We live in an increasingly mobile world, and it’s important that communication is seamless and secure. This is especially important in the healthcare setting as mobile devices, such as the iPad, are being used over wireless networks in the hospital. Therefore, it is vital for any organization to ensure a safe, secure and reliable system.
1. Could you give a brief overview of Aruba’s Mobile Virtual Enterprise (MOVE)?
A. Let’s start by taking a look how users and devices connect in today’s Healthcare IT organizations. You have a traditional wired network connecting workstations and a variety of other stationary devices. You also have a rapidly expanding Wi-Fi network supporting an increasing amount of voice, video and medical device communications. You may also have a remote network connecting distributed sites, and a VPN network for mobile connectivity. This level of fragmentation increases cost, complexity, and is not well suited for mobile health care.
The Aruba MOVE architecture simplifies how users and devices connect and allows healthcare organizations to embrace mobility. It’s not about which network you are using for what application. In fact, the notion of wired and wireless networks being separate has become irrelevant. The real need, and the real value, is in providing secure access when and where it’s needed.
2. Why is it important for healthcare providers to have a unified network, and what would cause a hospital CIO to look for a service such as this?
A. We’ve all seen the astonishing rate at which physicians are adopting iPads, and this is only the beginning. Innovation will not stop and healthcare organizations need to be prepared to address this critical workflow shift. Many users are embracing these changes as an integral part of how they work, but the new IT realities are overwhelming the network budget.
The Aruba MOVE architecture unifies wired, wireless and remote access into a single solution that greatly reduces the amount of network equipment that needs to be purchased and managed. Access privileges are linked to a user’s identity, device, application and location—no matter where they are or how they connect—rather than a VLAN based on outdated, fixed-location LAN models.
3. Security is one of the most important issues in healthcare, especially in terms of HIPAA. What precautions has Aruba taken its services, and are there general security issues that healthcare providers need to be aware of?
A. A top-of-mind issue is how to securely integrate consumer devices into the clinical environment. Some organizations allow any device onto the network as long as the user presents a valid user name and password combination. Other organizations allow users to use a VPN over the guest network to access hospital applications. Neither use models that are in-line with industry standard best practices. Organizations need to go further. In addition to authorizing the user, they need to authenticate and authorize the device as well. Once IT is able to distinguish a user on an IT-supplied laptop from a user on an iPad, network policies can be put in place to securely integrate consumer devices. Aruba’s Mobile Device Access Control solution automates the process of securing and authenticating devices on the network.
Advanced security is a cornerstone of Aruba's MOVE architecture. We recently announced Suite B encryption, which enables military-grade security for mobile access to networks that handle classified information. This was demonstrated at Black Hat, a highly technical security conference focused on hostile attacks. Aruba’s Wi-Fi network contained over 8,500 security events during the conference.
Aruba's default posture is to deny all traffic (or "guilty until proven innocent") and enable access rules to permit traffic that are applied on a per-role basis, where each user, device, and application on the network is mapped to a specific role.
