iiTechnical Volume 2: Cybersecurity Practices for Medium and Large Healthcare Organizations |
3.L.D: Single Sign-On (SSO) .............................................................................................................................................................................45
Key Migated Threats ............................................................................................................................................................................................ 45
Suggested Metrics ....................................................................................................................................................................................................45
Cybersecurity Practice #4: Data Protection and Loss Prevention 46
Sub-Pracces for Medium-Sized Organizaons .................................................................................................................................47
4.M.A: Classication of Data..........................................................................................................................................................................47
4.M.B: Data Use Procedures
..........................................................................................................................................................................48
4.M.C: Data Security ............................................................................................................................................................................................49
4.M.D: Backup Strategies ................................................................................................................................................................................. 50
4.M.E: Data Loss Prevention (DLP)............................................................................................................................................................52
Sub-Pracces for Large Organizaons
.......................................................................................................................................................54
4.L.A: Advanced Data Loss Prevention ................................................................................................................................................... 54
4.L.B: Mapping Data Flows .............................................................................................................................................................................55
Key Migated Threats ............................................................................................................................................................................................ 56
Suggested Metrics ....................................................................................................................................................................................................57
Cybersecurity Practice #5: IT Asset Management 58
Sub-Pracces for Medium-Sized Organizaons .................................................................................................................................58
5.M.A: Inventory of Endpoints and Servers ......................................................................................................................................... 58
5.M.B: Procurement.............................................................................................................................................................................................60
5.M.C: Secure Storage for Inactive Devices.........................................................................................................................................60
5.M.D: Decommissioning Assets
.................................................................................................................................................................61
Sub-Pracces for Large Organizaons .......................................................................................................................................................61
5.L.A: Automated Discovery and Maintenance ................................................................................................................................61
5.L.B: Integration with Network Access Control .............................................................................................................................62
Key Migated Threats ............................................................................................................................................................................................ 62
Suggested Metrics ....................................................................................................................................................................................................62
Cybersecurity Practice #6: Network Management 63
Sub-Pracces for Medium-Sized Organizaons .................................................................................................................................63
6.M.A: Network Proles and Firewalls ...................................................................................................................................................63
6.M.B: Network Segmentation .....................................................................................................................................................................64
6.M.C: Intrusion Prevention Systems ......................................................................................................................................................66
6.M.D: Web Proxy Protection ....................................................................................................................................................................... 67
6.M.E: Physical Security of Network Devices ....................................................................................................................................68
Sub-Pracces for Large Organizaons .......................................................................................................................................................68
6.L.A: Additional Network Segmentation ............................................................................................................................................. 68
6.L.B: Network Analytics and Blocking ...................................................................................................................................................69
6.L.C: Network Access Control (NAC) ....................................................................................................................................................70
Key Migated Threats ............................................................................................................................................................................................ 71
Suggested Metrics ....................................................................................................................................................................................................71
Cybersecurity Practice #7: Vulnerability Management 72
Sub-Pracces for Medium-Sized Organizaons .................................................................................................................................72
7.M.A: Host/Server-Based Scanning ........................................................................................................................................................ 72
7.M.B: Web Application Scanning ..............................................................................................................................................................73
7.M.C: System Placement and Data Classication .........................................................................................................................73
7.M.D: Patch Management, Conguration Management ..........................................................................................................74