Hi all,
I am a network security admin for a healthcare provider.
We are rolling out web based EMR system so that clinical doctors and nurses (approx. 150+) to work from home or anywhere outside healthcare provide LAN using their personal devices.
We have Palo alto firewall to provide VPN access with MFA. This VPN is currently used by vendors and IT admins to access the network and servers remotely.
My question: Is it viable to publish EMR system on internet behind NAT and WAF secured with SSL/TLS and MFA or better use Remote SSL VPN, then login to system.
Just curious what would be best and secure approach to protect our users, network, servers and most importantly patient data.
Thank you
No comments:
Post a Comment