Trend Micro Healthcare Solutions

HITECH Act and HIPAA Compliance:

The chart below maps HITECH Act and HIPAA compliance requirements to Trend Micro solutions across complex distributed networks, including virtual and cloud-based servers. We can also help you achieve compliance with PCI DSS.

 

Server Security for Healthcare:

Healthcare organizations are facing increasing scrutiny from regulators, practitioners, and patients to ensure the integrity, security, and confidentiality of healthcare information. Financially motivated attackers develop new threats daily with the intent to steal and sell valuable data—including identities and computing resources.

Cybercriminals are able to bypass most perimeter security systems. They now target software vulnerabilities in critical e-Health solutions, including web-based EHR/EMR applications, as well as underlying enterprise servers and operating systems.

Trend Micro™ Deep Security for Healthcare

Trend Micro™ Deep Security delivers powerful server and application protection that allows physical and virtualized systems to become self-defending. It provides comprehensive server security that is integral to datacenter modernization initiatives, including virtualization and cloud computing. Deep Security deployed on physical servers and virtualized environments, provides comprehensive, unified protection, including:

• Intrusion detection and prevention (IDS/IPS)
• Web application protection
• Application control
• Firewall
• Integrity monitoring
• Log inspection

Trend Micro™ Deep Security Manager is a powerful, centralized, management system that allows administrators to apply security profiles to servers, and track threats and preventive actions taken in response to them. Detailed reports document attempted attacks, and provide an auditable history of security configurations and changes to gain visibility into activity and meet compliance requirements.

Trend Micro™ Deep Security Virtual Appliance transparently enforces security policies on VMware vSphere virtual machines for IDS/IPS, web application protection, application control, and firewall protection—coordinating with Deep Security Agent, if desired, for integrity monitoring and log inspection.

Trend Micro™ Deep Security Agent is a small software component that is deployed on the server or virtual machine being protected and enforces the security policy for that machine. The Agent defends the server by monitoring incoming and outgoing traffic for protocol deviations, content that signals an attack, or policy violations. When necessary, the Agent intervenes and neutralizes the threat by blocking the malicious traffic.

Trend Micro™ Security Center provides information on the latest vulnerabilities and security updates that shield these vulnerabilities and reduce risk. Security updates are delivered quickly (typically within two hours of Microsoft security advisories) and can be distributed to customers’ Deep Security Managers, automatically or on-demand, for deployment to thousands of servers within minutes.

Key Features and Benefits

• Provides targeted, software-based protection for the widest range of platforms used to run mission-critical applications and store sensitive data, including Windows, Solaris, Linux, HP-US, and AIX running on traditional hardware or VMware, Microsoft or Citrix virtualization platforms.
• Shields software vulnerabilities, which are commonly found in operating systems, enterprise and e-Health applications. This allows patches to be deployed on a more efficient, scheduled basis, with minimal impact on host or IT resources.
• Detects and prevents attacks that target medical, patient or personal data, and alerts staff the moment an attack has been attempted.
• Enables centralized, web-based management, allowing administrators to create and manage security policies, and track threats and preventive actions from a familiar, explorer-style UI.
• Proactively recommends the appropriate protection for servers and virtual machines, to ensure correct protection is in place, with minimal effort.
• Ensures standard security configurations are consistently and automatically applied to all appropriate systems, thus reducing the risk of an attack.
• Provides detailed log information on who attacked, when they attacked, and what they attempted to exploit. Administrators can be automatically notified when an incident has occurred.
• Works with security information and event management (SIEM) systems and includes a web-services interface for advanced automation
• Integrates with VMware vCenter, Microsoft Active Directory and other enterprise directories to allow organizational and operational information to be quickly imported into Deep Security Manager.
• Delivers a wide selection of detailed reports that document attempted attacks, and provide an auditable history of security configurations and changes. These reports can be generated and issued on a scheduled or ad-hoc basis.
• Automatically delivers regular security updates that protect newly discovered vulnerabilities from exploit.

 

PCI Compliance:

Addressing Today’s Top PCI Concerns

Achieving and maintaining PCI compliance and true security requires constant evaluation of the potential impact of evolving threats, employee behavior, and new business and technology initiatives. Trend Micro offers you unique and cost-effective solutions to address today’s top PCI challenges.

 

Match the solution to the healthcare requirement:

Trend Micro offers proven solutions that address healthcare regulatory requirements. Beyond addressing regulations, these solutions enable you to truly safeguard your business infrastructure against the compromise of cardholder data.

The following table summarizes both the direct mappings with industry regulations and best practices recommended for protecting private healthcare data and your IT infrastructure.