Over 90% Of Cloud Services Used In Healthcare Pose Medium To High Security Risk

Dan Munro | Forbes | September 1, 2014

According to cloud security vendor Skyhigh Networks, more than 13% of cloud services used in healthcare are high‒risk and 77% are medium risk ‒ as measured across 54 different security attributes (like data encryption and “two factor” authentication).  As if to add emphasis to this exact point, risqué celebrity photos were hacked over the weekend in what is being rumored as a potentially broader attack on Apple’s iCloud service (specifically the Photo Stream feature).

While cloud vendors have a general responsibility to encrypt data at rest and offer two‒factor authentication (iCloud does), they can’t really dictate the use of important safety measures ‒ especially on the retail/consumer side. In the case of two-factor authentication, it’s an extra, somewhat annoying step and the risks are often thought to be vague or low for casual consumer data. As a gentle reminder, if you haven’t read Mat Honan’s account of how he lost his digital life in one hour (August 2012 Wired), now would be a good time to get that chilling refresher.

Which also underscores healthcare’s broader dilemma. On the one hand, cloud services can offer advanced technical solutions at an attractive price compared to on-premise hardware and software, but issues of privacy and security are also very different for healthcare. Recent statistics from Skyhigh Networks also serve to emphasize these concerns...