Technical Security Recommendations for ABC Healthcare IT Infrastructures ABC Healthcare has been facing a multitude of challenges ranging from the security of the IT infrastructures to the compliance of regulatory policies. In the United States, the lawmakers are increasing putting more restrictive in the regulatory environment because there have been more attacks in the healthcare environment, damaging the organizational information systems and using worms and virus to gain access to non-authorized sensitive data. The issues are making the stakeholders of ABC Healthcare demand for more flexible access to their information systems. Moreover, increasing regulatory pressures within the healthcare environment with regards to the management of the information systems has made ABC Healthcare to decide to implement more prudent information systems security. The goal of ABC Healthcare is to implement good information systems to abide by regulatory policies of HIPPA and SOX (Sarbanes-Oxley). Typically, both SOX and HIPAA mandate healthcare organizations to have good systems as well as good administration and control that will prevent threats to the system and allow a continuity of business operations.

The objective of this project is to provide technical recommendations for ABC Healthcare that will assist them implementing effective security systems to protect their information systems and abide by the SOX and HIPAA regulatory policies.

1. Technical Recommendations for Security Requirements and System Design

A protection of ABC Healthcare of network and information systems are very critical to comply with the SOX and HIPAA regulatory policies. The study recommends that ABC Healthcare should use the internal LAN (Local Area Network) using the private IP (internet protocol) to segregate from the untrusted network using the firewall to filter untrusted network. ABC Health should use three GIAC networks to connect to the internet and remote entities such as partners, customers, suppliers, and employees. ABC Healthcare should use the server-based network that allows all users having access to the network resources. Moreover, the server-based network allows users to share data and easy backup of data. In the server-based system, users have one username and password that allow them to log into the server to share the data over the network resources. Typically, server operating system will assist ABC Healthcare to handle a load of multiple users who are having access to the server-based resources. The benefit of the server-based model is its ability to manage all printers and other hardware. The system is also scalable because it can be adjusted based on an increase in the load system.

The hardware to design the network-based network infrastructures for the ABC Healthcare is as follows:

Operating system: 64 bit Windows Server 2012 R2. Moreover, the Microsoft Net Framework should be installed.

Language: English

Memory: 8 G Ram

Processor: 2 CPU Sockets with a minimum of quad core. Server class processor with @1.8GHz minimum.

Hard Disk Storage: System Drive (C:) that requires available 20GB. Install Drive will require available 80GB.

Network Interface Card: Minimum of 10/100BASE-T that supports the TCP/IP in a Microsoft Windows networking environment.

The configuration of the systems will assist the company to establish the effective network systems. However, an integration of different security systems is essential to assist the company to enhance confidentiality and integrity of the network systems.

Electronic Medical Records: The company will also need to develop the EMR (Electronic Medical Records) database to store patient and provider's information.

The study recommends different security systems for the internet and network securities that should be used to prevent, deter, detect and correct eventual security violations during the transmission of information. Application of computer security is also needed to protect the company hardware, software, data and another information system.

The integration of the SSL (Secure Socket Layer) is the first security protocol to secure the network systems and provide security between TCP and applications. The company website header should start with HTTPS, which combines HTTP with SSL to achieve a secure communication between a Web server and a Web browser.

Encryption technique is another security measure recommended for ABC healthcare. In the network system, the TCP/IP is a set of communication protocol over the internet that defines the route communication. Since information can be hijacked by a third party over the internet, the study recommends the integration of the encryption system that allows data to be unreadable by a non-authorized individual. When the encryption software is installed in the network system, all data transferred over the network systems will be changed to nonsense texts, and only an authorized person with a decrypted key will be able to read the data. The strategy will prevent illegal activities such as eavesdropping, and information hijacking from the server.

An access control is another security method for the...

Typically, access control is the security strategy that prevents an unauthorized use of the information resources to enhance data confidentiality. The study suggests using the digital signature that involves the use of the cryptographic technique to enhance data integrity and prevent data forgery. The company should also use a user authentication to limit the access to the web server. The site administrator should create a user certificate for each user, which will be checked automatically by the server to verify the user's identity. The use of cryptographic techniques is also recommended to prevent data forgery and impersonation of a legitimate user.
Moreover, ABC Healthcare should install the IDS (intrusion detection system) and IPS intrusion prevention system to detect and prevent any suspicious activities in the system. Typically, the IDS assists in monitoring the network systems for a policy violation and malicious activities in the system, which are automatically reported to the administrator. The IDS should be located at the internal LAN off the firewall interface to assist in monitoring the passing traffic. Similarly, the IPS is a security or network threat prevention system that examines the network traffic detecting and preventing the malicious activities from the systems. The IPS supplemented with the firewall technology provides the complementary protection for the system.

Additionally, ABC Healthcare should install the firewall system to monitor the company network traffic and block a suspicious traffic from the system. The company should use the Cisco PIX 535 firewalls to block the untrusted network. However, a combination Cisco PIX 535 firewall and Cisco 1760 router are recommended because the router will define the IP that will be authorized to pass through the company network system. However, the most sophisticated threat to the computer system is the threat from the malicious software or malware capable of infecting the systems and steal sensitive information. An example of malware is a worm that has the ability to replicate itself thereby send its copies from one computer to the other. Moreover, virus, logic bomb, Trojan horse, downloader, and spammer programs are other examples of malware. The malware countermeasures are prevention, detection, identification and removal. ABC Healthcare should scan their system every month with a malware scanner to detect any eventual malware in the system. Moreover, the company should use an advanced antivirus software such as the GD (Generic decryption) to assist the antivirus program to detect and remove most sophisticated viruses or malware from the system while maintaining its fast scanning speed. ABC Healthcare can use also the Digital Immune System to protect the system against virus.

2.Method to Address Requirements for System Logging, Monitoring, Auditing, and Complying Legal Regulations.

In the contemporary health environment, both SOX and HIPAA requires healthcare companies to meet logging and monitoring requirements. For example, the HIPAA audit requirements mandate a company to implement a continuous monitoring and logging of all systems that store health private information. However, SOX mandates an entity to perform an internal control. Thus, this paper recommends that ABC Healthcare use the following control mechanisms:

Host-based and network intrusion prevention and detection systems

Data loss prevention software

Active Directory Audit policies;

Event and security management information system.

The active auditing policies are useful to detect the troubleshooting issues and respond the potential incidents. However, the strategy can create too much administrative overhead, thus, the paper suggests concentrating on auditing the high-risk areas and enable audit policies such as:

Logon failure;

Logon success;

Logoff success;

Logoff / Logon Events failure and success

Process creation success;

Credential validation success;

Audit policy change

Account lockout success, and Authentication policy change

The event and security information management combined with security management solutions will provide an easily manageable interface that allows a real-time analysis and monitoring of the systems. By using the event and security management system, ABC Healthcare will be able to collect the audit logs, which will assist in changing the software configurations and hardware assets, mailbox archives, application debugging network and web traffic. By choosing the Event Monitor or Solar Winds, ABC Healthcare will be able to comply with the SOX and HIPAA requirements for their system logging, monitoring, logging, and auditing. However, the SolarWinds package is more cost effective for the ABC Healthcare since the company aims to reduce the cost of system security implementation. Moreover, the network-based IDS is integrated into the SolarWinds thus, ABC may not require a separate network-based IDS to detect suspicious activities. The paper also recommends the Cisco IPS to prevent unwanted activities from the system. Typically, the IPS is effective in preventing…