uday o ali pabrai cissp chss chief executive hipaa academy n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Uday O. Ali Pabrai, CISSP, CHSS Chief executive, HIPAA Academy PowerPoint Presentation
Download Presentation
Uday O. Ali Pabrai, CISSP, CHSS Chief executive, HIPAA Academy

Loading in 2 Seconds...

play fullscreen
1 / 8

Uday O. Ali Pabrai, CISSP, CHSS Chief executive, HIPAA Academy - PowerPoint PPT Presentation


  • 106 Views
  • Uploaded on

Health care & HIPAA Security Remediation. Uday O. Ali Pabrai, CISSP, CHSS Chief executive, HIPAA Academy. Security Challenges . Password management Malicious software Wireless proliferation Contingency planning Auditing. Remediate. Launch Activities

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Uday O. Ali Pabrai, CISSP, CHSS Chief executive, HIPAA Academy' - wiley


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
uday o ali pabrai cissp chss chief executive hipaa academy

Health care & HIPAA Security Remediation

Uday O. Ali Pabrai, CISSP, CHSS

Chief executive, HIPAA Academy

security challenges
Security Challenges
  • Password management
  • Malicious software
  • Wireless proliferation
  • Contingency planning
  • Auditing
remediate
Remediate
  • Launch Activities
    • Deploy Firewall Solutions, IDS/IPS
    • Secure Facilities & Server Systems
    • Deploy Device & Media Control Solutions
    • Implement Identity Management Solutions
    • Deploy Access Control Solutions
    • Implement Auto-logoff Capabilities
    • Deploy Integrity Control and Encryption
    • Develop & Test Contingency Plans
    • Activate Auditing Capabilities
wireless security getting started
Wireless Security: Getting Started
  • Conduct risk analysis
  • Develop security policies
    • Establish best practices
      • Design
      • Access points
      • Mobile devices
  • Remediation: Design infrastructure
    • Firewall
    • IDS
    • Wired network
best practices design
Best Practices: Design
  • Force communication through firewall system
    • Between the wired and wireless infrastructure
  • Deploy IDS solution
  • Disable file sharing between wireless clients
  • Evaluate use of static IP addressing and disabling of DHCPs for mobile devices
  • At least 128-bits or as large as possible
best practices access points
Best Practices: Access Points
  • Minimize number of access points
  • Implement strong physical access controls
  • Install access points away from exterior walls
  • Change the default SSID
  • Evaluate disabling the broadcast SSID feature so that the client SSID must match that of the AP
  • Disable all unnecessary protocols
  • Ensure strong authentication for all APs
  • Review logging capabilities of APs
    • Review log files regularly
summary defense in depth
Summary: Defense-in-Depth

Physical Security

Firewall Systems

IDS/IPS

Authentication

Authorization

ePHI &

Vital Assets

thank you
Thank You!
  • Uday Ali Pabrai
    • Pabrai@HIPAAacademy.Net