VA Center's IT Legacy Flaws Common at Other Health Entities

September 30, 2022 CynergisTek, Inc.

OIG Security Audit of Texas VA Facility Found Familiar Problems.

A Texas outpatient clinic belonging to the Department of Veterans Affairs has the all-too-common problem of obsolete equipment leading to security vulnerabilities, a watchdog report concludes.

An audit by the department's inspector general of a clinic serving the Harlingen region of south Texas found the VA center did not replace applications before they became unsupported by vendors.

"Without effective configuration management, users do not have adequate assurance that the system and network will perform as intended," the report says.

More than half of the center's network switches used operating systems past their vendor support dates, meaning they would not receive maintenance or vulnerability support.

"Network devices and IT systems are an organization's most critical infrastructure. Upgrading is not just a defensive strategy but a proactive one that protects the stability of the network," auditors say.

The legacy issues at the Harlingen facility are similar to what is found in many other healthcare organizations.

"Every hospital and health system we encounter has some degree of hardware/software legacy, end-of-life, or unsupported system that is in use," says Dave Bailey, vice president of security services at CynergisTek.

Read the full article here.

About the Author

CynergisTek, Inc.

CynergisTek is a top-ranked cybersecurity consulting firm dedicated to serving the information assurance needs of healthcare. CynergisTek offers specialized services and solutions to help organizations achieve privacy, security, and compliance goals. The company has been recognized by KLAS in the 2016 and 2018 Cybersecurity reports as a top performing firm in healthcare cybersecurity, as well as the 2017 Best in KLAS winner for Cybersecurity Advisory Services.

Follow on Twitter Follow on Linkedin Visit Website More Content by CynergisTek, Inc.
Previous Article
Experts Continue to Warn About Recognizing and Reporting Phishing
Experts Continue to Warn About Recognizing and Reporting Phishing

For Cybersecurity Awareness Month 2022 Thomas Graham and other experts discuss tips for recognizing and rep...

Next Article
Assessing the Security Risks of Emerging Tech in Healthcare
Assessing the Security Risks of Emerging Tech in Healthcare

A host of cutting-edge technologies like A.I & nanomedicine contain the potential to revolutionize patient ...