Best Practices and Security Considerations Document
This document outlines the Minimum Baseline Security Standard (MBSS) where the core security principles and best practices tailored specifically for OpenMRS implementations are defined. It covers essential areas including network security, server hardening, data protection, authentication and authorization.
This work was contributed by IntelliSOFT Consulting Ltd. in September 2024 thanks to a generous grant from Digital Square for CyberSecurity improvement work, organized by OpenMRS Inc.
Table of Contents
Table of Abbreviations and Acronyms
Abbreviation/Acronym | Full Form |
GDPR | General Data Protection Regulation |
HIPAA | Health Insurance Portability and Accountability Act |
HSTS | HTTP Strict Transport Security |
IDS | Intrusion Detection System |
MFA | Multi-Factor Authentication |
MBSS | Minimum Baseline Security Standard |
OpenMRS | Open Medical Record System |
SQL | Structured Query Language |
SSH | Secure Shell |
SSL/TLS | Secure Sockets Layer/Transport Layer Security |
VLAN | Virtual Local Area Network |
WAF | Web Application Firewall |
XSS | Cross-Site Scripting |
Introduction
The Minimum Baseline Security Standard (MBSS) is a foundational set of rules designed to safeguard information systems. It is a framework that provides a basic level of protection against cyber threats.
This document outlines the Minimum Security Baseline for OpenMRS implementations, addressing common security considerations and best practices tailored to the needs and constraints of OpenMRS implementers. This baseline aims to enhance the security posture of OpenMRS deployments and protect sensitive health information.
The Core Principles of Minimum Baseline Security Standards
At its core, MBSS focuses on three critical aspects of information security:
Confidentiality: Protecting sensitive information from unauthorized access, disclosure, or misuse. This ensures that only those with legitimate business needs can view or use data.
Integrity: Maintaining the accuracy and completeness of information. This prevents data from being modified, destroyed, or corrupted.
Availability: Ensuring that information and systems are accessible when needed. This prevents disruptions to business operations due to system failure or cyberattacks.
To achieve these objectives, MBSS encompasses several key areas:
Network Security
Network Security involves protecting the integrity, confidentiality, and availability of computer networks and their data. For OpenMRS implementations, securing the network environment is crucial to prevent unauthorized access and data breaches. To ensure the network is secure it is good to practice network segmentation practices in any health facility.
Below is a diagram illustrating Network Segmentation:
To protect workloads consider:
Group like workloads together (such as databases) into zones.
Segmentation - Use tools such as firewalls to isolate some groups from others, this practice can substantially limit exposure and isolate sensitive systems and data.
Use Virtual Local Area Networks (VLANs) to separate different types of traffic.
Firewall Configuration:
Deploying a firewall is essential to restrict unauthorized access to the OpenMRS server. Properly configured firewalls help control incoming and outgoing traffic based on predetermined security rules.
Port Management:
Managing network ports is vital to minimize exposure to potential threats/attacks by limiting exposure to necessary ports i.e. ssh, and MySQL, organizations can significantly reduce their attack surface.
Server Security
Server security focuses on protecting the server infrastructure that hosts the OpenMRS application. It includes measures to harden the operating system, manage patches, and control access to the server.
Operating System Hardening:
Operating system hardening involves configuring the OS to minimize vulnerabilities.
This includes:
disabling unnecessary services,
applying security patches, and
following best practices for secure configurations.
Server Patch Management
Regularly apply security patches and updates. This is critical for protecting the OpenMRS server and its dependencies from known vulnerabilities. An effective patch management strategy reduces the risk of exploitation. To be effective always monitor any announcements for critical updates for OpenMRS.
Access Control
Access control ensures that only authorized personnel can access the server. Implementing strict access controls helps mitigate the risk of unauthorized access and potential data breaches.
Data Security
Data Security encompasses the measures taken to protect sensitive information from unauthorized access, corruption, or theft. For OpenMRS, safeguarding patient data is of utmost importance.
Best Practices for protecting your data are as follows:
Data Encryption.
Data Backup and recovery measures.
Data access control.
Data Masking.
Authentication & Authorization
Authentication and authorization are critical components of security that ensure only legitimate users can access the OpenMRS system and its data. Strong mechanisms help
prevent unauthorized access.
