Industry Trends

Why Internal Segmentation Firewalls are Indispensable in Healthcare

By Susan Biddle | April 11, 2016

You could call healthcare security breaches a rising epidemic.  According to Christopher Moynier, Healthcare Systems Engineer for Fortinet, it could “become a life or death situation.”

Healthcare organizations today are uniquely vulnerable to insidious security threats. This is due in part to the extremely high value of their data, but it’s also because healthcare has lagged behind in security. For years, healthcare IT administrators have been pushed to adapt to new regulatory schemes and provide new functionality for providers and other staff; security, unfortunately, has received neither the attention nor the funding required to ward off the smartest attackers.

Put it in clinical terms: Not only does healthcare have a serious ailment, but it also lacks the immunities that many other industries have already built up.

Today’s solution involves looking at network security as an ecosystem. Perimeter-based protection alone are no longer sufficient, since threats can now come internally or from the proliferation of connected medical devices that access the network from within a traditional firewall.   According to Mr. Moynier at the HIMSS16 Conference in Las Vegas, one indispensable tactic is to employ internal segmentation firewalls (ISFWs), which can “compartmentalize the damage and isolate that [threat] to keep it from spreading.”  You can view the rest of his explanation on network segmentation below.

ISFWs complement next-generation firewalls (NGFWs), since they provide protection against internal threats where NGFWs focus on external access points. Should an attacker get past perimeter defenses (through a successful phishing attack, for example) or conduct a direct attack on an internal endpoint (such as a connected medical device or physician’s tablet), ISFWs provide important control and visibility before patient data can make it to the exit door.

They do this by conducting rapid inspection of internal network traffic, which enables administrators to detect attacks much more quickly than if they waited for the attempted exfiltration of data. Contemporary ISFWs provide the high throughput and flexibility needed to maintain network speed and avoid compromising the user experience, so their installation is essentially invisible to clinical and internal stakeholders.

This approach is especially important given the widespread adoption of distributed devices. While these tools provide excellent functionality and aid patient treatment, they also introduce new vulnerabilities because the devices themselves aren’t necessarily under the control of the healthcare provider organization. This means that creating a “virtual fence” around valuable Health IT assets via ISFWs is an effective way to catch pernicious activity before attackers can steal sensitive data or compromise patient care systems.

Given how high the stakes are for healthcare providers—breaches can carry regulatory and repayment penalties measured in the billions of dollars—now is the time to fortify network security and afford stakeholders new peace of mind.

Learn more

To learn more about ISFWs and expand on the ideas described above, download our full white paper at

An IDC Health Insights ISFW Technology Spotlight is also available at