Some companies are concerned that the move from traditional sources of data storage to cloud, or the adoption of the Internet of Things as a mobile solution, will leave the organization open to external data threats. This concern extends to healthcare organizations especially with regard to legacy equipment. Healthcare has been shown to be particularly vulnerable to attack, as the 2017 WannaCry ransomware attack on the U.K. National Health Service demonstrated.
There are advantages with connected health, as with other areas of the economy. Moving from a world of isolated systems – to one where systems communicate with each other and the cloud and back – allows healthcare providers to make more efficient and productive use of their assets and processes. It also enables a range of data points relating to a patient for different test results to be collated and analyzed, or sent to another facility in any part of the world. There are risks, nonetheless, with connecting up legacy systems.
To help protect the spiraling number of connected devices the modern health sector workplace, new approaches to cyber security are needed. In healthcare there are many devices that require protection, such as health monitors, control systems, IV pumps and so on. Not all of these devices were intended to be connected and this design weakness is creating a wider attack surface for cyber criminals, especially where an attack is targeted at one system which provides a gateway to other systems and potentially the entire healthcare organization.
One way to protect the wider system is to create ‘microsegments’, protecting the whole system from damage should an attack take place to one part. In essence, microsegmentation is a method of creating secure zones in data centers and cloud deployments that allows companies to isolate workloads from one another and secure them individually.
This way of setting up connected systems is recommended by security provider Unisys. Unisys has developed platform called Stealth to address the process of inputting health data and for connecting devices. Stealth ensures ‘microsegmentation’, encryption and cloaking, to better protect health data. The application is particularly useful to systems that run off older operating systems that are no longer supported by the developer, such as Windows XP. The Stealth system cordons off XP systems and renders XP endpoints dark and undetectable on a network to unauthorized users (and systems), both internal and external.
