Increasing IoT Protection for Healthcare

5thColumn and Cisco have collaborated to create a security ecosystem to help the healthcare industry address all key security objectives. An architectural approach is required for preventing the loss of employee and patient data, all IOT equipment, and ensuring compliance.

 

When healthcare providers accelerate their investments in technology as ways to increase efficiency and reduce costs, they open their network and data to increased risk. In a recent study by PWC, healthcare CEOs view breaches in data security and ethics as the number one risk to their organizations. One of the main contributions to this growing concern is the amount of IoT devices that are being deployed company-wide. Any connected device in any industry poses a risk, but connected devices in healthcare make patient’s personal records (social security number, home address, bank accounts, etc.) vulnerable for a breach if there is an attack targeted at the provider.  

 

When Hollywood Presbyterian Hospital was hit by Ransomware in 2016, patients had to be transported to other facilities and their computers and connected devices were down for over a week until the hospital paid the ransom in bitcoin.

 

IoT devices are purpose-built, non-standardized, and run a vast array of software, making them much more difficult to manage centrally. Even with the advent of BYOD, the number of different endpoint types an IT department has to manage is relatively limited compared to the panoply of IoT devices (NetworkWorld).

 

On August 2nd, 2017, legislation was introduced that aims to deal with a number of major security vulnerabilities presented by the massive amount of internet-connected devices now present in homes and businesses throughout the U.S. and the rest of the world (International Business Times).

 

POTENTIAL THREATS

 

NETWORK ACCESS CONTROL: Healthcare organizations are riddled with IP enabled devices that are both difficult to secure and control. As such providing context based network segmentation is an important compensating control. Allowing those devices necessary network access while ensuring that any type of breach sourced by those IoT devices is contained in the network segment has shown to be an effective strategy at addressing device based security shortcomings.

 

MALWARE: The healthcare sector is at particular risk of being attacked by various forms of malware. A proper defense to these types of attacks should include continuous monitoring of the entire enterprise for exposed network services, as well as other exploitable conditions along with complete segregation of sensitive data assess (IoT devices) from public internet access. Additionally, internal networks should segregate portions of the local intranet which is used for administrative tasks from portions of the network used for inter connected medical equipment.

 

SOLUTIONS

 

IDENTITY SERVICES ENGINE: Cisco’s Identity Services Engine (ISE) provides centralized and highly unified secure access control based on business role to provide a consistent network access policy for end users whether they connect through a wired or wireless network or VPN.

 

NEXT GENERATION FIREWALL: Cisco’s Next Generation Firewall (NGFW) blocks more threats and quickly mitigates those that do breach with the industry’s first threat-focused NGFW. The NGFW appliances combine our proven network firewall with the industry’s most effective next-gen IPS and advanced malware protection.

 

OpenDNS: OpenDNS creates a layer of cloud-delivered protection in the network security stack, both on and off the corporate network. Umbrella prevents command & control callbacks, malware, and phishing over any port or protocol.

 

MANAGED SERVICES: 5thColumn’s managed services are offered as a ‘Software as a Service’ (SaaS) suite. The SaaS suite is entirely focused around our proprietary platform, BOSS™. Our managed services focus on simplifying day-to-day security operations while also providing expert security services.

 

Customers receive the expertise of our experienced and business-oriented staff, expert systems, and standards-based consistency.

 

These services provide for an infrastructure that is scalable, customizable, and cost effective.

 

BOSS™: BOSS™ is a next-generation security events correlation engine that simplifies security infrastructure operations and maximizes customer ROI. BOSS™ consumes and normalizes large volumes of data without introducing substantial delays while integrating up-to-date security intelligence in threat detection. In addition, BOSS™ also:

  • Accurately and reliably isolates potential threats through analysis, enrichment and tagging of collected information
  • Validates and substantiates potential threats
  • Calculates the most effective mitigation tactic based on available technologies
  • Reports on validated and substantiated threats via dashboard/alerts

 

For more information on our solutions for healthcare providers, please get in touch with us here or email Alison Gleisner at alison@5thcolumn.net.