Shut The Backdoor
Welcome to Shut the Backdoor, brought to you by Redox. Shut The Backdoor is a healthcare security podcast dedicated to keeping health data safe, one episode at a time. Hosted by Jody Maberry and Meghan Mcleod and featuring special guests to discuss the most critical topics for healthcare security.
info_outline
The Final Logoff - Streamlining Secure Departures
02/22/2025
The Final Logoff - Streamlining Secure Departures
"Everyone who's part of a health care organization or health care tech has access to really private information. And getting that access removed from somebody who's leaving the organization is key." Key Moments 02:23 Streamlining Through Automation 05:55 Streamlining Tool Access and Security 08:54 Centralize Identity with Single Sign-On 11:41 Automated Offboarding: Quick and Secure 13:25 Automating Environment-Specific Challenges 17:10 Streamline Access to Protect Data 19:51 Streamlined Process vs. Disorganization Streamlining secure departures is not just an operational necessity; it’s a pivotal component of our organization's security framework. During our latest discussion, we explore how automating the final logoff process can transform the way we handle employee departures. Bill Easton, a skilled staff security engineer at Redox, joins to highlight practices that can enhance our security posture. The overarching theme is that automation is king. Bill emphasizes that efficient offboarding begins with a central access system integrated with our HR information system. By automating access removal, we significantly reduce the chances of oversight and enhance security resilience. A streamlined, repeatable process ensures no system is left vulnerable due to manual mishaps. Megan McLeod highlights the importance of role-based access rather than one-off permissions. This approach not only simplifies automation but also ensures that access can be efficiently managed across various roles within the company. Bill shared his experience at Redox, where continuous improvement in automation is a priority. Even though achieving full automation is a journey, each step forward makes a difference. We’re currently at an 80:20 ratio, and the push for seamless automation continues. To further safeguard our operations, Bill advises centralizing identity management through single sign-on (SSO). This strategy not only enhances user experience but also fortifies security by consolidating access control. As we steadily build this framework, let’s ensure our team is aligned with these processes and ready to tackle future security challenges with precision and efficiency. As always, it’s about locking the back door to safeguard our most sensitive information.
/episode/index/show/d2d95129-fec8-41ca-b2a0-9866278572f6/id/35385010
info_outline
A Trojan Horse - Hiring Malicious Actors
02/22/2025
A Trojan Horse - Hiring Malicious Actors
"Everybody in the hiring pipeline should really be looking out for this. Every person that touches a candidate has a chance to pick this up before someone gets hired." Key Moments 00:42 Insider Threats for Financial Gain 06:10 High-Profile Cybersecurity Incident Reporting 09:16 Healthcare Data Extortion Risks 10:40 Spotting Red Flags in Hiring 14:14 Security and HR Collaboration in Hiring 17:23 Identifying Security Red Flags 19:51 Verifying Candidate Authenticity Steps 23:34 On-Camera Hiring Best Practices There is a new security concern that is catching many off guard: hiring malicious actors. Matt Mock, our CISO, shares that instances of fake candidates, particularly those backed by entities from countries like North Korea, are no longer a rarity. These actors typically have financial motives as their primary aim and have a surprising sophistication. They employ stolen identities and may even be working with domestic associates to get their foot in the door. As Megan McLeod points out, these aren't mere hypotheticals. Even companies like KnowBe4 have reported encounters, underscoring that no organization is too small to be targeted. It is important to be vigilant in the hiring process. There are a number of red flags during remote interviews that are worth being aware of such as inconsistencies in a candidate's story, reluctance to appear on video, or unusual locations to send equipment. But it's not just about catching these actors during interviews. Some of these actors may be hired before they start to show subtle but suspicious activities. Accessing systems from unexpected locations or changing device settings to a foreign language can reveal their true intentions.
/episode/index/show/d2d95129-fec8-41ca-b2a0-9866278572f6/id/35384915
info_outline
Introduction to Shut The Backdoor
02/18/2025
Introduction to Shut The Backdoor
Welcome to the debut episode of Shut the Back Door, a healthcare security podcast by Redox, hosted by Jody Mayberry alongside Redox’s own Matt Mock, CISO, and Megan McLeod, Security Engineer. This podcast is dedicated to protecting healthcare data one episode at a time. In this introduction, Megan and Matt explain Redox's mission as a leader in healthcare interoperability, enabling providers, payers, and health tech organizations to power better care through accelerated, real-time data solutions. The podcast aims to bring Redox’s behind-the-scenes data security expertise to the forefront. As security is a shared responsibility within healthcare, Megan and Matt emphasize the goal of fostering collaboration and sharing knowledge with the broader healthcare community, ensuring everyone benefits from improved security practices. Listeners can expect monthly episodes featuring Megan, Matt, and expert guests discussing real-world healthcare security challenges and practical solutions.
/episode/index/show/d2d95129-fec8-41ca-b2a0-9866278572f6/id/35335685