Vulnerability management is the process used by organizations to detect technology flaws that hackers could exploit. This process uses a scanning capability, often provided by an EHR or IT support vendor, to proactively scan devices and systems in your organization.
Sub-Practices for Small Organizations
7.S.A | Vulnerability Management | NIST FRAMEWORK REF: PR.IP-12 |
As discussed in the introduction to this document, weak passwords, default passwords, outdated software, and other technology flaws identified by vulnerability management scans are commonly referred to as vulnerabilities. Vulnerability scans may yield large amounts of data, which organizations urgently need to classify, evaluate, and prioritize to remediate security flaws before an attacker can exploit them.
Vulnerability management practices include:
- Schedule and conduct vulnerability scans on servers and systems under your control to proactively identify technology flaws.
- Remediate flaws based on the severity of the identified vulnerability. This method is considered an “unauthenticated scan.” The scanner has no extra sets of privileges to the server. It queries a server based on ports that are active and present for network connectivity. Each server is queried for vulnerabilities based upon the level of sophistication of the software scanner.
- Conduct web application scanning of internet-facing webservers, such as web-based patient portals. Specialized vulnerability scanners can interrogate running web applications to identify vulnerabilities in the application design.
- Conduct routine patching of security flaws in servers, applications (including web applications), and third-party software. Maintain software at least monthly, implementing patches distributed by the vendor community, if patching is not automatic. Robust patch management processes, as outlined in 2.S.A, mitigates vulnerabilities associated with obsolete software versions, which are often easier for hackers to exploit.
Threats Mitigated
- Ransomware attack
- Insider, accidental or intentional data loss
- Attacks against connected medical devices that may affect patient safety
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article