Data Loss Prevention (DLP)
CUIMC uses a Data Loss Prevention (DLP) solution that filters outbound email messages and attachments to identify the presence of character patterns resembling Sensitive Data. If such a pattern is detected, it blocks the email and automatically sends a message to the sender with instructions to take the appropriate action.
Messages and attachments that contain Sensitive Data from a CUIMC email to an address outside of the approved Organized Health Care Arrangement (OHCA) need to be encrypted through our Secure Email gateway to prevent it from being blocked automatically.
Targeted Attack Protection (TAP)
CUIMC Email also includes Target Attack Protection (TAP). This automatically rewrites links found in incoming email messages in order to evaluate whether or not the linked content is malicious. As phishing and other targeted attacks become more sophisticated, TAP is a solution that meets the challenge and helps protect the CUIMC community and its resources.
For more information visit Email Link Protection and Decoder.
External Email Tag
Messages sent from outside of the organization have an [EXTERNAL] tag added to the front of the email’s subject line as a quick visual reminder to scrutinize the message further before replying, clicking a link, opening an attachment, or otherwise acting on the contents of the message. The tag will identify if someone has "spoofed" a CUIMC email address, which malicious actors may do to make an email seem as if it came from within your organization. Full details are on the External Email Tag page.
The CUIMC Information Security Office will be responsible for analyzing and certifying that the IT Group is operating in a capacity that is consistent with University Policies and Procedures, as well as operating within an acceptable level of risk, as defined by CUIMC Executive Managers.
CUIMC ISO Operations team performs investigations on digital materials by request from the Office of General Counsel, the HIPAA Privacy Office, and Research Compliance.
The ISO Operations team is responsible for responding and investigating security incidents, including network forensics. We leverage an Endpoint Detection and Response (EDR) platform that allows CUIMC to rapidly respond to attacks.
ISO has launched MobileIron at CUIMC for using Epic programs on a mobile device.
For multifactor authentication via Duo at CUIMC visit https://mfa.cumc.columbia.edu
The Columbia University Irving Medical Center leverages the use of proxy services to protect both endpoints and servers from malicious activity.
Applications should be designed and implemented with proper security requirements, secure coding practices, use of various development tools, and a focus on mitigating risks throughout the entire development lifecycle.
CUIMC ISO recommends the following:
- Use of a code repository. Certified IT Groups can request for beta access to a CUIMC GitLab.
- Knowledge of Git Essentials
- Know the OWASP Top Ten Project
- Review secure coding principles described in OWASP Secure Coding Guidelines
- Request for web application vulnerability scans from CUIMC ISO
- Keep up to date on training
The CUIMC Information Security Office performs Security Architecture Assessments and Advisory supporting CUIMC Cross Functional Teams.
CUIMC ISO Operations leverages a technology platform to manage real-time processing and analysis of events.
The CUIMC Information Security Office (ISO) performs information security risk assessments of CUIMC IT systems using standards and regulations from HIPAA and HITECH. The assessments help validate that patient, employee, business, and other sensitive or confidential data are protected.
An IT System that fulfills the assessment process is designated as “certified” by CUIMC IT Security when completed. The goal is to have all CUIMC IT systems certified to enhance our security compliance posture for HIPAA, HITECH, and PII protection.
CUIMC ISO conducts vulnerability assessment scans to report any deficiencies found in those scans to the system owner and technical support personnel. Scans are generated for systems during the certification process.