We recognize that EHR applications - like all feature-rich enterprise software - have inherent vulnerabilities, and that it's ultimately our responsibility to protect them
(PRWEB) September 20, 2007
Ottawa, ON, and Reston, VA, September 20, 2007. In response to recent findings of the eHealth Vulnerability Reporting Program (eHVRP) study announced on Monday, Third Brigade, a security software company specializing in host intrusion defense, today announced an initiative to 'quick start' the delivery of enhanced security for EHR systems. Third Brigade's host-based intrusion detection and prevention system (IDS/IPS) shields vulnerabilities that exist in EHR systems, and addresses a core recommendation recently made by the eHVRP.
Under the "Quick Start for Healthcare" initiative, healthcare providers can download Third Brigade's host IDS/IPS agent software for a free 30-day evaluation. The agent includes security policies that shield vulnerabilities in over 100 applications commonly relied upon by enterprises including healthcare providers. Filters that shield newly discovered vulnerabilities are automatically delivered to healthcare providers within hours, and can be pushed out to hosts in minutes, without a system reboot, thus ensuring rapid time-to-protection. The quick start program helps demonstrate the immediate effectiveness of host IDS/IPS to enhance EHR security, highlights the ease-of-use of Third Brigade's solution, all with minimal impact on host or IT resources.
Healthcare providers can register for the 30-day evaluation at: http://downloads.thirdbrigade.com/quickstart_healthcare/
"We recognize that EHR applications - like all feature-rich enterprise software - have inherent vulnerabilities, and that it's ultimately our responsibility to protect them," said Leo Dittemore, Director, IS Security, HealthCare Partners Medical Group. "Third Brigade's Host IDS/IPS is a cost-effective compensating control, is easy to use and has had no noticeable impact on our IT operations. Any healthcare provider implementing an EHR should also be evaluating host IDS/IPS."
"By acknowledging that vulnerabilities exist within EHR systems, and that effective compensating controls exist, the healthcare industry has taken an important step in further ensuring the security of their critical applications, and the protection of private data," said Wael Mohamed, President and CEO of Third Brigade. "Our best-of-breed solution is uniquely suited to industry leaders that recognize their responsibility in providing comprehensive, proactive protection."
The eHealth Vulnerability Reporting Program conducted a 15-month study to assess the security risks associated with eHealth systems, particularly EHR systems. The eHVRP report highlighted a number of key points including the fact that:
1. EHR applications have vulnerabilities consistent with other complex applications
2. EHR vulnerabilities can be exploited to gain control of the application or access to data.
3. Existing security mechanisms and practices adopted by the customers and developers of EHR applications do not address these vulnerabilities and therefore leave these systems unnecessarily exposed to exploitation.
Specifically, the eHVRP report recommends implementing compensating controls to protect eHealth systems.
Third Brigade's advanced, software-based, host intrusion detection and prevention system (IDS/IPS) shields vulnerabilities that exist in EHR systems, as well as the operating systems (Windows, Solaris, Linux and other Unix systems), and enterprise applications, such as web and database servers, they rely on. By shielding vulnerabilities in critical and hard to patch systems within hours of their disclosure, it allows patches to be deployed on a more efficient, scheduled basis, with minimal impact on host or IT resources. Third Brigade's security solution also delivers detailed reports that demonstrate the security status of hosts, at any point in time, for auditing and compliance requirements.
To arrange a free evaluation, or for more information, go to http://downloads.thirdbrigade.com/quickstart_healthcare/ or contact Third Brigade at 1.866.373.6977.
About Third Brigade
Third Brigade (http://www.thirdbrigade.com) specializes in providing host intrusion defense systems to organizations that need to detect and prevent attacks that exploit vulnerabilities in mission critical systems. Third Brigade Deep Security allows businesses to apply comprehensive security profiles to hosts that protect against known and zero-day attacks using deep packet inspection. It helps ensure compliance and the 24-7 availability of critical systems, provides a virtual patch for software vulnerabilities, and allows organizations to deliver Internet-based services with greater security and confidence. Unlike other host intrusion detection and prevention systems, Third Brigade Deep Security provides broader, faster and simpler protection. Third Brigade. That's control.
Note: "Third Brigade," "Deep Security Solutions," and the Third Brigade logo are trademarks of Third Brigade, Inc. and may be registered in certain jurisdictions. All other company and product names are trademarks or registered trademarks of their respective owners.
For more information, contact:
Media & Analyst Relations
Third Brigade, Inc.
(T) 613-599-4505 x2238