More and more devices in doctor’s offices and hospitals are connected to networks. Diagnoses and therapies are now stored digitally at hospitals, laboratory reports are transmitted over the internet and hospitals and health insurance companies communicate digitally. As these systems process highly sensitive patient data, they must meet extremely high security requirements. This has not always worked in practice with incidents occurring on an annual basis (1). The cost of ransomware attacks – which have recently increased sharply in the health sector – are extremely high. In February 2016, blackmailers demanded USD 5.77 million from a hospital in California.
The way we work has changed. Our laptops, tablets and smartphones let us do our job from wherever we want – at the office, at home or even while on-the-move. We can also freely chat and collaborate with colleagues, customers or suppliers one-to-one or in groups using an array of cloud-based productivity apps. When it comes to mobile, the conventional security model is broken. Traditional detection and software patching techniques simply cannot keep pace. In its place, arguably one of the most reliable ways to keep sensitive proprietary data safe is mobile VPN.
Almost everyone in business has reason to be grateful for the existence of SWIFT, the international banking and funds transfer network. VPNs have a crucial role in SWIFT’s security, but following a series of successful attacks over the past 12 months it appears that not all banks – especially ones in less developed economies – have made security their top priority. The answer may lie with regulators insisting that VPNs are used not just in the core of the SWIFT network, but also as part of improvements to security measures at its outer limits.
The idea behind the Internet of Things (IoT) is that everyday objects can connect to each other and exchange data via the Internet. Even the smallest components, such as sensors for measuring temperature, angle of inclination or acceleration can send information or accept commands via the network. Current and future systems are based on the Internet protocol and will probably soon include ipv6 support. They transmit data in an open and well-known format. Depending on the application, data will most likely be transmitted via public networks. This means that data is in principle open to everyone who is connected to the network. Subject to the type of data the consequences range from unpleasant to catastrophic, which is why confidentiality must be protected and safeguarded. There are many ways of achieving this, especially through encryption.
High profile data breaches at companies like Mossack Fonseca, Target, Home Depot and Wendy’s along with Government controversies like Edward Snowden and the FBI’s legal suit against Apple after the San Bernadino shootings have severely dented public confidence in the ability of business and government to keep personal data safe and secure.
Anybody who uses the Internet uses, creates and leaves data behind. While in the past site visits were recorded in the depths of server log files rarely to surface again, these and related data are now the currency of the 21st century. Services are exchanged for data, this is the business model shared by Google, Amazon and many others. But people are becoming more aware that the uninhibited acquisition of their personal data may have negative consequences and no longer trust that their data is protected on the Internet.