Friday, June 2, 2017

Intrusion Detection and Response


There is a rather large universe of solutions to address hacker risk.  You can buy products (hardware and software) claiming to prevent attacks to your hardware, software or network, you can buy services or you can find a collection of both.

Complex networks, like we find in an individual hospital (or even a larger clinic, not to mention a complex of such organizations) are rife with vulnerable network citizens, while solutions are often complex or expensive to implement.  "We need to move forward, but what is the next step?" you ask...

You have made investments that are a component of your most cost effective solution, moving forward.  You might have also made investments that didn't work out, or can be replaced with a more effective (and more cost effective) solution.  Let's trim those outgoing payments... and build a flexible set to manage moving forward.

Key to all of this is understanding your inventory of network citizens, insuring network logs are "watching" in/out-going traffic for all, effectively screening those logs, and taking prompt, effective action to address a hack.

When can we start?