As the healthcare industry continues to ride a bullet train to implement "bring you own device" (BYOD) initiatives, organizations are awash in security concerns to address mitigating security breaches. Blending mobile device management with network access control, the University of California, Irvine Medical Center has found an integrated approach to personal mobile device security.
Connecting mobile-device management software from AirWatch with network access control tools from Bradford Networks, the Orange, Calif.-based medical center provides secure, mobile access to its Allscripts' Mobile MD electronic medical record system to physicians. According to a recent InformationWeek Healthcare article, the team at UC Irvine Medical Center wrote a middleware piece sitting between AirWatch and Bradford's platforms. When a physician finishes the onboarding process with AirWatch, a message is sent though the middleware to the Bradford system stating the device is allowed on the network.
The device then reconnects to the network on "the proper VLAN, or 'the proper network that Bradford is going to put it on,'" according to the article. In turn, the VLAN allows access to other tools and applications on the network, including its EMR.
The integrated approach enables the medical center to prevent devices and users from joining its network unless the AirWatch app is installed and running. "With 100 percent visibility and control over every device and user on our network, we can define and enforce granular policies to manage risk and ensure compliance," Jeff Barnes, Information Security Office at UC Irvine Medical Center, said in a statement.
Indeed, hospitals are no stranger to mobile security concerns. BYOD provides administrators with a nuanced challenge to balance the control of physicians' personal devices and organizational security policies. With the healthcare market adoption of smartphones expected to be 68 percent by 2015, according to an article published in CMIO earlier this summer, and 85 percent of hospitals supporting BYOD, security officers will have to bring their "A" Game to manage in the influx of mobile devices entering their organization.
In the wake of UC Irvine Medical Center's deployment, Bradford this week unveiled the latest version of Network Access Control (NAC), Network Sentry 6.0. The application broadens its foundation for BYOD strategies via automation features and integration with security tools.
Changes to the tool include:
- EasyConnect for BYOD: Enables organizations to connect employee personal devices to corporate wireless networks. EasyConnect automatically sets device security configurations, encryption type and other BYOD security settings on the user's device;
- Identifying Unknown and Unregistered Devices: Correlates users to endpoint devices;
- Android Mobile Agent: In addition to iOS devices, Android mobile devices can be managed and validated before providing network access.
To learn more:
- read Bradford Networks' announcement on it's work with UC Medical Center
- read Bradford Network's announcement on Sentry 6.0
- learn more about Irvine Medical Center's approach from the InformationWeek Healthcare article
- check out CMIO's BYOD article