As the traditional borders between physical and virtual worlds disappear, it presents greater opportunity along with increased risk. Organizations need to form a strategy to improve security by establishing trust across their entire ecosystem of devices, services and people. Leveraging existing standards to achieve interoperability along with platforms that will be simple to manage and scale across lines of business for reuse without reinvestment will be critical. 10 Pages
It is becoming increasingly common for healthcare provider settings to leverage their existing physical access ID cards to transition from passwords to strong authentication. This paper will explore the reasons driving organizations toward this direction, but more importantly will discuss the positive and negative attributes from a security standpoint. Core to this paper will be to look at (and explain) the technical and policy aspects in the context of comparing the new system to the pre-existing password management program and endeavor to add clarity as to how both impact organizations capability to protect PHI. Also to be covered are some common objections and assumptions. 5 Pages
This white paper tackles the complex business and operational challenges that the U.S. healthcare industry faces and details where (and how) identity and security are mandatory elements to solving them. It takes a broad view of the systemic issues across various stakeholders, from fraud to quality of care and operational inefficiencies. Included in the discussion are ideas for remediation, deployment models, and best practices in implementing strong identity programs that unify data, transactions, records, policies, treatment, and people that will contribute toward moving the industry past its current systemic limitations. 15 Pages.
All too commonly, a smart card project starts by someone receiving a request to go get some “smarter” cards. Reacting to this approach leads to almost certain failure. This is a short document that was built for an ISC West 2013 education session as a handout to assist attendees in better understanding their core internal requirements in efforts of avoiding early common pitfalls before they go down any one path. The document is certainly abbreviated, and there is much more to conducting a smart card project, but it should serve as a tool to help organize initial chaos, formulate initial requirements, and gain interdepartmental consensus.