Biometrics , Healthcare , Identity & Access Management
H-ISAC Guidance Offers a Step-by-Step Approach Doug Olenick (@DougOlenick) • May 22, 2020In response to the growing threat of identity-centric cyberattacks in healthcare, the Health Information Sharing and Analysis Center has published a framework for managing identity for the full work lifecycle of employees, practitioners, patients and business partners.
See Also: Getting Started with Zero Trust: Never trust, always verify
The white paper, H-ISAC Framework for CISOs to Manage Identity, lays out the groundwork for how to guard against common attacks on identity, lower risk and increase operational efficiencies.
Key steps, H-ISAC says, include creating identity directories and figuring out proper levels of authorization, authentication and access.
"The framework we've outlined is not a one-size fits-all approach, however," H-ISAC notes. "Depending on your organization's particular environment or uses cases, the framework components may be applied differently."
Keith Fricke, principal consultant at tw-Security, tells Information Security Media Group that an identity framework is a helpful way to teach correct procedures.
"Most organizations use one or more frameworks," Fricke says, although smaller facilities may lack the budget or staffing to implement the guidelines (see: NIST Issues Draft Guid ..
Support the originator by clicking the read the rest link below.
