MANAGING EXTERNAL THREATS: DATA SURVEILLANCE

To meet compliance requirements, healthcare organizations are conducting external network testing activities. This typically consists of attempting to access or electronically transgress external firewalls, routers and any such network perimeter devices protecting the business infrastructure. Key areas that are typically tested within the scope of managing external threats include:

Map and Identify Network : This testing process involves the use of public repositories such as ARIN to identify network blocks which belong to your organization. The output of this testing is an identified list of the network block(s) that is used for verification of ownership.

Scan the Active Devices for Vulnerabilities : Activities focus on scanning devices provided for potential vulnerabilities. Typically, this includes a test all TCP and UDP services:

1. All common services, such as FTP, Telnet, Sendmail, DNS, SMTP, SNMP, etc.
2. All 65,535 TCP ports, and the most commonly used and exploited UDP ports.

   Sophisticated techniques such as packet fragmenting and loose-source routing are also used in an attempt to bypass filtering routers and firewalls.

Manual Validation of Identified Findings: Activities focus on performing manual validation against the findings identified during Stage 2. Additional testing may be performed to validate whether a finding exists. The goal of Stage3 is to reduce and/or eliminate the number of false positive findings.

Exploit Vulnerabilities to Gain Privileged Access: The goal of Stage 4 is to demonstrate the consequences of vulnerabilities if exploited by an adversary.

Throughout the external vulnerability assessment, organizations need to:

• Probe points of entry to identify system information or access parameters.
  Attempt to identify holes through low intensity passive penetration probes.
  Attempt to identify holes through medium intensity passive penetration probes.
  • Analyze risky penetration tests offline.
  • Evaluate results.
  • Report results and recommended solutions.

To learn more about the methodology used by ecfirst for conducting a comprehensive external and internal vulnerability assessment, you can schedule time with compliance and security expert Ali Pabrai, CISSP, CSCS. Contact Nazeela.Shokrai@ecfirst.com to schedule a conference call to review your compliance and security priorities and what others like you may be doing in the healthcare industry.

ATTEND THE CERTIFIED SECURITY COMPLIANCE SPECIALIST (CSCS) PROGRAM IN NEWPORT BEACH, CA ON MAY 14-15, 2008

To attend the only certification program in the industry that addresses PCI DSS, ISO, HIPAA, FISMA, and other information security regulations, please visit the web-site, www.ecfirst.com , and click on the CSCS Program.

For more information visit www.aha-solutions.org , contact Lorna Waggoner at 1.877.899.9974 x17 or visit www.HIPAAAcademy.net

HIPAA Tip

COMPLIMENTARY 2-DAY CERTIFIED SECURITY COMPLIANCE SPECIALIST (CSCS) PROGRAM DELIVERED AT YOUR SITE

The CSCS Program is the first and only certification program that describes core requirements of all major information security standards and regulations including PCI DSS, HIPAA, ISO 27002 (17799:2005) as well as FISMA. Hundreds of client testimonials are at www.ecfirst.com . For a complimentary 2-day Certified Security Compliance Specialist (CSCS) program delivered at your site, please contact Lorna Waggoner at 1.877.899.9974 x17 or visit www.ecfirst.com . Only qualified organizations will be considered. Session will be confirmed after review by ecfirst.  Certain terms and conditions apply. 

COMPLIMENTARY 2-DAY CERTIFIED SECURITY COMPLIANCE SPECIALIST (CSCS) PROGRAM DELIVERED AT YOUR SITE

For a complete set of multimedia compliance and HIPAA computer-based courseware, please visit www.ecfirst.com . ecfirst’s courseware uses video scenarios, audio, text and interactive exercises to present compliance topics in an engaging and interesting format.  ecfirst courseware offers easy, flexible deployment while still maintaining high-quality multimedia content. To discuss your e-learning training requirements, please contact Lorna.Waggoner@ecfirst.com or call her at 1.877.899.9974 x17.