Meditology provides consulting services to assist healthcare organizations address pressing IT and Risk Management challenges.

Technical Security Testing & Ethical Hacking

Recent high-profile breaches of healthcare entities have underscored the need to find your organization’s security weaknesses before the bad guys do. IT architecture, applications, and configurations change on a daily basis; technical assessments and ethical hacking simulations provide critical protection for the organization’s assets and sensitive information including PHI. 

Meditology has deep technical experience performing penetration testing (also called ethical hacking) assessments for healthcare organizations. 

Our Approach Includes:

  • Identifying exploitable security vulnerabilities and insufficiently configured security controls to determine the likelihood that an individual with little or no prior knowledge of the environment (e.g., an uninformed outsider or an insider) could obtain unauthorized access to internet-facing and internal resources.
  • Following a “path of least resistance” methodology. Our focus is on attempting to access resources by pursuing those security weaknesses that required the least amount of time and effort to exploit. 
  • Key components for testing:
    •    Simulating a malicious hacker focused on getting access to assets through the Internet, wireless access points, social engineering or physical access.
    •    Simulating a contractor, business partner, or an internal employee intent on stealing information, manipulating data to commit fraud or damaging systems.
    •    Identifying strengths and weaknesses of the current technology environment.
    •    Performing root cause analysis and identifying areas to improve security.

Our Services Include:

  • Ethical hacking

  • Phishing

  • Social Engineering

  • Web Application Security Assessments

  • Physical Security Testing

  • Wireless Security Assessment

  • Password Auditing

  • Mobile Health App Assessments