Having a dozen mental health facilities located throughout California, the Kings View corporate compliance team required clarity as to the security vulnerabilities on their wireless networks. ‘Could our medical devices be hacked?’ ‘Is our patient data vulnerable?’ ‘Is our security sufficient to detect and stop attempted breaches?’ The selected security partner not only had to provide clarity on these vulnerabilities, but ensure that recommendations furthered the organization’s HIPAA compliance goal.
When approaching the Kings View engagement, Breadcrumb engineers understood firsthand that wireless isn’t just wireless. Deficiencies within the wireless protocol and the decentralization of wireless management make organizational wireless networks very susceptible to unauthorized access. Leveraging their expertise within the medical community, Breadcrumb performed LIVE onsite testing at each of the twelve locations. Real-world assessment strategies included access point impersonation, discovery and exploitation of hidden networks, interception of wireless data and the review of encryption protocols. Customer wireless devices (medical devices, iPads, laptops, etc.) were also targeted during the assessment, evaluating their relative strength and resistance to a sustained attack. Lastly, complex mathematical scenarios were used to challenge the strength of encrypted wireless passwords, producing over 200 billion attempts in the Breadcrumb lab.
Having thoroughly evaluated discovered wireless networks, Breadcrumb engineers were able to deliver a comprehensive and detailed analysis of the organization’s wireless security posture. Referencing a series of industry standards, and established best practices within medical environments, Breadcrumb produced actionable reporting, with prioritized recommendations. Kings View Director of Operations Gretta Peterson noted, “We were very pleased with the results of Breadcrumb’s engagement and found their recommendations invaluable.”