Digital transformation in the healthcare industry is giving rise to care pathways that are increasingly peppered with digital experiences, many of which are made possible by the internet of things (IoT). As this phenomenon grows, IoT security has emerged as a top concern. In fact, 60% of healthcare organizations have introduced IoT devices into their facilities, and a whopping 87% plan to implement IoT technology by 2019, more than any other industry. With patient records and sensitive data at the core of the healthcare experience, the stakes are high.
IoT Security & Healthcare: A Grave Concern
In a recent survey of over 3,000 IT and business decision-makers in the healthcare industry, 89% indicate that they’ve already suffered from an IoT security breach. While devices can be enlisted into botnets, rendered useless, or used to access personal information, perhaps the most terrifying risk is that attackers have the potential to directly control medical equipment, with potentially fatal consequences.
In the battle to establish virtually impenetrable, layered IoT security for healthcare, it’s not only important to secure the devices themselves, but the networks that connect them. That’s why Integron, a healthcare IoT leader managing over one million devices, selected NetFoundry to integrate into its healthcare IoT security strategy, ensuring the protection of personal medical data. The partnership allows Integron to embed the NetFoundry platform within their managed service solution, providing improved flexibility, configurability, and time-to-market control for IoT private networks, and IoT security for their deployments.
Be sure to visit NetFoundry and Integron at the Connected Health Conference in Boston’s Seaport Hotel & World Trade Center from October 25th – October 27th at booth 115, where we’ll be demonstrating the power of our partnership live.
NetFoundry’s layered security architecture isolates and protects data flows through a combination of features such as military-grade, fragmented data streams and encryption. It results in a private, dark network, protecting patients and providers end-to-end. There are five primary layers to NetFoundry’s security architecture:
Security Layer One: Authenticate-Before-Connect
NetFoundry authenticates endpoints before the endpoints are given network access. This authenticate-before-connect security paradigm is becoming a best practice with advocates including the Cloud Security Alliance (“Software Defined Perimeter”), US Defense Information Systems Agency (“black cloud”) and Google (“BeyondCorp”).
Security Layer Two: Least Privilege Access (LPA)
Each authenticated endpoint is only given the access it needs, as defined by the security polices of the business. LPA enables app-level, centralized (one IAM policy across apps and network), micro-segmentation. For example, an IoT device may be diverted to a honeypot network depending on its identity or location.
Security Layer Three: Dark Network
Protected endpoints open an outbound connection to the private NetFoundry network overlay which “listens” for authorized data. The NetFoundry software denies any packets which have not been authorized, making the network dark. Even if a device inside the network is vulnerable, NetFoundry masks the deficiency by rejecting the externally originated attempts before they can reach the vulnerable device.
Security Layer Four: Data in Motion Protection
NetFoundry uses strong encryption, on demand. NetFoundry partnered with Dispersive Technologies to incorporate Dispersive’s session splitting technology, which is currently used for the transmission of US power grid data, and fragments each individual data session into multiple, individually encrypted data flows.
Security Layer Five: Move the Attack Surface away from the Business
NetFoundry manages infrastructure at data centers around the world, including data transit nodes, proxies, session border controllers, and security infrastructure. These data centers move the attack surface to the highly resilient and protected NetFoundry core, and away from healthcare IoT networks, assets, patients, and data.
The integrated solution will become part of Integron’s complete portfolio of managed IoT services, which also include device and wireless management. Integron’s managed services provide business agility and ongoing operational management for IoT deployments in a range of industries, including healthcare, smart energy, and transportation.