2015 has been one huge year of major security breaches in healthcare and it is by all estimations not to get better any time soon in 2016. Unless we look at security as a whole from the edge to the enterprise.

What is the plan?

The rationale is pretty straightforward as healthcare and the pharmaceutical industry are in the target sights of those that want the intellectual property and more valuable data.

In addition, healthcare information provides a more lucrative data set, than just credit card information. You can change your credit card data…but lot it is more difficult to change your healthcare data.

First…what is the problem? Passwords have to be complex and need to be managed.

The reality passwords tend to be simple, re-used, and the management of passwords can be a nightmare for any IT organization.

Since this is a challenge for the end user in day to day use ; “work arounds ” tend to occur.

Passwords are simplified, not changed as much, and log in and log out procedures just may not be followed.

Or passwords from work may be intermingled and stored with personal passwords in the cloud. It just makes life easier…but with a compromise….it seems.

To improve upon this from an enterprise level; two step authentication PINS and token management are often used.

Again this adds a level of “extra steps”, and when folks have to live in the real world and need to log in and log out…” work arounds appear”…clinicians just may not log out to save the extra time.

Utilizing a Common Access Card with Chip and Pin technology may improve the work flow in terms of not requiring passcodes…however this requires proprietary infrastructure such as chip and pin readers.

This approach is currently being used by the United States Military for authentication. Not all laptops or other mobile devices are equipped with chip and PIN and this could be a huge cost and infrastructure paradigm change for the healthcare domain.

Why not take advantage of mobility and secure technologies such as BTLE? (Bluetooth Low Energy) and incorporate this into a novel solution?

Any effective authentication strategy must address the full stream of security. That is am who I say I am? The use of multi-factor biometrics does seem to be a obvious solution.

Biometrics which include unique personal characteristics such as fingerprints, voice, iris, and facial features are it seems the keys to prove that person’s identity with a high degree of accuracy. However, we also need to understand that storing personal biometrics on a server lends to security risks also.

If we go back to the use of passcodes and the needed management of this just how secure are the passcodes used daily and how are they managed?

Moving forward it may make sense to store and access a healthcare user biometric ID from something very secure, not a mobile device or stored on an enterprise data server. The mobile device could be stolen or the enterprise data server could be hacked into. Not good if they got your biometric data.

It is ideal if the storage of this biometric data is highly secure in a portable format that would allow match on match biometric authentication.

Based upon the security requirements of the EMR, pharmacy, or medical device application, or employee biometric authentication could be potentially performed by this CAC (Common Access Card) by a trusted central server or combination of this CAC card and a trusted central server. A logical next generation rotating key token…but in your wallet!

An example an employee or clinician would approach a mobile device such as a laptop, I-Pad, or even a smart phone. The fingerprint reader when available would provide a biometric match on match via a wireless secure 256 bit AES connection to the Common Access Card (ID Card). In the absence of having a finger print reader, the camera of the device could simply take a picture and compare the Iris or Facial Biometrics, and to include voice of that which is stored on the secure CAC. The secure session would be protected by a temporary cryptographic key that is shared between that CAC card and the central server. Crytographic co-processors inherent in the CAC will accelerate symmetric cryptographic operations for supporting Public Key Infrastructure (PKI) based applications. This will ensure that the critical data exchanged cannot be intercepted.

This would then simply allow for secure authentication to the application without need for passcodes. In the case where passcodes are still required by the IT organization, this essentially could be a replacement for the traditional mobile “token” with rotating numbers.

One of the key values of this approach is to eliminate the need for passwords in any interaction between a clinician/user and any mobile device. This security authentication is achieved by the support of multi-factor biometric authentication of the clinician to the actual device.

Password Management

Although passwords may have been eliminated by this approach as a mechanism for the authentication of the clinician to the application, there may be still a need to store passcodes and ID information in a secure fashion. The suggested approach to using this CAC could secure passcodes and valuable ID data in a super secure fashion protected by AES 256 bit and FIPS 140-2 encyrption; but more so by personal biometrics of which includes multi-factor.

For some applications there could be the ability to potentially retrieve the user ID and password via the secure vault of the CAC and drop in the appropriate log in boxes for the clinician thus making the log in process more user friendly. This approach decreases the potential for work-arounds; as well drastically decreases the ability of any type of malware to capture passwords via embedded key stroke loggers.

On a strategic level, this CAC approach could be the platform for the healthcare enterprise to deploy a One-Time Password solution for a secure logon. One major advantage from a security standpoint is that the cyber criminal gains nothing in intercepting a passcode, as it is only used one time. Just like a Secure Token and other USB and Smart Card based security tokens, this CAC platform would produce one time passwords.

This CAC approach authenticates a clinician via biometric authentication before produces a OTP. This allows user authentication that involves a OTP produced by a CAC with the security of strength of true multi-factor authentication.

Role Based Access Control
The aforementioned could also serve as an effective strategy for role-based access. The CAC approach could allow healthcare IT administrators to assign certain roles for a user and then granting access to data and applications bases upon those specific roles.

This could be specified in a public key certificate that is assigned to the clinician. When the clinician accesses the application, the certificate is presented for verification. If someone trys to change the role based matrix, the digital signature that accompanies the credential will not be correctly verified and application verification will not be made.

Deactivation of access can be enforced via this CAC platform in a proactive and secure manner. In areas of clinical research or sensitive applications, where a user’s rights are required to be validated daily or weekly, this approach can validate whether the user’s current certificate that contains the access rights is valid or expired. If perhaps the certificate is expired, the CAC will demand a new certificate to be signed and issued. If no new certificate is presented or if the digital signature associated with the new certificate is not valid, then the CAC will issue an authentication failure.

Remote Enterprise and BYOD

The aforementioned approach and novel solution design can help the IT enterprise minimize security issues related to healthcare remote access and BYOD. This ultimately minimizes the number of devices that has to be managed. One CAC can be used to manage all the devices for that user. This lowers cost of resources, drives down risk, and improves efficiencies of use.