Blue Cedar releases new security for health apps, built into the app

[grow_thumb image=”http://telecareaware.com/wp-content/uploads/2017/05/Blue-Cedar-Logo-Asset-1@3x-100.jpg” thumb_width=”150″ /]For healthcare organizations, device and app developers, one stumbling block for apps has been securing data. The endpoint for security has been to secure and manage the device, which constrains widespread BYOD use and convenient downloading. What if, instead, the apps and the data on them were secured without needing to further secure the device? This is what Blue Cedar, a mobile security developer, has done with what they call a mobile device management (MDM) alternative, with security ‘baked into the app”.

One of their first for the new platform is MedStar Health, the largest healthcare provider in the Maryland and Washington, DC region. Blue Cedar’s MDM enabled them to secure their mobile app for clinicians that contained protected patient information (PHI) yet run securely on personal mobile devices.

Blue Cedar’s Chief Product Officer, Chris Ford, spoke with this Editor and explained that their new platform (V3.14) works through injecting a security code in the mobile app, which enforces policy on encryption and use. Their Enterprise Mobility Management (EMM) can now incorporate support for secure apps on unmanaged devices, security and connectivity for VoIP-based apps, and enforcement of granular controls for HTTP-based apps. This and other features of the new platform will permit healthcare app developers to distribute apps through sites like the Apple Store or Google Play and “trust functionality” that allows control of data sharing between apps on the same device.

Blue Cedar spun off last year from IoT security company Mocana, founded in 2002, and now has over 150 customers in multiple verticals. They believe their MDM alternative is ideal for healthcare organizations and health app/wearable developers, recently adding representation in the UK and Europe. Release (PDF)

Ransom! (ware) strikes more hospitals and Apple (update)–Healthcare.gov’s plus trouble

[grow_thumb image=”http://telecareaware.com/wp-content/uploads/2015/02/Hackermania.jpg” thumb_width=”150″ /]Get out the Ransom! California hospitals appear to be Top of the Pops for ransomware attacks, which lock down and encrypt information after someone opens a malicious link in email, making it inaccessible. After the well-publicized attack on Hollywood Presbyterian in February, this week two hospitals in the Inland Empire, Chino Valley Medical Center in Chino and Desert Valley Hospital in Victorville, both owned by Prime Healthcare Management, received demands. While hacked, neither hospital paid the ransom and no patient data was compromised according to hospital spokesmen. Additional hospitals earlier this month: Methodist Hospital in Henderson, Kentucky and Ottawa Hospital in Ontario, Canada. In Ottawa, four computers were hacked but isolated and wiped. It is not known if ‘Locky’, the moniker for a new ransomware, was the Canadian culprit. FBI on the case in the US. HealthcareITNews, National Post

Update: Locky is the suspected culprit in the Prime, Hollywood Presbyterian and Kentucky ransomware attacks. On Monday, Maryland-based MedStar Health reported malware had caused a shutdown of some systems at its hospitals in Baltimore. Separately, Cisco Talos Research is claiming that a number of the attacks are exploiting a vulnerability in a network server called JBoss using a ransomware dubbed SamSam. Perhaps both are creating mischief? Ars Technica, Cisco Talos blog, BBC News, ThreatPost

More and worse attacks north of the 49th Parallel. Norfolk General Hospital in Simcoe, Ontario had a ransomware attack this week that spread to computers of staff, patients and families via the external website through the outdated content management system. According to MalwareBytes, “The particular strain of ransomware dropped here is TeslaCrypt which demands $500 to recover your personal files it has encrypted. That payment doubles after a week.”  So if you are running old Joomla! or even old WordPress, update now! Neil Versel in MedCityNews

If you’re thinking Mac Prevents Attacks, the first ransomware targeting Apple OS X hit earlier this month. Mac users who  downloaded version 2.90 of Transmission, a data transfer program using BitTorrent, were infected. KeRanger appears after three days to demand one bitcoin (about $400) to a specific address to retrieve their files. HealthcareITNews

Finally, there is the Hackermania gift that keeps on giving: Healthcare.gov. (more…)