Florian Malecki of Dell Networking Security discusses the threats associated with connected medical equipment and how these can be overcome
In this article, Florian Malecki of Dell Networking Security discusses the threats associated with connected medical equipment and how these can be overcome
High-speed mobile networks and public Wi-Fi mean we are living in a connected world. In healthcare, connected equipment is nothing new and internet-connected devices are regularly used in patient care particularly in tracking health-related data. However, with the advent of the Internet of Things, where smart beds will inform other devices that a patient got out of bed, or a medicine bottle will know when a daily dose has not been taken, this means that it has never been more important to ensure that the healthcare IT infrastructure is secure.
Connected medical equipment in hospital wards allows doctors and nurses to monitor vital readings from a patient without having to attend the patient’s bedside, giving the patient and family more room and freedom. Nobody wants to be in hospital, but when this happens, the patient often wants to leave as quickly as possible. By using technology to keep a watchful eye over all patients in the ward, doctors are able to provide all patients with the best possible care.
Medical equipment connects to a central station by sending out data using the IP address built into its software, enabling devices to be added on to the hospital network. This essentially means that the hospital has put the device online. By doing so, there are many benefits that can be achieved, such as cutting down the amount of time a duty nurse needs to spend with each patient, to being immediately alerted if a patient requires urgent attention, such as when any administered intravenous fluid is running low, for example.
With connected equipment, nurses can monitor all patients from afar, confident that the data they are receiving is accurate and allowing them to quickly respond to any alerts that may be raised on their system
There is still a level of scepticism around putting these types of devices online. However, it is something that can be beneficial and safe if protected correctly and can be achieved at a minimal cost. We hear from customers across a range of industry sectors from energy, to healthcare, to education, that there are many perceived risks with connected infrastructures, such as a 100% increase in attacks in SCADA Networks. However, it is important to remember that there are security solutions available that can secure these networks, ensuring that patients are not put at risk.
Take patients with diabetes as one example. Doctors and nurses need to monitor insulin levels to ensure they are within the ‘safezone’. Traditionally, teams on medical wards have to manually check the levels with each individual patient. However, with connected equipment, nurses can monitor all patients from afar, confident that the data they are receiving is accurate and allowing them to quickly respond to any alerts that may be raised on their system.
In order to secure these networks effectively, it is important to work with a security solutions vendor that is able to understand your business. There are many security vendors in the market place that offer solutions which can protect individual areas of the network. However, often these solutions cannot communicate with others deployed across the network, potentially leaving certain areas of the network unprotected.
The deployment of a Next Generation Firewall, for example, can help to block threats, ensuring that hospital networks are well protected without putting patients at risk
When looking to protect the corporate network, it is advisable to implement a connected security infrastructure. This is where all of the individual security solutions are able to communicate with others that are deployed. By allowing these to communicate, hospital IT teams are able to ensure that all of the infrastructure is fully protected from a multitude of online-based threats. The deployment of a Next Generation Firewall, for example, can help to block these threats, ensuring that hospital networks are well protected without putting patients at risk.
If hospitals were to implement connected healthcare equipment without protecting the network, there is serious danger that cyber-criminals can access the network and tamper with settings, silence notifications, and even switch machines off. Needless to say, if this was to occur, the impact for the hospital would be catastrophic. On top of this, there needs to be effective management of privileged access on a remote level. The system needs to ensure that third-party engineers managing pieces of equipment, such as MRI scanners, are controlled through the gateway and don’t have access to patients’ files.
Each segment of the healthcare community enjoys its own benefits from secure connectivity and access to the other constituencies. But each link is critical and must be secured against delay, disruption and data loss or corruption.
If hospitals were to implement connected healthcare equipment without protecting the network, there is serious danger that cyber-criminals can access the network and tamper with settings, silence notifications, and even switch machines off
While security was traditionally to be seen as an extra layer of technology, it is now an integral consideration for even the most-basic functioning of an extended network that can include the broader distributed operations of the healthcare community including hospitals, doctors’ offices, ancillary services, pharmacies, medical suppliers, and business services.
Wireless networks undoubtedly provide an efficient way for healthcare organisations to disseminate information, but if a wireless network is not properly secured, it’s vulnerable to hackers. They could even sit outside the hospital and hack into the network through wireless access points. Similarly, remote and mobile access enables doctors and nurses to continue to deliver patient care even when on the road, from home or from another hospital location. In fact, it is now possible for a rural clinic to be sent X-ray images from a city-centre hospital and transfer a patient’s records to the nearest major hospital all with the push of a button, but a secure network must always be used.