Medical devices are one of the top tech resources healthcare organizations leverage for data-driven care. But the reality is that many medical devices are not secured and can pose a health risk for patients—and a data privacy risk to healthcare systems. As healthcare IoT devices proliferate, their firehose of data must be contained and secured from within the network.
The top security challenges faced by modern medical devices are:
Lack of Security Controls and Processes
Many healthcare legacy systems lack essential cybersecurity controls. A comprehensive set of policies, procedures, and controls is essential for a secure network—especially if that network includes vulnerable endpoints like medical devices.
Too Much Downtime
Long downtimes for patching systems is a challenge because healthcare operations run 24/7. Other industries may be able to shut down their services for a few hours in the middle of the night to address security updates, but for the medical industry this puts patient lives at risk.
Lateral Movement Not Contained
Health system networks often lack the basic segmentation necessary to limit lateral movement. If all devices can talk to one another and be accessed from the same points, accessing medical devices (and their data) through the network becomes dangerously easy.
Risks of Unsecured Medical Devices
The juncture of IT and healthcare creates a crossroads where technology supports human life. In this case, security isn’t a nice to have, it’s a hands-down must-have. In broad terms, the influx of medical devices increases the attack surface of an internal network, allowing a greater opportunity for more devices to have exposed vulnerabilities. In many cases, these types of devices run uniquely modified operating systems and firmware that aren’t patched and updated as frequently as other common endpoints. In some extreme cases, medical device vendors and manufacturers don’t release patches or firmware updates at all.
This increased attack vector can allow for malware, or even ransomware, to proliferate throughout an environment, increasing the chances that critical data could be stolen or critical systems interrupted. This affects the quality of care the patient receives and could even put their life at risk. Following a data or systems breach, healthcare providers can suffer damage to their reputation and a resulting loss of revenue.
And, although medical device manufacturers are required to follow certain security protocols, ultimately it is the responsibility of the healthcare provider to ensure security is upheld where device meets network.
Solutions for the Top Medical Device Security Challenges
When presented with the daunting challenge of securing these types of devices, there are two critical areas that should be imperative to every strategy—network segmentation and configuration management database (CMDB).
In most scenarios, network segmentation is table stakes. Most healthcare organizations have at least attempted to roll out a network segmentation strategy throughout their enterprise campus network. But the many challenges of understanding the full inventory of medical devices, firmware, ownership, etc, make a proper CMDB the precursor to effective segmentation.
Network segmentation, or zero trust segmentation, requires in-depth knowledge of what is connected to the network to determine the proper policies for each device. Having a robust CMDB helps the network segmentation strategy become successful. Without visibility into what is attaching, it is hard to determine where access should be allowed.
Network segmentation provides improved visibility and monitoring and is often the primary driver of medical device security. For example, without proper segmentation, a user of a hospital’s guest wi-fi could gain unchallenged access to critical systems and data.
Segmentation allows network traffic to be isolated and filtered in order to limit and prevent access between network areas, VLANs or even individual switchports. There are several ways to approach network segmentation, all dependent on how granular the isolation needs are. Segmentation, in a traditional sense, can be managed with firewalls and access-lists segmenting specific VLANs and subnets. But ideally, to truly prevent lateral movement, switchports can be isolated with Network Access Control (NAC) solutions such as Cisco ISE (Identity Services Engine). NAC allows for dynamic profiling of every switchport and dynamic application of access-lists per device type.
Ultimately, a roll-out of a NAC solution comes with many challenges. Where many of these roll-outs fail is with a less-than-full understanding of all the different medical devices that need unique profiles. This is where a mature CMDB comes into play.
Network segmentation tools usually don’t have a robust database containing the many medical devices that will attach to the network, therefore leading to many “unknown device” scenarios and gaping holes in the security policy. The CMDB will help achieve a more precise inventory of what is actually on the network.
By collecting and documenting a centralized source of truth, it allows organizations to fully understand their medical device inventory. Contributing to a CMDB allows organizations to understand who owns and supports each device, but most importantly it provides access data that helps identify risks.
Leveraging ServiceNow Discovery and CMDB, and committing to maturing the data allows for more fruitful and reliable data within the ServiceNow platform (i.e. ITSM, GRC, etc.). In the example of ServiceNow, there are also plugins to help enrich the medical device data even more, which then allows for firmware management and patch management. This is really the first line of defense in medical device security—a proper understanding of what you are securing in the first place.
To learn more about securing medical devices on our network, reach out to me firstname.lastname@example.org.