Identity at the Center Identity At The Center #3: Healthcare IAM, MFA, and PAM Oh My!
20 snips
Jul 19, 2019 Jim and Jeff dive into healthcare cybersecurity, tackling why many organizations are slow to adopt multi-factor authentication (MFA). They discuss the confidence gap in security despite rising breaches and explore usability concerns around MFA. The duo debates whether to prioritize MFA or Privileged Access Management (PAM), weighing the pros and cons of social logins and passwordless options. They share strategies for rolling out PAM and ensuring minimum controls, offering practical insights for enhancing patient portal security.
AI Snips
Chapters
Transcript
Episode notes
Patient Portals Are Underprotected
- Patient portals often lack expected MFA despite protecting HIPAA data.
- Jim McDonald argues low MFA use creates unjustified confidence in security.
Confidence Doesn't Match Controls
- Many healthcare orgs felt confident in cybersecurity while only two thirds used MFA.
- Jeff Steadman highlights that confidence and MFA adoption numbers don't align.
Family Example Shows MFA Friction
- Jim McDonald notes older family members may lack smartphones and struggle with MFA.
- He uses his dad as an example to show MFA isn't universally feasible.