Healthcare workers are among the most impacted employees of the pandemic. Overcrowded hospitals, increased hours, burnout, and staff shortages have menaced the industry over the past two years. The pandemic brought a rapid digital transformation in the industry and the shift impacted the way Healthcare workers operate.

The Endpoint Ecosystem study offers healthcare leaders a lens into the way healthcare workers are using technology at work and their attitudes towards security, privacy, and their experience as front-line employees.

Security awareness training is ineffective in Healthcare

Nearly a third of healthcare workers believe that they have not been adequately trained to protect company data. This comes as a surprise since 59% of healthcare workers are receiving monthly or quarterly security training.

In the past, HIPAA security awareness training and certification programs were low-quality productions and perceived as a painful annual necessity. For this reason, clinical workers may be fatigued with legacy training approaches and in need of something better.

Password hygiene is a major issue

Poor password management among healthcare workers increases vulnerability at a time when we are seeing a massive increase in cyber-attacks targeting healthcare.

The Endpoint Ecosystem study indicates found that 26% of people are writing their work passwords in a personal journal, 24% save their work passwords in the notes on their phone and 22% keep their work passwords in Excel or Word.

The Healthcare industry will benefit enormously by embracing password-less authentication and if that is not feasible, a password management tool is a must in the interim.

Shadow IT is Exposing Employers to Risk

The Endpoint Ecosystem study reveals a disconnect in the balance between security and employee experience for Healthcare workers. They perceive security policies to be too restrictive and, in turn, find workarounds. 35% of clinical workers think that security policies restrict the way they work. 29% find ways to work around the policies.

Furthermore, Healthcare workers largely prefer to use unapproved cloud apps. 48% are more efficient in using apps like Dropbox or Gmail.

Shadow IT will intensify as remote work continues to become the norm. Healthcare employers need to identify the right tools to empower their employees and reduce the need for unapproved apps.

Most workers are unimpressed with their tech support

The Endpoint Ecosystem study indicates that most clinical workers are less-than-enthusiastic about the tech support they receive. In result, many are turning to Google to find their own resolutions to technical problems.

Only 17% of Healthcare workers attested to being very satisfied with their tech support. In fact, 17% of workers claimed to be largely dissatisfied with the support they receive. This is the highest figure in all industries surveyed.

From these statistics, we can derive that IT departments in Healthcare facilities may be understaffed or overwhelmed. Healthcare groups that are struggling with their IT support should consider outsourcing specific functions to highly specialized service providers like Mobile Mentor.

Healthcare workers respect their employers

Overall, employees in Healthcare feel that their company is doing a good job of protecting data and also feel their employer values their personal privacy.

The study asserts that 85% of workers in Healthcare feel that their company respects their personal privacy. Only 25% of employees said that they feel their employer needs to take privacy more seriously – this was the lowest of all industries polled.

The strengths in employee perception means that Healthcare institutions are effectively communicating regarding data security and employee privacy. This is a distinguishing strength in the Healthcare sector.

We can predict the future

Remote workers in Healthcare act differently their non-remote counterparts. They are doing security training more often than office workers and see (or notice) security policies more frequently. As remote work continues to become the norm, employers should invite these employees in product selection decisions.

Additionally, Gen Z has entered the workforce during the pandemic and many of these workers have not experienced a traditional office-based work culture. They are often onboarded remotely and view their employer through the lens of remote workers. 56% feel that other companies are doing a better job with modern tools and technology. Only forty-nine percent think their employee onboarding process was designed for remote workers. From this, we can derive that this generation presents the largest flight risk to employers.

How to learn more

To learn more about how healthcare workers view their Endpoint Ecosystem, we invite you to download the Endpoint Ecosystem for the Healthcare Industry study. Armed with the data from the study, our hope is that Healthcare institutions will identify ways to improve endpoint security and employee experience for their workforce.

Practical Guidance for IT Leadership

1. Adopt a Zero Trust Architecture

Zero Trust means you assume every login is a breach – unless explicitly verified.

Zero Trust leads to fewer breaches and less Shadow IT. Move away from using network drives and eliminate VPNs. Use Conditional Access, Azure Active Directory, OneDrive, and Microsoft Intune to build a perimeter based on devices and identity.

2. Leverage Zero Touch Provisioning

IT teams can eliminate all the manual device set-up with Zero-Touch Provisioning.

Microsoft Intune, combined with Windows Autopilot and Apple Business Manager enables employers to ship devices directly to employees with no IT involvement.
The employee can sign in and the devices self-configure, over the air, in minutes.

3. Go Password-less

Passwordless authentication is more secure, cheaper and a better experience.

Modern authentication means replacing passwords with biometrics, SSO and MFA. Choose laptops with TPM 2.0 to use Windows Hello, choose applications that have Single Sign-On via Azure AD and use MFA (multi-factor authentication) everywhere.