In a recent InformationWeek article they take a look into the concerns that increased mobility and Bring Your Own Device (BYOD) programs are having on IT departments. The article talks about concerns specific to the healthcare care industry and a recent report from KLSA, “Mobile Healthcare Applications: Can Enterprise Vendors Keep Up.” InformationWeek writes about the report, “105 respondents, most of whom were C-level managers, about their use of mobile technology in hospitals and found that securing personal devices via MDM software is one of their top concerns.”
While not that ground breaking of a statement and one that can most likely be applied to enterprise and educational organization alike, the report and InformationWeek article point out a few specific examples of how healthcare organizations are handling these concerns. The first piece of advice come from Ken Kleinberg, health and IT consultant with the Advisory Group, who says that hospitals need a strong BYOD strategy that focuses not only on the device but the applications as well. “It’s not just that you’re going to control the configuration on the device; you’re also going to control what application can be loaded on that device.” In this case IT departments need to understand what type of applications physicians, clinicians and administration are looking for and offer certified and approved options for those employees rather then allowing them to find there own.
We get a glimpse into Beth Israel Deaconess Medical Center who seems to be taking a different approach to Mobile Device Management (MDM). The medical center’s CIO John Halamka says that they “”settled on enforcing tight security policies through Exchange ActiveSync,” rather than bringing in an MDM solutions for management. While this is not the case for all, apparently they are able to utilize this “less sophisticated” (for lack of a better phrase) because email is the most used application allowing them to track and secure devices just fine. One can assume this approach will not last forever as the medical center’s mobility and application use grow, but for the time being it is just fine proving again there is no silver bullet when it comes to enterprise mobility security.
A different approach to enterprise mobility security is highlighted in UMass Memorial Healthcare’s focus on the data rather then the device. InformationWeek write that George Brenckle, CIO at UMass Memorial Healthcare has put a “focus on managing data rather than managing devices, which is one reason UMass has switched to a virtual desktop approach. With all of its sensitive patient data on hospital servers, there’s no risk of breaches from stolen or lost iPads and laptops.” Treating mobile devices as basically viewers rather then storing the data helps to eliminate the treat of lost or leaked data if a device is stolen or lost. A big concern when dealing with data that falls under HIPAA compliance.
Click here to read the entire InformationWeek article and learn more about mobility in the healthcare industry.