Basic principles of authentication & authorization
Strong Authentication
Implement multi-factor authentication (MFA) for all user accounts.
Use strong password policies, requiring complexity and regular changes.
Password Management
Enforce password length and complexity requirements.
Implement account lockout policies after a defined number of failed login attempts.
Role-Based Access Control
Define user roles and permissions based on the principle of least privilege.
Regularly audit user access and roles for compliance.
Application Security
Application security entails safeguarding the OpenMRS application from vulnerabilities and attacks throughout its life cycle. Implementing safe coding methods and performing frequent upgrades is critical for ensuring application integrity.
OpenMRS Configuration
To minimize risks, OpenMRS must be configured in accordance with security best practices. This involves turning off superfluous features and ensuring security settings are in place.
Module Security
Regularly upgrading OpenMRS modules and examining them for known vulnerabilities ensures that the application is safe and resistant to exploitation. Always disable unnecessary modules and features that are not in use.
Input Validation
Input validation is an important security precaution that involves checking and cleaning user inputs to avoid common vulnerabilities like SQL injection and cross-site scripting (XSS).
Incident Response and Monitoring
Incident Response Plan
Create an incident response strategy that outlines roles, responsibilities, and processes for reacting to security issues.
Run frequent drills to guarantee preparedness.
Security Monitoring
Use security monitoring tools to detect and alert to questionable activity. Use IDS and log monitoring tools.
Log Management
Enable logging on all key systems and apps.
Review and analyze logs on a regular basis to detect security events and abnormalities.
Compliance & Governance
Compliance:
Ensure compliance with applicable laws and regulations, including HIPAA, GDPR, and local healthcare legislation.
Conduct periodical audits to determine compliance.
Security Policies
Create and follow security policies, procedures, and recommendations.
Policies should be reviewed and updated on a regular basis to reflect technological and regulatory developments.
Training and Awareness
Offer continuing security training and awareness initiatives to all users, administrators, and developers.
Encourage a culture of security throughout the organization.
Tomcat Security
Tomcat minimum baseline security standards focus on securing the application server and its deployment applications. Key control points include:
Configuration:
Removal of unnecessary files and directories.
Disabling unused HTTP methods (Like TRACE, OPTIONS)
Configuring strict SSL/TLS settings
Limiting log file size.
Access Control:
Restricting access to Tomcat directories and configuration files.
Implementing role-based access control for applications.
Protecting web applications from common vulnerabilities (SQL injection, cross-site scripting)
Security Headers:
Enabling HTTP security headers (HSTS, X-Frame-Options, Content-Security-Policy)
NGINX Security
NGINX security focuses on securing the web server and its served content. Key control points include:
Configuration:
Disabling unnecessary modules
Configuring error pages to avoid revealing sensitive information
Limiting request headers and body sizes
Implementing rate limiting to prevent denial-of-service attacks
Access Control:
Using IP-based access control lists
Configuring strong authentication mechanisms
Implementing WAF (Web Application Firewall) rules
SSL/TLS:
Using strong cipher suites
Enabling HTTP Strict Transport Security (HSTS)
Apache MBSS
Apache MBSS focuses on securing the web server and its served content. Key control points include:
Configuration:
Disabling unnecessary modules
Configuring error pages to avoid revealing sensitive information
Limiting request headers and body sizes
Implementing rate limiting to prevent denial-of-service attacks
Access Control:
Using .htaccess files for directory-level access control
Configuring strong authentication mechanisms
Implementing WAF (Web Application Firewall) rules
SSL/TLS:
Using strong cipher suites
Enabling HTTP Strict Transport Security (HSTS)
Conclusion
Implementing this Minimum Security Baseline for OpenMRS will assist to reduce risks and safeguard sensitive health information. Regular assessments and revisions to this baseline are required to respond to emerging risks and changes in the technological ecosystem. It is a necessity in today’s threat landscape to implement these security practices.
Moreover, MBSS goes beyond protecting assets. It empowers implementers to become active participants in security. By fostering a culture of security awareness adopting best practices, and contributing to a more secure work environment.
For more detailed content, see the section Sample Security Guidance & Policy Documents