In a second article in our two-part series on the security vulnerabilities related to the Internet of Things (IoT), we offer a closer look at the growth and challenges of IoT in the healthcare industry including wearables and other connected devices. In this article, we examine the lack of security presented by the use of IoMT and an innovative new approach to address these concerns.
How to Address Security Challenges Caused by Internet of Medical Things (IoMT) Devices
We recently posted a blog article on the topic of IoT security, where we looked at the vulnerabilities these devices pose, why traditional security solutions such as endpoint detection and response (EDR) don’t work, and how an innovative new security approach from ARIA Cybersecurity Solutions can overcome these challenges.
Related resource: For more information, download our new eBook, “New Challenges Call for New Solutions: Advances in IoT Cybersecurity,” today.
In this follow-up article, we’ll take a deeper dive into IoT security by exploring the Internet of Medical Things (IoMT). We’ll highlight five different kinds of IoMT devices and technology, show how they inadvertently contribute to security issues, and describe how a new solution from ARIA Cybersecurity can now address these IoMT security challenges.
Why do we need IoMT security?
Today, IoT devices are growing in number--and growing quickly. Gartner forecasts that over 20 billion devices will be deployed by the year 2020, a great many of which will be IoMT devices. Yet IoT and IoMT devices are notoriously difficult to secure, leading to a significant security risk.
Why is this? Every unsecured network-connected device in your environment represents a security risk that, if not addressed, can contribute to much larger, more significant issues such as patient health and safety. Other adverse effects could include the loss of patient health information (PHI) and other data exfiltration, failure to comply with HIPAA, unauthorized access and use of important healthcare systems, and more.
Today, IoMT has rendered traditional perimeter security virtually obsolete. Once an attack has successfully gotten inside the network, the security solutions in place can likely not stop it, because they don’t have complete visibility of the network traffic (particularly east-west). The visibility problem is exacerbated by the fact that most of the IoMT devices can’t be detected by security resources. One final point is that it’s possible that certain devices have been authorized to access the network. All of these together present a serious gap to exploit; so once a malicious actor is inside, they can move within and across the network gaining access to all of the data and assets on the network.
It’s also worth pointing out that IoMT devices are generally not designed with security in mind, either for the device itself or the data it collects. As described in our first article on IoT, these devices generally have limited compute power and memory capacity, both of which make it difficult (if not impossible) to host EDR software. Until this is resolved, IoMT devices will continue to contribute to security concerns and potential data breaches.
Hospitals and healthcare organizations must balance the benefits IoMT technology provides while making sure that they have the right policies and protocols in place for true IoMT security. Yet clearly IoMT devices are here to stay and present valuable technology to monitor patients’ health, sustain proper body functions, and transmit important data to doctors and medical teams.
Five types of IoMT devices
As the trend of IoT continues to explode, the number of IoMT devices will also climb. Currently there are many different types of IoMT devices in the following categories:
A new approach to securing the IoMT
When it comes to managing IoMT security, there are three major considerations:
To provide these capabilities, and in turn, develop better IoMT security, ARIA Cybersecurity Solutions recently released powerful new capabilities within the ARIA Software-Defined Security (SDS) platform. This solution can now detect and monitor IoMT devices by inspecting network data as it flows from these devices. The ARIA Packet Intelligence application successfully classifies data on the fly, and if desired capture and record, without affecting its delivery while also generating Netflow data. This provides visibility to IoMT devices in network aggregation points that are usually “one step back” in the wireline network.
Using a simple API, virtually any SIEM (security information and event management), such as Splunk ES or QRadar, can ingest this NetFlow data from network devices and applications and run it through their powerful threat model to detect and assess threats of all kinds. This ability to correlate logs and network data sourced from the ARIA SDS solution makes this combined solution extremely effective at finding difficult-to-detect network-borne threats, especially those coming from IoMT devices.
This joint solution is a real advantage. Any SIEM, a standalone solution that is so effective in preventing threats once they’re detected, can now use our APIs to integrate to ARIA SDS and improve their ability to stop specific threat conversations. The threat is prevented, while allowing critical applications to continue to operate.
This approach overcomes challenges posed by IoMT security approaches in the past. More often than not, these methods attempted to either take out the device--not an option in healthcare settings where patients’ lives may depend on these devices--or shut down those applications the device communicates with.
Now the ARIA Cybersecurity Solutions provides an easy-to-deploy solution that can secure IoMT environments by:
For more information, download our new eBook, “New Challenges Call for New Solutions: Advances in IoT Cybersecurity,” today.