, invests in Quick Heal

• Quick Heal recognized by CRN India as

No.1 Channel Champion

2009 - 2010

• Quick Heal becomes Microsoft’s certified partner

• Quick Heal hosts AAVAR International Security

Conference in India

2008

• Incorporates Quick Heal in Kenya

• Incorporates Quick Heal in Japan

• Quick Heal acquires SurfCanister Sandbox

technology from Apurva Technologies, India

2011

• Launches Quick Heal Mobile

Security

• Launches Quick Heal Endpoint

Security

• Quick Heal acquires behavior

based technologies from Nova

Shield Inc. UK

• Incorporates Quick Heal in Dubai

• ISO 9000

2012 - 2013

• Launches MDM (Mobile Device

Management)

• Launches Terminator (UTM) gateway

security appliances

• Launches free mobile security for Android

• Quick Heal invests in Wegilant Net

Solutions Pvt. Ltd, India

2014

• Launches Seqrite a brand encompassing security

products for Business Enterprise customers

• Quick Heal invests in ‘Smartalyse Technologies

Pvt. Ltd., India’

• Launches Quick Heal Gadget Securance for Mobile

security + insurance

• Launches Fonetastic for Mobile security

2015

• Incorporation as ‘CAT Computer

Services Pvt. Ltd.’

• Launch of ‘Quick Heal’ DOS version

• Launch of ‘Quick Heal’ Windows

version

1995 - 1998

• Listing on BSE and

NSE exchanges

• ISO 27001

• ISO 20000

• Launches ‘Seqrite

Services’ and

‘Quick Heal

Academy’

20162017• QH Academy

signs MoU with

Pune University,

GFSU and

Chitkara

University, Punjab

• Deploys Dell EMC

XtremoIO Platform

• Collaborates with

CERT-In for

‘Cyber Swachhta

Kendra’


Head Office & R&D CenterPune

Quick Heal –

63 offices & warehouses

across 35 cities in India

COMPANY OVERVIEWEXTENSIVE REACH & PRESENCE

INDIA (HO)Quick Heal Technologies

Ltd.

JAPANQuick Heal Japan KK.

UAEQuick Heal Technologies

(MENA) FZE

KENYAQuick Heal Technologies

Africa Ltd.

USAQuick Heal Technologies

America Inc.


COMPANY OVERVIEWStrong Brand Recognition and Recall

24.5 m+Product Licenses Installed

7.3 m+Active Licenses across more

than 80 countries

2.0x GrowthIn Active Licenses

30% +Retail Market Share in India

Preferred Choice of

IT technicians for PC

Virus Cleaning


THANK

YOU

Protecting your business from

today’s attacks and

tomorrow’s threats.

21


THANK YOU