Can Healthcare Device Security Improve Without Starting at the Network Traffic Layer?


In today's world of healthcare, thousands of connected devices rely on one another, such as infusion pumps, imaging equipment, badge readers, controllers of H/VAC, clinical stations and tele-health endpoints. A majority of these types of devices do not support security agents, can't be patched and were not designed with cybersecurity in mind; they were simply designed to provide safe reliable clinical care. 

Here are some real-world observations related to the above statement:

• There are substantial amounts of valuable traffic signals that are generated on connected medial and facility devices

• Many of the devices cannot be secured by the use of traditional endpoint controls

Packet-level visibility can provide insight into device behaviour patterns, communications, and risk

• Optimized delivery of traffic helps improve the accuracy of asset discovery and monitoring tools

• Network evidence can support security compliance and incident investigation processes

There is a common myth with regard to connected device security - that it is a matter of just having an accurate asset inventory. This is not entirely correct; the asset inventory is only one aspect of the overall program. The healthcare team must also determine how the devices communicate, if the device is utilizing encryption properly, which external services the device is communicating with, and whether or not lateral communications are taking place on the network. 

The bottom line is that connected medical device security will be improved as the foundation for packet-level visibility. By capturing, enriching and intelligently delivering network traffic, a security team will have enhanced visibility of all medical devices (or assets) as well as other healthcare assets that operate on the healthcare network as well as cloud-based services.

Sharing the full breakdown below for anyone who wants to explore how packet-level visibility supports connected device security in healthcare: https://aviznetworks.com/guide/cisco-guide-to-hippa-compliance-in-healthcare/download


Comments

Popular posts from this blog

Evolving Packet Brokering for Modern Network Observability

Scaling Deep Network Observability for 5G: Reflections from a Real Deployment

How Network Copilot Uses Agentic AI to Correlate FortiGate and Splunk