Palo Alto secures IoT medical devices

  • December 19, 2022
  • Steve Rogerson

California-based Palo Alto Networks has announced a medical IoT security system to protect connected devices critical to patient care.

As healthcare providers use digital devices such as diagnostic and monitoring systems, ambulance equipment, and surgical robots to improve patient care, the security of those devices is as important as their primary function.

Palo Alto Networks has developed a medical IoT zero-trust security system for medical devices, helping healthcare organisations deploy and manage new connected technologies quickly and securely. Zero trust is a strategic approach to cyber security that secures an organisation by eliminating implicit trust by continuously verifying every user and device.

“The proliferation of connected medical devices in the healthcare industry brings a wealth of benefits, but these devices are often not well secured,” said Anand Oswal, senior vice president at Palo Alto Networks. “For example, according to Unit 42, an alarming 75% of smart infusion pumps examined on the networks of hospitals and healthcare organisations had known security gaps. This makes security devices an attractive target for cyber attackers, potentially exposing patient data and ultimately putting patients at risk.”

While a zero-trust approach is critical to help protect medical devices against innovative cyber threats, it can be hard to implement in practice. Through automated device discovery, contextual segmentation, least privilege policy recommendations and one-click enforcement of policies, the medical IoT security system delivers a zero-trust approach in a seamless, simplified manner. It also provides threat protection through seamless integration with Palo Alto Networks’ cloud-delivered security services, such as threat prevention and URL filtering.

Machine learning (ML) is used to let healthcare organisations create device rules with automated security responses.They can easily create rules that monitor devices for behavioural anomalies and automatically trigger appropriate responses. For example, if a medical device that typically only sends small amounts of data unexpectedly begins to use a lot of bandwidth, the device can be cut off from the internet and security teams can be alerted.

Automate zero-trust policy recommendations enforce least-privileged access policies for medical devices with one click using Palo Alto Networks firewalls or supported network enforcement technologies. This eliminates error-prone and time-consuming manual policy creation and scales easily across a set of devices with the same profile.

The system can access each medical device’s software bill of materials and map them to common vulnerability exposures. This mapping helps identify the software libraries used on medical devices and any associated vulnerabilities. Users get immediate insights into the risk posture of each device, including end-of-life status, recall notification, default password alert and unauthorised external web-site communication.

It helps users easily understand medical device vulnerabilities, patch status and security settings, and then get recommendations to bring devices into compliance with rules and guidelines, such as the HIPAA, GDPR and similar laws and regulations.

Users can visualise the entire map of connected devices and ensure each device is placed in its designated network segment. Proper network segmentation can ensure a device only communicates with authorised systems.

Two dashboards allow IT and biomedical engineering teams each to see the information critical to their roles. Integration with existing healthcare information management systems, such as Aims and Epic Systems, helps automate workflows.

Healthcare organisations are using Palo Alto Networks products to secure the devices that deliver care to millions of patients all over the world.

“Establishing and maintaining acute situational awareness of the internet of medical things (IoMT) environment is paramount to establishing an effective enterprise cyber-security programme,” said Tony Lakin, CISO at the Moffitt Cancer Center. “The ability to accurately detect, identify and respond to cyber threats is critical to ensuring minimal operational impact to clinical operations during a cyber event. Palo Alto Networks IoT capability seamlessly integrates with our continuous monitoring processes and threat-hunting operations. The platform consistently provides my teams with actionable information to allow them to proactively manage the threat surface of our medical device portfolio.”

Bob Laliberte, principal analyst at ESG, added: “With thousands of devices to manage, healthcare environments are extremely complex and require intelligent security capable of doing more. Palo Alto Networks understands this requirement and is leveraging ML for medical IoT security. Adding intelligence will enable providers to improve operational efficiency, which will enhance patient and practitioner experience and alleviate the burden of an ongoing IT skills shortage.”

And Ed Lee, research director at IDC, said: “Healthcare providers continue to be high-value targets for attackers. This reality, combined with the diversity of medical IoT devices and their inherent vulnerabilities, points to a real need for device security that is purpose-built for healthcare use cases. The ability to defend against threats targeting critical care devices while maintaining operational availability and strengthening the alignment of device governance responsibilities between IT and biomed engineering teams is quickly becoming a necessity for the protection of patient data and lives.”