As the use of IoT technology continues to grow in the healthcare industry, an ever-increasing number of endpoints—everything from IV pumps to glucose monitors—are being added to the networks of healthcare organizations. The more endpoints that are added, the greater the security risks to the entire network and the massive amounts of patient data that are being collected.
IoT devices present significant security challenges because they’re not designed to be integrated in enterprise networks and they don’t have sufficient security features built in.
The security risks have never been greater
The rate of patient medical record breaches reported due to hacking or unauthorized access has climbed significantly over the past few years. Hacking of medical records has gotten easier since many hospital systems have outdated, unpatched devices and vulnerabilities in their legacy systems. And since stolen medical records tend to have a higher value on the black market than stolen credit card information, cyberattacks aimed at the healthcare industry have become increasingly sophisticated.
Case in point: A report by TrapX Security Labs
found medical devices in hospitals that were infected with an advanced attack flow called MEDJACK (medical hijack), that creates a pivot point for hackers to access hospital systems. Hackers had used sophisticated attack techniques that extracted sensitive patient information without detection.
Tips on strengthening endpoint protection in healthcare organizations
Adopting security practices such as network visibility tools, network segmentation and multifactor authentication can help organizations take initial steps toward minimizing the risks these endpoints pose.
- First and foremost, it’s critical to gain a thorough knowledge of the environment:
- What devices are on what portion of the network at any given time
- Who is using the devices and who is managing them
- What the devices are being used for
- The status of security patches on all devices
- Unique identifiers on each device (like the UUID or MAC address)
- The ports that each device communicates on
- The location of all critical patient and business data on the network
- IT management and software tools like PRTG Network Monitor, vRealize Network Insight and SolarWinds can help provide this visibility.
- Ensure proper firmware levels and the patching and updating of all gateways, devices and sensors. Services like IBM Watson IoT Platform, Azure IoT Hub and Google Cloud IoT can be particularly helpful in this regard.
- Microsegmentation allows critical healthcare applications and infrastructure to be “siloed off” from the rest of the network for protection. So, healthcare organizations should consider implementing additional networking and services not typically found in vLANs. While a network is partitioned in a vLAN, a fully virtualized network allows for virtual switching, routing and firewall.
To learn more about how to help your healthcare customers beef up their endpoint defenses, contact email@example.com