Privacy Compliance Today
Since HIPAA was enacted in 1996, it has added requirements for personal data security that has changed US healthcare security in dramatic ways. Healthcare providers must transition from being reactive (i.e. when data leakage occurs), to being proactive, showing that they are actively monitoring their systems for incorrect usage internally/externally, and being able to demonstrate a complete audit trail of exactly what data was accessed by who and when.
In May 2018, the European Union (EU) General Data Protection Regulation (GDPR) comes into force, mandating ALL companies that process data residents to follow regulations. Failure to comply with GDPR results in fines of up to 4% of the company’s worldwide revenue. The goal is to protect “any information relating to an individual, whether it relates to his or her private, professional or public life. It can be anything from a name, a home address, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer’s IP address.”
Heimdall Data for Privacy Compliance
Organizations can now easily audit and control data access for databases. Heimdall Data provides a complete layer of security features to assist organizations in complying with the stringent guidelines for HIPAA Compliance as well as the EU GDPR, without having to change applications or databases. Below are the solutions:
Active Directory Integration:
For Active Directory, group membership data is stored with user authentication. For example, users may be marked as belonging to the HR team vs. the Operations group. However, most do not leverage AD for group membership and settle with manually configuring user roles on the database; this takes time and continued maintenance. There are also SOX and SoD (Segregation of Duties) non-compliance as the data team manages both data and user credentials.
The Heimdall Proxy, AD integration allows the authentication of users and removes the burden of managing users on the databases. Instead of preconfiguring users, the Heimdall Proxy synchronizes user information as needed out of Active Directory into the database so that access control is maintained. This benefits IT teams by:
- Integrating data access control with existing user management processes.
- Immediate access termination when a user leaves the group.
- Password reset is automated without additional help desk personnel.
- Synchronization routine creates an audit log of who accessed what data and when.
Database firewall: Our learning engine allows normal query patterns to be passed, and then either alerts or blocks new SQL patterns from accessing the database. In controlled environments, this enforces that only known-good SQL to be allowed to the database, creating a whitelist filter. Alternatively, black-list patterns can be created, such as to block say “SELECT * .*” enforcing that only exactly named columns will be allowed for any query.
Detection of Data Breaches: Heimdall implements “honeytoken” detection and alerting. A honeytoken is a piece of data that is inserted into a database or other data source that should never be accessed, such as a fake patient record. Any query that returns such a record is immediately flagged a suspicious, and alerts generated for further analysis. This feature identifies data access that is either unintentionally broad in nature, or is mining the database for unauthorized data, such as getting a complete list of patients to sell for identity theft. The use of honeytokens allows immediate alerting to such activity, providing a proactive but lightweight layer of security.
Audit trails: Heimdall will log to an immutable log every request and response generated by the database, to allow full accounting of who accessed records at what time. This record can be exported into behavior analysis systems to identify suspicious activity. Heimdall is configurable allowing the audit trail to be limited in scope to sensitive data, either by table or even by columns within a table that need to be recorded, in order to reduce the volume of data.
Secure Administration: Heimdall is inserted between the application and the database, and can be operated by a team(s) distinct from the database and the application owners. This allows a security team to monitor the interactions between the two, and by limiting access, it prevents a bad actor in either the database group or the application software group from modifying the controls to hide their malicious actions.
Database Vendor Neutral: Heimdall is compatible with any SQL database, enabling customers to use a single platform for all its auditing compliance. No more database vendor lock-in or operational complexities of managing multiple auditing platforms.
For more information about how Heimdall Data can protect your data and fulfill compliance contact us at email@example.com today!