Health care organizations are unprepared for cloud migration

Doctor holding a clipboard

According to a new Trend Micro-commissioned survey, global health care organizations (HCOs) are increasingly leaning toward adopting the cloud but lack the preparedness for the security risks that come with it.

Remote working, cost savings, and improved IT agility were crucial reasons behind HCOs’ accelerated migration to the cloud amid the COVID-19 pandemic, the report found.


Security analytics for your multi-cloud deployments

IBM Security QRadar SIEM solution brief


SaaS-based video conferencing tools helped remote workers connect with branch hospitals, while telemedicine platforms quickly became indispensable to physicians. Cloud infrastructure also offered multiple benefits for HCOs looking to augment IT scalability and reliability.

Despite the positive outcomes, the report indicates high risks and costs associated with the cloud significantly outweighed its benefits in the health sector.

For example, 43% of HCO IT decision-makers revealed privacy and security challenges were constant barriers to cloud adoption. The biggest day-to-day operational challenges included setting and maintaining consistent security policies, patching, vulnerability management, and cloud misconfiguration.

What’s more, nearly half of survey respondents (45%) said introducing cloud-based security tools added more complexity to IT security teams’ tasks. Furthermore, 43% spent more on capital expenses to procure contract-based cloud services. Most concerningly, fewer than half of respondents said they were confident they understood “shared responsibility,” a key cloud security concept.

“While cloud migration isn’t simple, it can be enabled and improved using the right security tools,” said Trend Micro.

According to Trend Micro, a cloud security solution should feature automation to streamline compliance and minimize risks stemming from misconfigurations.

“With the right cloud-ready solutions in place, HCOs can maximize cloud benefits without putting mission-critical systems or patient data at risk. Such tools can also minimize skills challenges by spotting misconfigurations, automating patching and policy management, and integrating security into DevOps, across both cloud and on-premise environments,” said the company.