“The Defense Health Agency looks to collapse multiple legacy health IT networks used by military hospitals and clinics into a single modern network called the Medical Community of Interest (MedCOI). It includes more than 240,000 users worldwide and will serve as a ‘key enabler’ for greater health IT security.”
“The project enables a single security context across the agency, and allows DHA to standardize its virtual local area networks into a new 13-zone architecture, with each zone designed for a different level of security to segment network traffic.”
“”Since we’ll have that same design at each facility, it’s going to allow inheritance of security controls, reduced variants in configuration, and is going to greatly reduce the time to complete our risk management framework processes for each enclave and the associated systems,’ Pat Flanders, DHA’s Chief Information Officer, said in an interview.”
“Tom Hines, DHA’s director of engineering and technology transformation and a senior advisor to Flanders, said the agency’s zone architecture, combined with its risk management and system monitoring processes, can track real-time events on its network or adversely impacted devices.”
“This allows the agency to defend against all instances of malicious code, including ransomware. Hines said the agency has seen instances of ransomware, but has not been affected by those instances because of its network defenses…”
“To mitigate the risk of malicious code entering the network through users accessing websites, DHA is working with the Defense Information Security Agency on a web browser pilot called Cloud-Based Internet Isolation (CBII)…”
“Meanwhile, the Defense Department expects to further reduce its cyber-attack surface area through its ongoing migration of its medical records systems to an electronic format…” Read the full article here.
Source: DHA sees network consolidation as ‘key enabler’ to health IT cybersecurity – By Jory Heckman, March 26, 2020. Federal News Network.
