Zero trust in healthcare – the ultimate security strategy for the medical industry

Zero trust in healthcare - How to improve cybersecurity in the medical sector by Secfense

Cybercriminals hunt for medical data. Zero trust in healthcare is the only good security approach to keep the medical system secure. According to a Trustwave report, medical data may cost up to $250 per record on the black market, while stolen payment card data is sold for $5.40. That is why healthcare institutions are becoming the main vector of cybercriminals attacks. How to defend against them? The right approach is to protect the space where usually attacks come the most often so the accounts of all employees of clinics or hospitals. 

What Is a Zero Trust Approach by Secfense
What Is a Zero Trust Approach?

Zero trust in healthcare

Zero trust security is a cybersecurity concept that implies a total lack of trust in users, systems, or services within the network. What does this mean and how does it relate to the safety of the healthcare industry? Zero trust relies on 100% certainty that the right person is on the other side of the computer, and not a thief who wants to take over your sensitive data.

Medical data is extremely attractive to cybercriminals. Mainly because intruders know very well how to cash them – says Tomasz Kowalski, CEO, and co-founder of Secfense, which has developed a technology that enables fast and comprehensive implementation of multi-factor authentication (MFA), which is a first step in zero trust implementation in healthcare organizations. – Theft of medical data can threaten the reputation of individuals or institutions and cause enormous damage. That is why all healthcare facilities must remodel their approach to IT security as soon as possible and base it on strict user authorization, restriction of permissions, and limiting access to medical resources in accordance with the principle: never trust, always verify.

Secfense shows how to introduce zero trust security model in the healthcare sector
Never trust, always verify.

One of the latest media attacks against a medical institution was an attempt by intruders to get into the computers of AstraZeneca employees (including those who worked on the Covid-19 vaccine). 

North Korean cybercriminals have used phishing and social engineering claiming to be recruiters. According to the Wall Street Journal, the attackers also tried to steal vaccine information from Johnson & Johnson and Novovax, as well as from three South Korean drug makers. 

2-Step Verification

Credential theft – employees’ passwords and logins – is one of the most common causes of attacks on medical institutions today. 

Cybercriminals usually send an e-mail designed to trick the person into thinking that the message comes from a legitimate source and then obtain credentials. Bad actors also often use WhatsApp or LinkedIn messengers, as happened in the case of the attack on AstraZeneca. 

Why is this happening? The healthcare industry is one of the worst when it comes to data security knowledge. Data from Wombat Security’s learning management system shows that 23% of best practice questions are answered wrong on average by medical personnel. Fraudsters know that very well. The difficult period associated with the pandemic only makes it easier for them to get access to extremely valuable information, for which, for example, they can receive a large ransom (ransomware attacks).

User access security broker is an approach to cybersecurity consistent with the zero trust security approach. It triggers MFA during a login session on any hospital or clinic web application – regardless of whether the person logging in is currently at the facility or works remotely. Before the employee enters the application or system, he must enter, for example, a one-time code or verify his identity through face biometric authentication (such as face recognition or fingerprint scan)- adds Kowalski.

Secfense explains how to introduce zero trust security principles in the healthcare sector
Zero Trust Enhanced by User Access Security Broker

Multi-Factor Authentication (MFA) Implementation

What’s important is that the integration of MFA takes place without changing the protected application’s code. This basically means that the security broker can add multi-factor authentication on the accounts of all employees in any number of applications without any subsequent support for IT specialists, who are constantly lacking in the medical sector. It also allows for convenient scaling – simple and quick adding of users and protected resources, regardless of their number and complexity. This is important in the case of dynamically developing private hospitals and medical clinics.

Organizations do not have to share any of their information with third parties – strong authentication can be easily applied to the current infrastructure without long and tedious programming – adds Tomasz Kowalski.

Cybercriminals use the pandemic very efficiently and target the weak points of the healthcare system. Therefore, medical facilities must ultimately do a very difficult task and protect not only selected but in reality, all applications used by their employees on a daily basis. This could mean using advanced analytics to track identities on their network, multi-factor authentication, and enforcing “least privilege policies” for specific accounts, so basically following healthcare zero trust cybersecurity guidelines. 

One thing to remember flexibility, scalability, and speed of response in the case of precise and increasingly sophisticated attacks will be a key factor influencing the final result. Well-thought-out choices in this context really pay off. The costs of healthcare attacks are growing exponentially as prolonged system downtime not only hampers but often paralyzes medical care for patients. 

Antoni takes care of all the marketing content that comes from Secfense. Read More


We are faced with new challenges every day. We must always be one step ahead of the attackers and know what they are going to do before they do it. We are convinced that the User Access Security Broker will bring security to a new level, both for those working at the office and from home. For us, working with Secfense is an opportunity to exchange experience with developers who put great value on out-of-the-box thinking.

Krzysztof Słotwiński

Business Continuity and Computer Security Officer

BNP Paribas Bank Poland

As part of the pre-implementation analysis, we verified that users utilize a wide range of client platforms: desktop computers, laptops, tablets, smartphones, and traditional mobile phones. Each of these devices differs in technological advancement, features, and level of security. Because of this, and also due to the recommendation of the Polish Financial Supervision Authority (UKNF), we decided to introduce additional protection in the form of multi-factor authentication mechanisms based on FIDO. As a result, users of our applications can log in safely, avoiding common cyber threats such as phishing, account takeover, and theft of their own and their clients’ data.

Marcin Bobruk



We are excited to partner with Secfense to enhance our user access security for our web apps. By integrating their User Access Security Broker, we ensure seamless and secure protection for our applications and systems, delivering superior security and convenience to our customers.

Charm Abeywardana

IT & Infrastructure

Visium Networks

Before investing in Secfense, we had the opportunity to talk to its existing clients. Their reactions were unanimous: wow, it’s so easy to use. We were particularly impressed by the fact that implementing their solution does not require the involvement of IT developers. It gives Secfense a huge advantage over the competition, and at the same time opens the door to potential customers who so far were afraid of changes related to the implementation of multi-factor authentication solutions.

Mateusz Bodio

Managing Director


Even when the network and infrastructure are secured enough, social engineering and passwords can be used to gain control of the system by attackers. Multifactor authentication is the current trend. Secfense addresses this and allows you to build zero trust security and upgrade your current systems to passwordless applications within minutes, solving this problem right away,” said Eduard Kučera, Partner at Presto Ventures and cybersecurity expert – former Director in hugely successful Czech multinational cyber security firm Avast.

Eduard Kučera


Presto Ventures

One of the biggest challenges the world is facing today is securing our identity online. That’s why we were so keen to have Secfense in our portfolio. They make it possible to introduce strong authentication in an automated way. Until now, organizations had to selectively protect applications because the deployment of new technology was very hard, or even impossible. With Secfense, the implementation of multi-factor authentication is no longer a problem, and all organizations can use the highest standards of authentication security.

Stanislav Ivanov

Founding Partner

Tera Ventures

Two-factor authentication is known to be one of the best ways to protect against phishing; however, its implementation has always been difficult. Secfense helped us solve that problem. With their security broker, we were able to introduce various 2FA methods on our web applications at once.

Dariusz Pitala

Head of IT