As hospitals and other healthcare facilities continually introduce new IoT devices for a variety of administrative and patient care functions, they face a considerable challenge.
Every new IoT endpoint that’s added expands the attack surface of the network, increasing the threat of cyberattacks.
The risks are considerable
Today, the need to safeguard a hospital’s business critical applications and patient data is more critical than ever. Healthcare is one of the industries most susceptible to cyberattacks. And healthcare organizations have the highest costs associated with data breaches
: $408 per lost or stolen record—nearly three times higher than for organizations in other industries. The costs to address these breaches are considerable, and have been known to run as high as $350 million.
To complicate the security challenges even further, many IoT devices used in healthcare are difficult to patch, and those that require firmware updates have to undergo lengthy validation and quality assurance.
A path to mitigation
More and more healthcare organizations are using microsegmentation to safeguard their critical assets. This involves creating small, restricted segments of a network—proactively controlling which parts of the network IoT devices can access as well as defining and sectioning off groups that can only communicate with one another.
The process begins with network administrators identifying device segments based on their functions, so only those devices that need access to critical infrastructure resources will be given it.
Another advantage of microsegmentation is that it limits the ability of infections to spread from one device to another across a network. For that reason, some hospitals prefer to maintain a separate network dedicated exclusively to IoT devices.
Segmentation doesn’t only apply to networks and devices—healthcare facilities should segment users too, and limit their access to network resources. For example, not everyone in a hospital needs the ability to send and receive external email—a prime source of phishing and ransomware attacks.
One of the best things healthcare providers can do is to map data flow between their different systems. That way, they can simplify rule creation for virtual firewalls and make it easier to identify potentially dangerous network traffic.
Safeguard healthcare assets effectively
If you have a healthcare customer that is concerned about IoT security, talk to them about microsegmentation. To learn more, reach out to the Ingram Micro IoT team at US.IoT@ingrammicro.com